Re: NTP vs SNTP

Hello Rob,

Am 19.11.2019 um 15:42 schrieb Rob Berendt <rob@xxxxxxxxx>:

Drilled down into TCP, Servers and checked SNTP and tried to view Connection Status and it was blank.

Are you talking about the output of netstat *cnn on 5250? UDP is connectionless, so you will never see active connections, just listening services (if there's a service which has a listening socket opened).

The support person had to look it up and get back to me. Basically it will be blank unless you change your client type from SNTP to NTP. He changed it on his system and then the connection status screen was active.

I guess that SNTP is just a client wether NTP is a full TCP daemon which can also provide other clients with network time service. See https://en.wikipedia.org/wiki/Network_Time_Protocol#SNTP

It all sounds simple to me until I start worrying about if that will come through different ports, etc on our firewall thus having to get numerous network consultants from different companies involved (DMZ lpar).

I don't get what you want to tell but ntp and sntp is *always* UDP port 123.

And if there might be any required modifications on the SNTP servers to support NTP.

There's no such thing as an SNTP server

At this time I'm thinking not worth it. What say ye?

What is "it"?

Having all nodes in a network synched to a common time source eases chasing of errors involving multiple nodes when it comes to matching of logging entries. Some services like Kerberos and SSL certificates also rely on time. Kerberos more (about 5 minute difference should be allowed as far as I remember), SSL less (certs are usually signed for many weeks if not months). If you have a device reset to it's default clock setting (empty battery), you may also encounter that a SSL cert is *not yet* valid. :-)

:wq! PoC

PGP-Key: DDD3 4ABF 6413 38DE - https://www.pocnet.net/poc-key.asc