On Wed, Dec 2, 2020 at 11:17 AM Jerry Geis <jerry.geis at gmail.com> wrote: > ... > ntpdate was "nice" in that I could just run once a day as "ntpdate name" the problem with that sort of time sync is that if your systems clock is running fast, then those once a day time syncs cause the clock to be set BACK a few seconds or whatever (in bad cases a few minutes). I have always run ONE primary ntp server on my internal network, given it firewall access to the ntp ports, then had all my other systems ntp sync off that one server. This only requires a single port OUTBOUND connection from that one server. I generally avoid the 'pool' servers, and instead manually chose a set of regional stratum I or II NTP servers that are listed as being offered to the public. -- -john r pierce recycling used bits in santa cruz