Chapter 18: Configuring the Network Time Protocol (NTP)

Chapter 18: Configuring the Network Time Protocol (NTP)

Chapter 18
Configuring the Network Time Protocol (NTP)

Use NTP, the Network Time Protocol, to synchronize clocks on networks with Internet access. You can, alternately, use the Time Synchronization Protocol (TSP) to synchronize clocks. For information on the differences between TSP and NTP, see ``Distributed time services''.

In this implementation of NTP, the ntpd(ADMN) time daemon runs on each host on your network. These daemons communicate with each other using a hierarchical scheme in which servers on the Internet pass time data to additional servers and clients throughout the Internet.

NOTE: In NTP version 4, the name of the NTP daemon changed from xntpd to ntpd; the name of the special query program changed from xntpdc to ntpdc.

The remainder of this chapter covers how NTP works, an NTP glossary, guidelines for using NTP, several examples of using NTP, descriptions of NTP files, and ways to test and troubleshoot NTP.

How NTP works

The Network Time Protocol (NTP) defines a set of procedures for synchronizing clocks on hosts connected to a network with access to the Internet.

NOTE: NTP is designed to operate in an environment with Internet access. However, it can be used even without Internet access, although its accuracy will be diminished. For details, see ``Using NTP without Internet access''.

Some of the hosts act as time servers, that is, they provide what they believe is the correct time to other hosts. Other hosts act as clients, that is, they find out what time it is by querying a time server. Some hosts act as both clients and time servers, because these hosts are links in a chain over which the correct time is forwarded from one host to the next. As part of this chain, a host acts first as a client to get the correct time from another host that is a time server. It then turns around and functions as a time server when other hosts, acting as clients, send requests to it for the correct time.

The network time daemon ntpd(ADMN) is the program running on each of the hosts in the network that, following the conventions defined in the protocol, attempts to establish the correct time. It does this by using the best available source of time to synchronize the host clock with the time at zero longitude, known as Coordinated Universal Time or UTC.

New features in this release of NTP

The Network Time Protocol (NTP) was upgraded from V2 to V3 of the NTP protocol, defined by RFC 1305. Significant changes include:

The new command ntptrace(ADMN), which traces the master time source of an NTP server.
The maxskew configuration parameter is no longer supported.
Authentication is now supported, but only using the MD5 authentication scheme.
Added -d, -p, and -s options to ntpd(ADMN) command.
Added lpeers control message command to ntpq(ADMN).

NTP glossary

A number of terms describe important entities or activities that are part of NTP. These are defined here.

client mode

The mode in which a host polls a time server that it might synchronize with, but it will not respond to polls from that time server. When a host is operating in this mode, the time server it is polling is said to operate in ``server mode''.

Coordinated Universal Time

The international standard reference time. It also corresponds to the local time at zero longitude. The standards pertaining to the definition and maintenance of Coordinated Universal Time, which effectively replaced Greenwich Mean Time (GMT) on 1 January 1972, are promulgated in Recommendation 460 of the International Consultative Committee for Radio (Comite Consultatif International de Radiodiffusion or CCIR) of the International Telecommunications Union. The CCIR is located at 2, rue de Varembe, 1211 Geneva 20, Switzerland. Responsibility for time standards in the United States rests with the Time and Frequency Division of the National Institute of Standards and Technology (NIST) in Boulder, Colorado.

dispersion

A measure, in seconds, of how scattered the time offsets have been from a given time server.

drift

A measure, in hertz per second, of how quickly the skew of a clock is changing. See also ``skew''.

host

Any computer connected to the network.

Internet

The collection of interconnected networks that grew out of ARPANET, the Defense Advanced Research Projects Agency network, and that use TCP/IP to communicate to function as a single cooperative network.

poll

The sending of an NTP packet from a host to an NTP time server to request the current time. The server responds by recording the current time in the packet, then sending it back to the originating host. See also ``NTP packet''.

