Running a stratum 2 NTP server for ntppool.org on a VPS
Date: January 6, 2022
As I moved my VPS to a new provider I’m having the luck of having a spare Contabo VPS server for a month.
Unlimited bandwidth, 6 cores and 1.7TB of available harddisk. What to do with it? Let’s run a Chrony NTP server and add it to ntppool.org.
Installing chrony
# apt install chrony
The configuration of /etc/chrony.conf is simple:
# Include configuration files found in /etc/chrony/conf.d.
confdir /etc/chrony/conf.d
# Time makers
server ptbtime1.ptb.de iburst nts
server ptbtime2.ptb.de iburst nts
server ptbtime3.ptb.de iburst nts
pool time.nist.gov iburst maxsources 3
pool time.nrc.ca iburst maxsources 3
# University of Erlangen is having a big NTP S1 cluster
server ntp2.ipv6.fau.de iburst
server ntp3.ipv6.fau.de iburst
# Apple / FB / Google are having a dense NTP Anycast network pool
pool time.apple.com iburst maxsources 3
pool time.facebook.com iburst maxsources 3
pool time.google.com iburst maxsources 3
sourcedir /run/chrony-dhcp
sourcedir /etc/chrony/sources.d
keyfile /etc/chrony/chrony.keys
driftfile /var/lib/chrony/chrony.drift
ntsdumpdir /var/lib/chrony
logdir /var/log/chrony
# Stop bad estimates upsetting machine clock.
maxupdateskew 100.0
rtcsync
makestep 1 3
leapsectz right/UTC
# Allow everybody to connect to us
allow
. Open the port on your firewall and you are done.
# ufw allow ntp
Having a look at the ‘sourcestats’ and ‘tracking’ of Chrony shows us that the server is behaving nicely.
# chronyc sourcestats
Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev
==============================================================================
ptbtime1.ptb.de 10 4 171m +0.003 0.020 -2911us 38us
ptbtime2.ptb.de 8 6 120m -0.021 0.055 -3040us 54us
ptbtime3.ptb.de 26 9 448m +0.006 0.003 -2864us 36us
time-d-b.nist.gov 10 5 154m -0.023 0.057 -489us 128us
time-d-wwv.nist.gov 55 25 35h -0.004 0.003 +316us 183us
time-e-wwv.nist.gov 38 18 10h +0.007 0.002 +562us 37us
time.nrc.ca 51 29 14h +0.004 0.013 +7929us 417us
time13.nrc.ca 43 17 12h +0.010 0.010 +4316us 254us
time12.nrc.ca 64 36 18h +0.001 0.020 +6962us 855us
ntp2.rrze.ipv6.uni-erlan> 7 4 103m -0.008 0.072 -6051us 63us
ntp3.rrze.ipv6.uni-erlan> 20 12 327m +0.004 0.009 -5939us 62us
defra1-ntp-002.aaplimg.c> 64 31 18h +0.000 0.016 +53ns 709us
nlams2-ntp-001.aaplimg.c> 64 33 18h -0.001 0.017 +891us 714us
ntp.euro.apple.com 63 26 17h +0.004 0.010 +3329us 398us
time4.facebook.com 12 8 206m -0.001 0.015 +552us 43us
time5.facebook.com 64 33 18h +0.004 0.015 +1079us 643us
time3.facebook.com 64 31 18h -0.006 0.016 +610us 639us
time1.google.com 31 14 534m +0.006 0.008 -1183us 121us
time1.google.com 39 17 11h +0.007 0.008 +1296us 168us
time4.google.com 8 4 137m +0.002 0.072 +1939us 82us
# chronyc tracking
Reference ID : 11FD36FD (defra1-ntp-002.aaplimg.com)
Stratum : 2
Ref time (UTC) : Thu Jan 13 09:39:45 2022
System time : 0.000004171 seconds slow of NTP time
Last offset : -0.000010577 seconds
RMS offset : 0.000092344 seconds
Frequency : 4.835 ppm fast
Residual freq : +0.000 ppm
Skew : 0.016 ppm
Root delay : 0.003437383 seconds
Root dispersion : 0.000974619 seconds
Update interval : 1025.2 seconds
Leap status : Normal
After adding the server to NTPPool and selecting 1 GBit available of NTP bandwidth we can see some upcoming traffic from users all over the world (but mostly Europe). The amount of average traffic is manageable and doesn’t disturb the operation of the other services. It’s not even using a fractíon of the available uplink.
