Re: [fw-wiz] Acqusition of time

From: Frank Knobbe (fknobbe@knobbeits.com)
Date: 01/31/03

• Next message: Luca Berra: "Re: [fw-wiz] Proxy Firewalls (was FWTK vs T.REX)"
• Previous message: anil bindal: "[fw-wiz] What is the difference between stateful packet filtering and Stateful pkt inspection ?"
• In reply to: Martin Peikert: "Re: [fw-wiz] Acqusition of time"
• Next in thread: Kevin Steves: "Re: [fw-wiz] Acqusition of time"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Frank Knobbe <fknobbe@knobbeits.com>
To: Martin Peikert <Martin.Peikert@discon.de>
Date: Fri Jan 31 07:59:38 2003

On Thu, 2003-01-30 at 03:23, Martin Peikert wrote:
> Ben Nagy wrote:
> > If a firewall can't reach an NTP server because of some transient network
> > condition the clock doesn't automatically go haywire - it will just start
> > drifting as per the normal accuracy of the hardware clock, no?
>
> Not necessarily. You could use clockspeed, see
> http://cr.yp.to/clockspeed.html
> ,-----------------------------------------------------------------------
> | clockspeed uses a hardware tick counter to compensate for a
> | persistently fast or slow system clock. Given a few time measurements
> | from a reliable source, it computes and then eliminates the clock
> | skew.
> `-----------------------------------------------------------------------

Just a word of caution. I'm using clockspeed on about a dozen FreeBSD
boxes, and it does indeed do a great job. However, it only adjusts the
software clock. That means that, if the OS doesn't write the current
software time back into the hardware clock before a reboot, or if the
system crashes or looses power, you will have the wrong time at the next
boot up.

That in turn means that you will have to fetch the current time upon
startup. Clockspeed is great in keeping the time drift to a minimum
while the system is running. But you still need to sync your time on
startup.

Regards,
Frank

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: Luca Berra: "Re: [fw-wiz] Proxy Firewalls (was FWTK vs T.REX)"
• Previous message: anil bindal: "[fw-wiz] What is the difference between stateful packet filtering and Stateful pkt inspection ?"
• In reply to: Martin Peikert: "Re: [fw-wiz] Acqusition of time"
• Next in thread: Kevin Steves: "Re: [fw-wiz] Acqusition of time"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: hwclock problem with leapseconds - posix? ... An extra second, the leapsecond, added every few years means nothing, ... and deal with the hardware clock. ... that can be adjusted, and the skill and tools to adjust it. ... (comp.os.linux.setup) Re: NTP for dummies ... > time standard someplace and set the pc/xp hardware clock ... not about occasionally correcting the CMOS clock. ... also setting the software clock doesn't seem very useful. ... How ntpd maintains the local clock is operating system dependent. ... (comp.protocols.time.ntp) Re: Problem with clock interrupt ... # hwclockfirst.sh Set system clock to hardware clock, ... echo "$0: System clock was not updated at this ... (comp.os.linux.hardware) Re: Clock Problem? ... The bios clock, (which is the hardware ... expect Windows to last too much longer, and I don't expect Ubunto to be ... the hardware clock (you call it the bios clock, ... (alt.os.linux.suse) Re: A7V333: Odd shutdowns, as if no power -- clock/timer problem? ... The hardware clock stores the time correctly, ... If I power cycle, ... You could have a bad CMOS battery. ... (alt.comp.periphs.mainboard.asus)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint