Newbie operator, some questions!

Hi! I just joined my server to the pool few days ago as I have been paying my server since last few years and it is extremely underutilized till now (average load of less than 1%, I use it to host my personal blog only). I have a few questions:

  1. I configured everything according to Arch Linux’s NTP wiki (Network Time Protocol daemon - ArchWiki). Any additional configuration required for like, safety and security, in particular to the setup of NTP server? The usual things like using key based ssh login and iptables etc is already in place. Is the sample configuration given sufficient?
  2. I saw some topics on abuse of NTP servers and also getting IP blacklisted. I’m hosting my personal blog on my server too, hence I would like to know if it is okay for me to actually “involve” my server in this NTP thingy…
  3. Is it possible to change the region my server is serving? I actually saw this (Adding servers to the China zone) and I wondered if my server could be set to serve China region users only, because the target audience of my personal blog is only china users. I would be very happy to serve any regions that are in need, esp China. My server is fully accessible within China.
  4. I have another server which is IPv6 only (actually, the scaleway’s stardust instance). Is it okay to join the pool as a ntp server?
  5. Is there any sort of monitoring for NTP servers that you guys usually use? Currently I only monitored whether the NTP service is running using Zabbix.

Please let me know if I got anything wrong. I’m just trying to help out since my server is extremely underutilized (with a lot of bandwidth and performance) and I have been paying the server every year as a student, so it is completely a waste, and I’m looking to help on volunteer projects. Thanks again!

1 Like

Welcome! I started out in the same situation. I had a vastly underutilized server and figured I’d put it in the pool. I should warn you it can be addicting :laughing: – I currently have seven servers in the pool, several of which are VMs in underserved regions doing nothing but NTP.

There’s a page with some configuration recommendations here, but it’s nothing too wild. You may want to look at the rate limiting options so that broken clients that query your unreasonably frequently (i.e., every second) get ignored. Realistically it doesn’t save a whole lot.

On the abuse front – I have read several such threads here, but I have participated in the pool for more than a decade, and currently have seven servers in the pool, and don’t believe I have ever received a single abuse complaint. (Except for an incident years ago during the monlist exploit, where I neglected to patch a server and it started pushing 1 Gbps as part of a DDoS. But that just led to me fixing it and thanking them for the notice.)

The pool treats each IPv4 or IPv6 address as a separate server, so an IPv6-only host would be fine.

Personally I don’t use any sort of monitoring, but would be interested in hearing what others are doing.

1 Like

Thanks for sharing this guys.
Im also a newbee (started in Jan 2023), but im running two physical NTP appliances (Meinberg M200 and a Meinberg M300), which have monitoring built-in for many parameters.

I can really recommend using these (although they are expensive to buy).

1 Like

Appreciate your reply! It surely is addicting as hell, I was extremely happy to see my servers have traffics coming in, and that my server load is now finally more than 1% :rofl: Now everyday I have something new to check when I turn on my computer: my NTP server score haha

Thanks for your sharing on the configuration options and abuse incident. That makes me fell better and less worried about being abused, I’ll look into the rate limiting option just in case. In the coming days, maybe I will going to let my ipv6-only instance to join the pool too. It’s a bit too bad that both my VPS servers are located in europe and not any other location. I wish I could have joined my home server (in Malaysia) to the pool so that I could contribute to different location, but unfortunately we’re having a dynamic IP. Because I can see from the homepage that europe server counts are soooo huge xD

I never been so happy before in owning a server :smiley: Also some little motivation for me to keep on renewing my server contract :rofl:

1 Like

Wow, you’re on a different league bro. I didn’t even know there’s such thing as a NTP appliance, wow! I guess this would make it a NTP server higher than stratum 3?

Having an dedicated appliance does not automatically mean a lower stratum.
the stratum a server operates on is mostly dependent on the stratum of the reference source your server gets its time from (and some configuration options). The stratum of your server is the stratum of the reference source+1.