[Freeipa-users] ntp and srv records

[Les Stott]

We have ntp setup on two servers and configured normally via /etc/ntp* etc.

All clients and servers reference the same ntp servers, and all would be on the same time. This doesn't require ntp SRV records.

So I personally don't thing ntp srv records are necessary and can't see an issue. But wanted to check to be sure....

Les

-----Original Message-----
From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Petr Spacek
Sent: Thursday, 21 August 2014 4:52 PM
To: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] ntp and srv records

On 21.8.2014 06:17, Les Stott wrote:
> Hi All,
>
> Am about to start rolling out clinet installs on rhel6 hosts with dns autodiscovery.
>
> Enviroment: rhel6, ipa-3.0.0-37.el6.
>
> I already have setup SRV records for Kerberos and ldap etc.
>
> Are the following ntp records as SRV records necessary also?

Technically not but they are highly recommended (assuming that your IPA servers are running a NTP server).

> ;ntp server
> _ntp._udp               IN SRV 0 100 123        ntp1.mydomain.com.
> _ntp._udp               IN SRV 0 100 123        ntp2.mydomain.com.
>
> I've seen some guides that don't reference them, others that do. I don't see any adverse effects on the two freeipa servers (master + replica) that are currently running without the ntp srv records.

The adverse effect will probably manifest on client side. Things (Kerberos :-) will break if time on client is too far away from time on server.

--
Petr^2 Spacek

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project