From Newsgroup: comp.protocols.time.ntp

Recently I’ve been toying with a GPS receiver, and it occured to
me that I can configure the NTP instances of two of my boxes
(connected over a Fast Ethernet link) to use each other as ‘backup’
time source. Per ntp/assoc.html , it would seem that I need ‘peer’
association type for that:

a> Symmetric active/passive mode is intended for configurations where a
a> clique of low-stratum peers operate as mutual backups for each other.
a> Each peer operates with one or more primary reference sources, such
a> as a reference clock, or a set of secondary (stratum, 2) servers known
a> to be reliable and authentic. […]

In this case, one of the boxes has better Internet connectivity,
allowing for the use of the NTP pool servers as its reference
clock; and the other has said GPS receiver connected.

To my surprise, I’ve found that as part of the ‘hardening’ effort
for NTPsec (the version included in Debian Trixie) the ‘peer’
association type got removed; this is what I get in syslog:

CONFIG: peer deprecated, treated as server: (peer-IP-address)

The question is: what is the best current practice for having
‘a clique of low-stratum peers operate as mutual backups for each
other’? Is ‘peer’ truly deprecated for any and all possible uses?
Are there any ‘hardened’ NTP implementations that /do/ support
‘peer’? Or is it that those interested in such configurations
are ought to rely on the Reference Implementation?

(JFTR, I don’t see any mention of a function like that in OpenNTPd’s
ntpd.conf(5), either. Conversely, the machine to which the GPS
receiver is connected runs NTP 4.2.8p15 from NetBSD 10.1 and, so
far as I can tell, has no trouble with ‘peer’.)

--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: comp.protocols.time.ntp

On 3/19/2026 6:25 AM, Ivan Shmakov wrote:

Recently I’ve been toying with a GPS receiver, and it occured to
me that I can configure the NTP instances of two of my boxes
(connected over a Fast Ethernet link) to use each other as ‘backup’
time source. Per ntp/assoc.html , it would seem that I need ‘peer’
association type for that:

a> Symmetric active/passive mode is intended for configurations where a
a> clique of low-stratum peers operate as mutual backups for each other.
a> Each peer operates with one or more primary reference sources, such
a> as a reference clock, or a set of secondary (stratum, 2) servers known
a> to be reliable and authentic. […]

In this case, one of the boxes has better Internet connectivity,
allowing for the use of the NTP pool servers as its reference
clock; and the other has said GPS receiver connected.

To my surprise, I’ve found that as part of the ‘hardening’ effort
for NTPsec (the version included in Debian Trixie) the ‘peer’
association type got removed; this is what I get in syslog:

CONFIG: peer deprecated, treated as server: (peer-IP-address)

The question is: what is the best current practice for having
‘a clique of low-stratum peers operate as mutual backups for each
other’? Is ‘peer’ truly deprecated for any and all possible uses?
Are there any ‘hardened’ NTP implementations that /do/ support
‘peer’? Or is it that those interested in such configurations
are ought to rely on the Reference Implementation?

(JFTR, I don’t see any mention of a function like that in OpenNTPd’s
ntpd.conf(5), either. Conversely, the machine to which the GPS
receiver is connected runs NTP 4.2.8p15 from NetBSD 10.1 and, so
far as I can tell, has no trouble with ‘peer’.)

If you're running "real" NTP - from the NTP Project, why would you not
want to run the latest -stable code on production boxes?

See https://downloads.nwtime.org/ntp/ChangeLog-stable for what's been
changed since p15, for example.
--
Harlan Stenn <stenn@ntp.org>
NTP Project Lead. The NTP Project is part of
https://www.nwtime.org/ - be a member!I



--- Synchronet 3.21d-Linux NewsLink 1.2