I’m planning to setup an NTP service in my lab, and joining it to the pool for public access. My plan is to run an internal/private Statum 1 appliance with a GPS sync, and then below that add one or more stratum 2 servers in my DMZ to join the pool. However, as I only have 1 public IP address, I cannot expose more than one of these directly to the public. One possible solution would be to add a load-balancer in front of the several stratum 2 servers, which would increase availability, but As the various stratum 2 servers are not 100% in sync, I’m wondering, if load-balancing between several tightly syncronized stratum 2 servers would actually do more harm than good?
How would you ensure that the same client always arrives at the same server?
TL;DR: Your instincts are right. Load balancing NTP doesn’t make sense, and can do more harm than good.
RFC8633 (NTP Best Current Practice) has a section on anycast, and the same considerations apply to load balancers.
If you have only one public IP address, expose just one stratum 2 server to the pool.
If your main goal is availability, you can use your load balancer’s failover mechanisms to only send traffic to one server at a time.
Previous thread on this: Thinking of joining, is load balancing okay?