Averaged traffic statistics over a few days.
# vnstat -h 96h
(...)
hour rx | tx | total | avg. rate
------------------------+-------------+-------------+---------------
00:00 451.65 MiB | 442.65 MiB | 894.31 MiB | 2.08 Mbit/s
01:00 381.46 MiB | 374.69 MiB | 756.15 MiB | 1.76 Mbit/s
02:00 378.04 MiB | 370.87 MiB | 748.91 MiB | 1.75 Mbit/s
03:00 363.45 MiB | 356.01 MiB | 719.46 MiB | 1.68 Mbit/s
04:00 356.49 MiB | 349.34 MiB | 705.83 MiB | 1.64 Mbit/s
05:00 377.99 MiB | 371.14 MiB | 749.14 MiB | 1.75 Mbit/s
06:00 352.31 MiB | 346.31 MiB | 698.62 MiB | 1.63 Mbit/s
07:00 431.11 MiB | 395.64 MiB | 826.76 MiB | 1.93 Mbit/s
08:00 465.50 MiB | 458.15 MiB | 923.65 MiB | 2.15 Mbit/s
09:00 455.48 MiB | 446.95 MiB | 902.43 MiB | 2.10 Mbit/s
10:00 420.18 MiB | 410.78 MiB | 830.96 MiB | 1.94 Mbit/s
11:00 436.60 MiB | 425.22 MiB | 861.83 MiB | 2.01 Mbit/s
12:00 396.49 MiB | 389.05 MiB | 785.55 MiB | 1.83 Mbit/s
13:00 426.88 MiB | 419.59 MiB | 846.47 MiB | 1.97 Mbit/s
14:00 442.89 MiB | 434.94 MiB | 877.83 MiB | 2.05 Mbit/s
15:00 413.53 MiB | 405.88 MiB | 819.41 MiB | 1.91 Mbit/s
16:00 534.54 MiB | 428.17 MiB | 962.71 MiB | 2.24 Mbit/s
17:00 414.62 MiB | 409.14 MiB | 823.76 MiB | 1.92 Mbit/s
18:00 445.06 MiB | 434.23 MiB | 879.29 MiB | 2.05 Mbit/s
19:00 445.89 MiB | 437.11 MiB | 883.00 MiB | 2.06 Mbit/s
20:00 448.30 MiB | 439.51 MiB | 887.81 MiB | 2.07 Mbit/s
21:00 453.46 MiB | 444.76 MiB | 898.22 MiB | 2.09 Mbit/s
22:00 445.26 MiB | 437.55 MiB | 882.81 MiB | 2.06 Mbit/s
23:00 414.49 MiB | 406.97 MiB | 821.46 MiB | 1.91 Mbit/s
(...)
had@vmd37763:~$ vnstat -d
(...)
day rx | tx | total | avg. rate
------------------------+-------------+-------------+---------------
2022-01-05 9.91 GiB | 9.60 GiB | 19.52 GiB | 1.94 Mbit/s
2022-01-06 9.55 GiB | 9.38 GiB | 18.93 GiB | 1.88 Mbit/s
2022-01-07 9.98 GiB | 9.81 GiB | 19.80 GiB | 1.97 Mbit/s
2022-01-08 11.76 GiB | 11.56 GiB | 23.31 GiB | 2.32 Mbit/s
2022-01-09 10.04 GiB | 9.85 GiB | 19.89 GiB | 1.98 Mbit/s
2022-01-10 10.23 GiB | 10.07 GiB | 20.30 GiB | 2.02 Mbit/s
2022-01-11 10.54 GiB | 10.33 GiB | 20.87 GiB | 2.07 Mbit/s
2022-01-12 11.12 GiB | 10.85 GiB | 21.98 GiB | 2.18 Mbit/s
(...)