Hi All,
I'm attempting to configure a stratum one server and have a few questions regarding the ntp.conf file for both the server and client sides. Here are the specs for the equipment I'm using:

Globalsat BU-353 GPS Receiver via USB
Running over Gigabit ethernet
Ubuntu Desktop 10.04, kernel 2.6.32-23-generic
GPSD: 2.92 (revision svn)
ntpd - NTP daemon program - Ver. 4.2.4p8

First, I'd like to make the server available for public access, yet keep it somewhat restricted (secure). I've read through the documentation regarding access control parameters and its seems that

restrict -4 default kod notrap nomodify nopeer noquery

is a sufficient starting point, and then using the 'restrict' keyword for server/clients that need more access.

Second, I'd like to account for the latency experienced from satellite to gps, gps through usb, operating system computation, and then other network skew. Since the local network is running Gigabit ethernet, the network latencies should fairly minimal but the others could have some impact. Some ntp.conf files I've seen have listed around .750 miliseconds as a good adjustment.

Third, In case power is cut, is there is a parameter that would allow the adjustments made thus far to resume after rebooting?

Fourth, should the stratum one server only be getting its time from the gps clock? Should there be any form of built in redundancy? Such as other stratum one servers acting as peers or even the stratum one's local clock set as a lower stratum incase the gps receiver no longer has a fix on the satellite?

Security as well as accurate time is my biggest concern and any recommendations on configuring the ntp.conf file would be highly appreciated. My ntp.conf file is below.

Thank you for your input.


# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

# Enable this if you want statistics to be logged.
logconfig =all
driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# Generic NMEA GPS Receiver - Globalsat BU-353
# Adjust time1 to account for cable delay and skew from GPS/USB
server 127.127.20.0 prefer minpoll 4 maxpoll 4
#fudge 127.127.20.0 time1 0.750 stratum 0

# time source just in case - Madison, WI
#server ben.cs.wisc.edu

# use local clock if gps and internet servers fail
#server 127.127.1.0
#fudge 127.127.1.0 stratum 10

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely
# IPv4
restrict 127.0.0.1
# IPv6
restrict ::1