NTP packet

A message sent over the network that conforms to the Network Time Protocol format. This format includes space for recording the current time. See also ``poll''.

primary server

Another name for a stratum 1 server. See also ``stratum''.

roundtrip delay

The time it takes for a host to send an NTP packet to another host and get an NTP packet back from that host in reply.

secondary server

Another name for a stratum 2 server.

server mode

The mode in which a time server allows itself to be polled by a host (the client) that wishes to synchronize with it. In this mode, if the time server polls the client to try to synchronize with it, the client does not respond. In this case, the client is said to operate in ``client mode''.

skew

A measure, in hertz, of the difference between the actual frequency of a clock and what its frequency should be to keep perfect time. See also ``drift''.

slew

To adjust gradually the time of a clock until it tells the correct time. Compare with ``step''.

step

To change the time of a clock to the correct time with no intermediate adjustments. Compare with ``slew''.

stratum

The distance a host running the ntpd time daemon is from an external source of Coordinated Universal Time (UTC). A stratum 1 server has direct access to an external source of UTC, such as a radio clock synchronized to a standard time signal broadcast. In general, a stratum n server is n-1 network hops away from a stratum 1 server. For example, a stratum 4 server is 3 hops away from a stratum 1 server. Also, a stratum n server is at a higher stratum than a stratum n-1 server. For example, a stratum 3 server is at a higher stratum than a stratum 2 server, and at a lower stratum than a stratum 4 server. See also ``time daemon''.

symmetric active mode

The mode in which a host has configured itself to poll a time server that it might synchronize with. In this mode, the host also allows itself to be polled by that time server.

symmetric passive mode

The mode in which a time server is polled by a host that has configured itself in ``symmetric active mode''. In this mode, the time server can also poll that host.

synchronization subnet

A collection of hosts that synchronize time with each other. The top layer of the subnet consists of stratum 1 servers.

synchronize clocks

To set two clocks to the same time and ensure that they are running at the same ``speed''. The speed at which a clock runs is determined by its frequency, that is, how often it ``ticks'' to the next fraction of a second. The design of a particular clock determines how small that fraction is.

synchronize with a host

To synchronize the local clock with another host's clock, either by stepping or slewing the local clock to the time reported in the NTP packet received from the most recent poll of that host.

time client

A host running the ntpd time daemon that requests a time server to furnish it with that server's best estimate of Coordinated Universal Time. Hosts running at a stratum higher than 1, except for those at the highest stratum, typically function as both time clients (polling same-stratum or lower-stratum servers) and time servers (furnishing the current time to other hosts). Compare with ``time server''.

time daemon

The program running on a host that synchronizes the host's hardware clock to Coordinated Universal Time in accordance with the protocols known as the Network Time Protocol. The name of this program is ntpd.

time server

A host running the ntpd time daemon that, upon request, furnishes its best estimate of Coordinated Universal Time. Compare with ``time client''.

trap receiver

A program that listens for NTP mode 6 packets sent from another host. The host that ``springs the trap'' by sending the mode 6 packet to the trap receiver does so in response to the occurrence of an exception. These exceptions include the following events:

The host reboots.
The host detects that its clock has been reset.
The host detects that the stratum of some other host in the synchronization subnet has changed.
The host detects that a new host has been added to the synchronization subnet.
The host detects that some other host in the synchronization subnet has become unreachable.
The host detects that some other host in the synchronization subnet has been authenticated.
The host selects another host to synchronize with.
The host detects that a system call has failed.

NTP guidelines

If your network is small, consisting of around a dozen hosts, you need only a single NTP time server on your network. Locate three time servers elsewhere on the Internet from which your time server can get the correct time. If possible, pick two stratum 1 servers and one stratum 2 server. Ideally, you should choose to get the time from servers that are closest to your host in terms of roundtrip delay. In other words, you should prefer servers for which the amount of time it takes to send a request for the current time and the time it takes to receive a response is smallest. However, there is no great harm if you select servers for which you do not know the roundtrip delay.

