Using F5 as NTP deamon

Hi,

 

 

It wouldn't be supported by F5, but it should work. You'd also need to allow port 123 on the self IP(s) allow list for the self IP(s) that you want to allow client access to.

 

 

Aaron

As Aaron said, this is possible but I really don't like the idea.

 

 

Since most devices accept more than 1 multiple server, reliability shouldn't be a huge issue. Since there are plenty of open source solutions that could be run on a VM, I'd prefer using servers. We have quite a few boxes dedicated to "management services" like this...syslog, dns, ntp.

I've always preferred serving ntp from the client/server l3 gateways so the bulk of queries remain local. If it is something you change in the system configuration, note that this will not survive a hotfix or upgrade.

Posted By Jason Rahm on 01/25/2011 11:09 AM

 

If it is something you change in the system configuration, note that this will not survive a hotfix or upgrade.

 

How does the upgrade process work with files like ntp.conf? Since ntp.conf gets edited when defining ntp servers, it wouldn't get blown away, would it? Or does the box just re-create the file with the only contents being the NTP servers defined via the GUI/CLI?

The system daemon file configuration can be customized in the bigip_sys.conf using include files. If you manually edit the files, they will probably get overwritten during an upgrade.

 

 

Here's an example you know of from Deb about customizing the syslog-ng config. The same concept can be used for ntp, sshd, etc.

 

 

http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=155

 

 

Aaron