|
|
Jason Haar wrote: > James Yonan wrote: > >>>If OpenVPN (internally) uses UTC (or unixtime) there should be no issue >>> >> >> > > > Just to cover my ar*e - UTC isn;t an TLA for "unixtime" - as James says > all Unix systems internal clock is based on the number of seconds since > Jan 1 1970. And yes, it is immune to daylight saving issues. > > One thing to note about the original question. There was a comment about > resetting the clock via ntpdate every hour? That could cause a problem. > You are hard-resetting the time - jumping around in time. Always a bad > thing (except if you're the Doctor ;-) .You can end up with "impossible" > events like a syslog entry at one time, followed by the next entry at an > earlier time. And when I refer to jumping around in time - I am > referring to "real time" - UTC or unixtime - not "human time" which has > weird concepts such as daylight savings/etc. > > If you can use ntpdate, you should be able to use ntpd and "do it > right". The daemon will *slew* time - speeding up or slowing down the OS > clock until the time is synchronized. > I do have an script that do an ntpdate hourly. I didn't wanted to have the ntpd running because i think that it is a waste of memory run it, unless you are serving to the machines on your network, or need a very precise clock. I've had a problem one time. I've used the America/Sao Paulo zone in /etc/localtime. The localtime in slackware 9 was bugged. So every time i runned the ntpdate it added one hour to the system hour. I had to change the localtime para GMT -03:00, and it worked. Right now i'm using America/Sao Paulo, with no problems. It updated my hour in the right day that the daylight saving started, and had no problems before, nor since it started. And didn't had any problem of "impossible" entries on the syslog. In one our, your clock you be wrong only a few microseconds. So, running ntpdate every hour or so, won't hurt. Jason, i suggest you change your localtime, trying to update the localtime package and things like this. As i said, i had a problem similar with this. In the worst case, you will have to deactivate the replay protection in the openvpn. my regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informática 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |