Should the How to Use pools page be updated with an option that uses 'pool' instead of 'server'?

Hi there. Please excuse me if I am covering an old discussion, but it occurs to me that given the wide distribution of ntpd 4.2.8 and common support for the ‘pool’ source type that there should at least be an alternative configuration on the how to use pool page.

The current configuration listed is:

driftfile /var/lib/ntp/ntp.drift

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

Not only does this suggested configuration use the server option instead of pool, it also doesn’t include the bare minimum restrict settings that are, as far as I can tell, best practice these days.

It seems that this was recognised as far back as 2016 in this discussion that the page should be amended with a more modern configuration.

That discussion sort of ended without a firm resolution, however a modern generic example config should probably look something like:

driftfile /var/lib/ntp/ntp.drift

# By default, exchange time with everybody, but don't allow configuration.
restrict default kod notrap nomodify nopeer noquery limited

# Allow defined sources to be peers - for pool sources support
restrict source notrap nomodify noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

pool 0.pool.ntp.org
pool 1.pool.ntp.org
pool 2.pool.ntp.org
pool 3.pool.ntp.org

# TOS entry

tos maxclock 7

Does that config make sense? Should the use page be updated to at least offer a more modern config? maxclock 7 seems a reasonable setting given that the default of 10 is not an odd number, which the ntp.conf documentation recommends, but it’s also a prime and a high enough value to ensure good quality time in a ‘typical’ configuration.

That discussion has been ongoing for a while, indeed. There’s a PR on GitHub which followed from another dicussion. Unfortunately, @ask hasn’t had the time, yet, to merge it.

Bit it cannot hurt nudging him again…

The value “tos maxclock “ seems not to be correct here, as per the ntpsec documentation, it leads to only three servers being kept with this example config, when 5-7 servers is the recommended number.

The recommendation for maxclock in the documentation is to take an odd number, e.g. 7, and add the number of pool entries to that number (but not to minclock). With four pool entries, 9 or 11 would be good values.

I just saw that this is also not followed in the PR, with “maxclock 8” being used there. Has anybody tested this? Is the ntpsec documentation wrong about stating that the pool entries themselves count for the number of maximum servers?

The docs are correct, sadly. Each “pool” line in ntp.conf counts as a clock towards maxclock.

Then I think the PR needs to be tweaked a bit to use “maxclock 9” before being merged, as only keeping four servers around runs the risk of two groups of two servers agreeing on a different time each, and no good way for the algorithm to decide. (Personally, I prefer using seven servers, but five is probably a fine number for a client.)