If, however, your network is large, consisting of dozens or hundreds of hosts, you should set up a larger number of time servers. A good rule of thumb is to have one time server for every dozen hosts. In this case, you first establish a few stratum 2 time servers, then you establish the remaining time servers as stratum 3 time servers. Finally, all of the remaining hosts, which constitute the vast majority of the hosts on the network, become stratum 4 hosts.

Following are guidelines for setting up NTP on a network of medium size.

Choose three of your local hosts to operate as stratum 2 servers. Then choose six stratum 1 servers and configure each of your stratum 2 servers to poll a distinct pair of the stratum 1 servers. If possible, see to it that each stratum 2 server polls at least one stratum 1 server for which the roundtrip delay is small. You should also configure each of the stratum 2 servers to poll both of the other stratum 2 servers. Thus, each stratum 2 server is configured to poll two stratum 1 servers elsewhere on the Internet and two stratum 2 servers connected to the local network.
From the remaining hosts, choose those you would like to operate at stratum 3. This might be all of the rest if you want to synchronize at most a couple of dozen hosts, or you might choose hosts such as file servers or those with good clocks if you need to synchronize many more hosts. Configure each stratum 3 server to poll the three stratum 2 servers.
Configure all remaining hosts to either poll or listen for broadcast packets from three or four of the nearby stratum 3 servers.
Avoid configuring hosts beyond stratum 4. Doing so makes the network unnecessarily complex and harder to manage.
Do not configure a host to poll another host at the same stratum, unless the latter is directly polling lower stratum servers that the former does not.
Do not configure hosts to poll other hosts at higher strata.

An example synchronization subnet

Assume that hosts acapulco, seattle, and moscow are stratum 2 servers in the mynet.com network. Assume also the following:

acapulco polls two stratum 1 servers, clock.llnl.gov and clepsydra.dec.com.
seattle polls two stratum 1 servers, ntp.olivetti.com and ntp1.ossi.com.
moscow polls two stratum 1 servers, apple.com and norad.arc.nasa.gov.
acapulco polls seattle and moscow.
seattle polls acapulco and moscow.
moscow polls acapulco and seattle.
chicago and the rest of the machines at mynet.com are at stratum 3 and listen for broadcast NTP packets from the three stratum 2 hosts.

A → B means A polls B or A listens for broadcast NTP packets from B.
C ←→ D means C polls D and vice versa.

Using NTP without Internet access

ntpd on SCO system machines supports a special pseudo-clock used for backup or when no other clock source is available (for example, Internet access is not available). The address of this clock should be set as follows in the ntp.conf file:

   127.127.1.u - Local synchronization clock driver

This driver doesn't support an actual clock, but rather allows the server to synchronize to its own clock, in essence to run without its stratum increasing to infinity. This can be used to run an isolated NTP synchronization network, where no standard time source is available, by allowing a free running clock to appear as if it has external synchronization to other servers.

By running the local clock at an elevated stratum, it can also be used to prevent a server's stratum from rising above a fixed value, thus allowing a synchronization subnet to synchronize to a single local server for periods when connectivity to the primary servers is lost.

The unit number of the clock (the least significant octet in the address) must lie in the range of 0 through 15 inclusive and is used as the stratum the local clock will run at. Note that the server, when synchronized to the local clock, will advertise a stratum one greater than the clock peer's stratum. More than one local clock may be configured (indeed all 16 units may be active at once), though this hardly seems useful.

It is recommended that the local clock be configured at a large stratum number, for example, 10. This will minimize problems if it is being used as a backup, or if Internet connectivity is acquired later. Since the local clock is not connected to a reliable time source such as GPS or radio signals, configuring it at an elevated stratum will cause other systems to avoid it if a more accurate source is available.

