No PR action for project and dramatic reduction in the number of active servers

Every day I see that less and less active servers in https://www.ntppool.org/zone . The project dies. It makes me extremely upset. Why don’t you do any advertising in the media?
https://nimb.ws/intAeS

Many servers are from enthusiasts. Setup server for fun and open it worldwide. Without serious purpose and special intentions. Then once you decide that you do not need it and turn off the server.
I see very few servers from companies that provide ntp as one of the official services and worried about server stability.

Another reason: there are a lot of instructions on the network how to make a time server for yourself, but there is little information on how to make good server (precision, stable, highload) for pool.

Еven bigger question: I see too big poor queries on my server. There is about 3% of “bad format”, 3% of traffic from RFC6890 subnets, icmp unreacheble/filtered and so on. And with default “discard” settings totally about 30-35% (!!!) limited queries. It looks like many vendors and hardware (SOHO routers, stb and so on) have an incorrect ntp daemon settings. Looks like “nobody cares ntp”. Very bad news.

These counts only the servers included into the pool, not the defined servers. When the quality of the Internet ameliorates or the monitoring is improved, many will return to the active status.

Advertising wouldn’t improve the quality of the Internet, neither the effectiveness of the ntppool monitoring.

Even so “LESS” is defined by what? For IP4 servers there are more then there have been:
2638 (+126) active 1 year ago
2711 (+53) active 3 years ago

and for IPv6:
1306 (+34) active 1 year ago
1052 (+288) active 3 years ago

So on a yearly / 3 year basis there are more server’s today then there was. When you look at anything shorter then that it’s pointless as was already mentioned many servers come and go from enthusiasts who find something about making an NTP server so they do, but then when it has a problem they don’t fix it, or their IP changes and they never update the pool etc…

There were 151 fewer active IPv4 servers yesterday, which looked much less happy.

You can’t look at such a small window as days, weeks, or even months. Servers come and go as we already pointed out. People add them on residential accounts that lose the IP and go away. Several come and go daily, but when you look at YOY the server count is up.

Actually the server count is decreasing since fall 2013 as you can see in the graph at https://www.ntppool.org/zone/@. That was when the NTP protocol was first used as a method for a massive DDOS attack. The NTP community has never really recovered from that incident.

The growth which is seen in IPv6 servers has nothing to do with new nodes in the pool. Most of these IPv6 servers are secondary addresses on existing servers where the system administrator switched from IPv4 only to a dual stack network configuration.

The main problem is not promotion or marketing of NTP. It is funding of the base infrastructure. There is no serious money flowing in to have a bunch of dedicated people running the pool. @ask does whatever he can but is limited in resources. If some big players in the market would put a continuous flow of money in the project things would look a whole lot different. This is not a problem unique for the NTP pool though. Other critical infrastructure like OpenSSL was maintained on a $2000 yearly budget until the Heartbleed catastrophe opened peoples eyes (https://en.wikipedia.org/wiki/Core_Infrastructure_Initiative). If any PR action is needed, it shouldn’t be directed at people with servers and spare time, but at people with power and money to spend.

3 Likes

Well the pool took the biggest hit when it moved to a new location and the Newark monitor started to fail a lot.
I have 4 ntp-servers, all taken out of the pool when NTP started mailing me on a daily basis telling me my NTP-servers where faulty.

So Steve decided to monitor my Stratum1 server constantly for several months now and it never failed.
Except for my own doing, changing hardware or updating the OS.

But it did not fail once, yet Newark kept missing my systems.
After complaining and sending logs for months; I was done with it an took them all out of the pool.

People do start enthusiastic, but when NTP-pool is telling you constantly your system is bad, and you spend a enormous amount of time to find the problem but it turns out a bad monitor and the refusal to fix it.
Yeah people do step out of the project.

I told Ask that I do want to join again and am committed to the project for the long run, but not as long as he doesn’t fixed the flawed monitor-system.

Several people said this, including me, yet nothing happens, so we leave.

As for funding, I got a big hoster to offer Ask a number of locations for free to setup more monitors, he never took any action to use the offer at all.

However, today NTP isn’t needed that much anymore as GPS-receivers are cheap and small, anybody can keep their own time based on GPS.
A GPS costs less then 5 euro and you have the correct time all day long.

NTP started at a time that time-keeping was expensive and pretty much impossible to keep right, today different story, private-stratum1 is just 5 euro :slight_smile:

See, 5 euro GPS and it’s pretty good at time-keeping:

root@server:~# chronyc tracking
Reference ID : 47505300 (GPS)
Stratum : 1
Ref time (UTC) : Sat Dec 21 15:03:46 2019
System time : 0.000076007 seconds fast of NTP time
Last offset : +0.000078239 seconds
RMS offset : 0.000578455 seconds
Frequency : 29.641 ppm fast
Residual freq : +0.757 ppm
Skew : 32.636 ppm
Root delay : 0.000000 seconds
Root dispersion : 0.001356 seconds
Update interval : 16.0 seconds
Leap status : Normal
root@server:~#

1 Like

Well… in the past several years, some big companies have created their own global NTP network, and offer free access to the general public. Google, Amazon, Cloudflare, and others… Likewise Microsoft & Apple have always had theirs. Many ISPs are also finally starting to push NTP info via the DHCP option, also utilizing their own NTP servers.