The NTP configuration file

The configuration file /etc/ntp.conf contains information that the ntpd daemon uses at startup, including:

What are the possible hosts with which to synchronize.
How to select the host with which to synchronize.
What restrictions exist on other hosts communicating with the local host.
Whether or not to broadcast NTP packets on the local network.
Whether or not to listen for broadcast NTP packets.
What the roundtrip delay is between the local host and the host on this network (if any) that is broadcasting NTP packets.
Where the driftfile is located.
Whether or not to monitor NTP connections.
Whether or not to allow runtime reconfiguration of the local host.

The syntax of the configuration file is fairly free format. Comments begin with a ``#'' character and extend to the end of the line. Comments may be inserted freely and blank lines are ignored. Configuration statements include an initial keyword followed by arguments that are separated by white space (blanks or tabs). These statements may not be split over multiple lines. A list of the configuration statements with their arguments appears below. Optional arguments are delimited by ``['' and ``]'', and alternatives are separated by ``|''.

NTP configuration statements

Below is a list of the configuration statements you can use in the NTP configuration file and an explanation of each statement. The term ``local host'' in the explanations refers to the host that you are configuring with these statements.

peer host_address [ key key_ID ] [ version version_number] [ minpoll ]

Specifies that the host with IP address host_address is to be polled in symmetric active mode. The key option indicates that all packets sent to the host at host_address are to include authentication fields encrypted using the specified key ID. The default is not to include authentication.

The version option allows you to specify the version number to use for outgoing NTP packets. The allowed values for version_number are 1 and 2. If this option is omitted, version 3 is assumed. The minpoll option specifies that the polling interval should be kept at the minimum value allowed. This maximizes the frequency with which the host is polled and should, therefore, be used only for debugging purposes.

server host_address [ key key_ID ] [ version version_number] [ minpoll ]

Specifies that the host with IP address host_address is to be polled in client mode. See the peer statement for an explanation of the remaining arguments.

broadcast IP_address [ key key_ID ] [ minpoll ]

Specifies that ntpd broadcast NTP packets to the address IP_address. This should be the broadcast address of your local network. See the peer statement for an explanation of the remaining arguments.

precision integer

Indicates the precision of the local clock as 2 raised to the integer power. The value of integer should be negative to indicate a fraction. See ``Testing and tuning NTP'' for more information.

driftfile filename

Specifies the name of the file used to record the drift that ntpd has computed. Drift is also known as ``frequency error''.

monitor flag

Indicates whether or not to enable the ntpd monitoring function. The allowed values for flag are yes and no. A valid requestkey statement must be included in the configuration file for monitoring to function. The default value for flag is no.

broadcastclient flag

Indicates whether or not the local host should listen for, and attempt to synchronize with, NTP packets broadcast by time servers on the local network. The allowed values for flag are yes and no. The default is no.

broadcastdelay seconds

Specifies the roundtrip delay in seconds between the local host and the time server that is broadcasting NTP packets. Note that you specify a roundtrip delay, even though NTP cares only about one-way delay when it actually computes the correct time. The default value for seconds is 0.008.

authenticate flag

Indicates whether or not the local server operates in authenticate mode. The allowed values for flag are yes and no. The default is no.

trustedkey key_ID

Specifies which key IDs are trusted.

keys pathname

Specifies the pathname of the keys file. At installation, the value of pathname is /etc/ntp.keys. This file must exist for the trustedkey, requestkey, and controlkey configuration statements to be valid. See ``The NTP keys file'' for more information.

requestkey key_ID . . .

Specifies the key IDs used to authenticate runtime reconfiguration requests made by ntpdc and ntpres using mode 7 control messages. The keys file must exist and properly define all of the listed key IDs for this statement to be valid. To disable runtime configuration of ntpd, omit this statement from the configuration file.

controlkey key_ID . . .

Specifies the key ID used to authenticate runtime reconfiguration requests made by ntpq and by trap receivers using mode 6 control messages. The keys file must exist and properly define all of the listed key IDs for this statement to be valid. To cause mode 6 control messages to be ignored, omit this statement from the configuration file. Doing so has the effect of disabling ntpq and trap receivers on your local host.

restrict host_address mask address_mask flag . . .

Specifies various restrictions on how certain hosts and networks can interact with the local host. See ``NTP address and mask facility'' for more information.

trap host_address port port_number interface interface_address

Configures a trap receiver at address host address and port port number. The value of interface_address must be the IP address of the local host. The host at host_address must be listening for NTP mode 6 control messages or it will not respond to the trap signal sent by the local host. This means that the host at host_address must have the controlkey statement in its configuration file and both that host and the local host must share at least one of the keys listed in that controlkey configuration statement. See ``The NTP keys file'' for more information.

resolver pathname

Indicates the full pathname of the ntpres program, which resolves network names to IP addresses. When NTP is installed, the pathname of the ntpres program is /etc/ntpres. If for some reason you move ntpres to another directory, use the pathname corresponding to its new location. You must also include the requestkey statement in the configuration file for ntpres to operate.

Example ntp.conf file

The following is an example of a minimal ntp.conf file. The name of the host in this example is acapulco.mynet.com.

# # Peer configuration for 10.0.246.16 (acapulco.mynet.com) # (expected to operate at stratum 2) # peer 128.115.14.97 # clock.llnl.gov (stratum 1 server) peer 16.1.0.22 # clepsydra.dec.com (stratum 1 server)

peer 10.0.246.11 # seattle.mynet.com peer 10.0.246.7 # moscow.mynet.com

driftfile /etc/ntp.drift

The four peer statements tell ntpd which servers to poll. The driftfile statement tells ntpd the name of the file in which to store the frequency error of the system clock. You are strongly encouraged to include this statement in the configuration file. This server is expected to operate as a stratum 2 server, because the first two servers have hardware clocks and are, therefore, stratum 1 servers.

The NTP keys file

The keys file contains a list of numeric key IDs and key values. These IDs and values are used to verify that mode 6 and mode 7 NTP packets should be processed. For example, when running the ntpdc program, you must supply a valid key ID in response to the Keyid prompt and its associated key value in response to the Password prompt. See ``Further examples of NTP'' for sample displays of this.

In addition to a key ID and its associated value, each entry also contains a one-letter code indicating the type of the key value. The precise format of an entry in the key file is:

key_ID key_type key_value

The three fields shown above are separated by any combination of blanks and tabs. Comments may appear on any line and must begin with the number sign (#).

The fields are:

key ID, which is an arbitrary, unsigned 32-bit number, written in decimal. The range of possible values is zero through 4,294,967,295. Key IDs are specified by the requestkey and controlkey statements in the configuration file.
key type, which identifies the type of key_value. Only one key format, ``M'', is currently supported. This indicates that the MD5 authentication scheme is being used. In this case, the key is a one-to-eight-character ASCII string. The one-letter code for this type is ``M''.
key value, which is a 56-bit DES encryption key that is written as 8 octets. The key value always uses odd parity.

Note that you will find it easier to specify ASCII key values, particularly for keys that are used to verify ntpdc requests. Because this file contains authorization data, you are strongly urged to limit read permission for this file. In particular, you should remove read permission for other.

Below is a sample keys file:

   #
   #
   4       M    DonTTelL
   6       M    hElloWorld
   22      M    ImASecret

The NTP clock.txt file

The file /pub/ntp/doc/clock.txt on host ftp.udel.edu is your basic source of information on the location of stratum 1 and good quality stratum 2 servers. Among other things, this file also lists:

sources for timecode receivers
sources for precision oscillators and timing receivers
call letters, location, frequencies, and coordinates for timecode transmitters
an algorithm for great-circle distance and bearing computation
information on timecode transmitters in Germany, the United Kingdom, and France

The information on primary and secondary servers in clock.txt has the following format:

   Hostname (IP address)
   Location: organization, geographic location
   Synchronization: machine type, clock type, synchronization protocol 
   Service area: networks served
   Access policy: open or closed to the public
   Contact: name and email address of contact person 
   Note: miscellaneous information

One way to get the clock.txt file is to use ftp(TC). Below is a sample session showing how you might download this file to your host.

   ftp ftp.udel.edu
   Connected to louie.udel.edu
   220 louie.udel.edu.
   Name (ftp.udel.edu:user): anonymous
   331 Guest login ok, send ident as password.
   Password: guest
   230 Guest login ok, access restrictions apply.
   ftp> cd /pub/ntp/doc
   250 CWD command successful.
   ftp> get clock.txt
   200 PORT command successful.
   150 ASCII data connection for clock.txt (10.0.246.7,1198) (90930 bytes).
   local: clock.txt remote: clock.txt
   58409 bytes received in 8 seconds (7.1 Kbytes/s)
   ftp> quit
   221 Goodbye.

The NTP driftfile

The driftfile entry in /etc/ntp.conf tells ntpd the name of the file where it can find and store the clock drift, also known as frequency error, of the system clock. If the file exists at startup, it is read and the value is used to initialize ntpd's internal value of the frequency error. The file is updated once every hour by ntpd. It usually takes a day or so after the daemon is started to compute a good estimate of the clock drift. Once the initial value is computed, it will change only by relatively small amounts during the course of continued operation. Because ntpd needs a good estimate to synchronize closely to its server, there should always be a driftfile entry in /etc/ntp.conf.

NTP association modes

There are several different modes that hosts can be directly configured to operate in with respect to synchronization with other hosts: client mode, broadcastclient mode, and symmetric active mode.

In client mode, a host polls other hosts to get the current time. From among all of the hosts polled, the local host selects one with which to synchronize. To configure your host this way, include a server statement in your host's configuration file. The name or IP address of each time server to be polled must be specified in the server statement.

In broadcastclient mode, a host does no polling at all. Rather, it listens for NTP packets broadcast over the network. From among all of the broadcasting hosts, the local host selects one with which to synchronize. To configure your host this way, include a broadcastclient yes statement in your host's configuration file. For this mode to function, the local time servers must be configured in broadcast mode with the broadcast configuration statement.

Finally, in symmetric active mode, a host polls other hosts and responds to polls from those hosts. In addition, hosts retain time-related information about the hosts with which they are communicating. To configure your host this way, include a peer statement in your host's configuration file. The name or IP address of each time server must be specified in the peer statement.

A general guideline is to configure all hosts, except those at the highest strata of the synchronization subnet (those furthest away from stratum 1 servers), to operate in symmetric active mode. For those hosts that are at the highest strata, you have a choice: configure them to operate either in client mode or in broadcastclient mode. You should consider opting for broadcastclient mode if your hosts are on a high-speed LAN that supports broadcasts efficiently, especially if the hosts number more than twenty or so.

If you do opt for broadcastclient mode on those hosts, you must configure the time servers on the local network to be both in broadcast mode (to send broadcast NTP packets on the local network) and in symmetric active mode (to poll hosts at lower strata).

NTP address and mask facility

The address and mask configuration facility adds various restrictions or erects barriers between your host and other time servers. A typical statement in the configuration file looks as follows:

restrict IP_address mask IP_address_mask flag1 flag2 . . .

Each statement adds an entry to an internal list maintained by ntpd. Each entry in this list contains the list entry address (the IP address following restrict), the address mask, and the flags. Below is a list of all of the flags and their meanings:

ignore

Indicates that all packets from hosts matching this entry will be ignored.

noquery

Indicates that your host will not respond to mode 6 and 7 packets sent from hosts with a matching address.

nomodify

Indicates that your host will not allow itself to be reconfigured by hosts with a matching address.

notrap

Indicates that your host will not allow hosts with a matching address to register as a trap receiver.

lowpriotrap

Indicates that your host will give hosts with a matching address a low priority for the use of traps.

noserve

Indicates that your host will not give the time to hosts with a matching address.

nopeer

Indicates that your host will not attempt to get time from any host with a matching address.

notrust

Indicates that hosts matching this entry, while treated normally in other respects, should not be trusted for synchronization.