Overall I think companies and people are getting more serious about the ‘time’ on their devices realizing how critical it is for proper communications and furnishing their own NTP infrastructure to ensure availability, reliability, control, and traceability.

1 Like

Those companies are not big enough, sorry they are not.
Many more devices use ntp.pool.org and the list is endless.

By default these are:

Linux
Sat-receivers and Cable-boxes
IP-camera’s
Modems and a lot of them, regardsless the ISP
Routers
Hosters and datacenters
Even domotica uses the pool and those numbers are growing fast!

The load on pool-servers is enormous and way beyond Amazon or Microsoft, they are tiny players in this game.

The only way this project can survive is with proper functioning monitors that people want to run their NTP-server in the pool.
You do not want to get mails every other day claiming your server is faulty when it is not, those mails are the problem and nothing else, they make people leave the pool.
In the end the current “good-marked” servers will get overloaded because the monitor is marking too many servers as bad.
If something will kill this project, it will be it’s own monitoring system and nothing else.

Enough people want to join and give up band-weight to help others, but not if they keep being pestered with monitor-mistakes.
You can only tell so many times that people their system is bad…then they leave and probably never come back.

Thanks Bas, your messages convinced me. Some time ago I issued a pull request with translation enhancements to the ntppool website on Github and never heard back. After I retracted the pull request @ask suddenly awoke. I thought he was busy fixing the monitor system, but if I read your post, that wasn’t the case.

I therefore now deleted my Stratum 1 and eight Stratum 2 servers on both IPv4 and IPv6 from the pool. You are correct. Why waste time being flooded with automated emails or uploading translations if no-one in the center of the project really cares? If some more members retract their servers, maybe someone will awake.

I think it is not correct that only one main person (ask) on which a project of that big scale is relying. There should be more than one people who can actively manage the systems, including update of the software components, putting is production new monitors.

1 Like

Hi, we are working on figuring out why the monitoring probes are being dropped and are talking to some of the transit networks that are doing it about changing their filtering. It is a slow process and might not work. If it doesn’t then maybe NTP is just done as a protocol (certainly it will look grim for the network time security work).

“More monitors” isn’t a silver bullet. I have been working on updating the management site and database to support new features and lessen the manual load from support tickets; the groundwork is mostly done — testing and feedback is welcome, it’s live on the beta site.

There isn’t anyone to “wake up”. There’s just me and everyone else helping keeping the system running between other obligations.

By usage and by server capacity (not just count) the system is busier and bigger than ever.

The graphs on pool.ntp.org: NTP Servers in All Pool Servers, pool.ntp.org aren’t very granular, obviously, but it looks like there was a drop in (edit: IPv4) server count throughout most of 2018 and early 2019, it recovered in mid 2019 shortly before or around the time of the monitoring server move, and has dropped by about 100 servers, or 3%, since then.

I’m regularly seeing comments like

yet my experience (England, UK) is precisely the opposite - East coast has been far more stable than West coast was. This strongly suggests it isn’t so much the individual server (mine’s a SUN box which does nothing else) but how that server is reached, either from Newark or user locations.

AlisonW

1 Like

But that is exactly the problem, the monitor isn’t stable in all directions.
As such it can’t be trusted to report servers as bad.
My server is constantly marked as bad while there is proof from other directions, like Germany that isn’t not bad or offline.
Steve is monitoring my server form months now, it simply doesn’t fail at all like Newark reports every single day.
Also my server was listed in the beta-project (3 monitors), passing by the 2 other monitors all the time but again reported bad by Newark and as expected mailing every single day because of that.

1 Like

My servers are perfect only from the Los Angeles test monitoring location, even the servers are in Switzerland. The topology of the network connection matters.

Your are in Swiss and you need NTP to keep time? That doesn’t make much sense :slight_smile:

But I agree, same for me.

Why not just drop the monitoring server altogether? NTP is built as a fail-save protocol where servers which are not responding or sending bad time are automatically ignored. If the “pool” statement is used in the config file, the ntpd daemon will even automatically query a new server address if one fails.

Most pool server operators are providing their servers in good faith and trying to keep it up. The only situation where you need a monitor system is to kick servers out of the pool which are continuously keeping bad time or not sending any time. But that doesn’t require a two-strikes-out system with a poll time of 30 minutes as it now with the monitor server.

Also, what happens if the current monitor server in Newark fails or keeps bad time? Servers crash, data-centers black-out.

Many servers in russian segment last day drop down to score=-5 and our servers were thrown out of the pool. Holy God, even ntp.ix.ru cluster of Meinberg Lantime 300 servers on number 1 biggest russian internet exchange point (MSK-IX) drops to -5!!! The Russian “national standard institute” (it’s like NIST) time servers goes down from pool. For example server ntp3.vniiftri.ru go to score -43! Mother of God…I don’t even know what to say. It was the same a week or two ago.

The reason of this trouble is packet loss up to 100% between the Telia and Packet (where hosted monitoring station) on route in NYC. Telia is a one of Tier-1 ISP connecting continents. Therefore, I think that many servers in Europe is falling out of the pool because of this problem.

I think only one monitoring station at single one continent is a giant mistake and point of failure of the all project, given the impact of packet loss and network trouble between Packet/Newark and World. The rating system also raises many questions.