When ntpd receives a packet, it compares the address of the host that sent the packet (the source address) with each entry in the internal list. Whenever the following relation (expressed in C language syntax) is true, a match occurs.

   (source_address & address_mask) == (list_entry_address & address_mask)

In words, the source address and the address mask are logically ANDed together bitwise, the list entry address and the address mask are logically ANDed together bitwise, and the two results compared for equality. If the results are equal, a match has occurred. To establish default restrictions that apply to all hosts for which no match is found, include a statement like the following in the configuration file:

   restrict default flag1 flag2 . . .

If a particular source address matches more than one list entry, the entry with the most one bits in the address mask is taken to be the matched entry. If a match is found, flags associated with this entry are returned.

Suppose that you are running ntpd on a host with IP address 10.0.246.16. You would like to ensure that runtime reconfiguration requests can be made only from the local host. Further, you would like the host to synchronize with only one of a pair of offsite servers or, failing that, a time source on the class B network whose address is 10.0. The following entries in the configuration file would implement this policy:

# By default, do not trust and do not allow modifications restrict default notrust nomodify

# These hosts are trusted for time, but no modifications allowed restrict 10.0.0.0 mask 255.255.0.0 nomodify restrict 128.115.14.97 nomodify restrict 16.1.0.22 nomodify

# These local addresses are unrestricted restrict 10.0.246.16 restrict 127.0.0.1

The first entry is the default entry, which all hosts match and hence which provides the default set of flags. The next three entries indicate that matching hosts have only the nomodify flag set and hence are trusted for time. If the mask is not specified in the restrict statement, it defaults to 255.255.255.255. Note that the address 10.0.246.16 matches three entries in the table, the default entry (mask 0.0.0.0), the entry for net 10.0 (mask 255.255.0.0), and the entry for the host itself (mask 255.255.255.255). As expected, the flags for the host are derived from the last entry, as that mask has the most bits set.

Each restrict statement applies to packets from all hosts, including those that are configured elsewhere in the configuration file. Hence, if you specify a default set of restrictions that you do not wish to apply to the hosts you are synchronizing with, you must override the default restrictions for those hosts with additional restrict statements.

NTP name resolution

The ntpd daemon can specify host names requiring resolution in peer and server statements in the configuration file. This task is actually accomplished by a separate program, ntpres. When the daemon comes across a peer or server statement in the configuration file where the host is identified by name rather than by IP address, it records the relevant information and continues. When the end of the configuration file has been reached and one or more entries requiring name resolution have been found, ntpres is started. The ntpd daemon continues running at the same time to process those hosts with numeric addresses.

The ntpres program attempts to resolve each host name, meaning that it tries to obtain the IP address associated with the named host. If it succeeds in resolving the name, it reconfigures the local host to add the newly resolved host to the list of time servers to be polled. The runtime reconfiguration of the local host is accomplished using the same mode 7 runtime reconfiguration facility that ntpdc uses. If ntpres is at first unable to resolve a hostname, it retries periodically until it succeeds or until it determines that the name cannot be resolved.

There are several configuration requirements if ntpres is to be used. The pathname of the ntpres program must be made known to the daemon with the resolver statement in the configuration file. Also, mode 7 runtime reconfiguration must be enabled with the requestkey statement and a list of valid keys (valid keys are specified in the keys file).

The following fragment might be added to /etc/ntp.conf to accomplish this:

   resolver /etc/ntpres
   keys /etc/ntp.keys
   requestkey 65535

Note that ntpres sends packets to the server with a source address of 127.0.0.1. If you are using the address-and-mask facility in the configuration file, you must take care not to restrict modification requests from this address or ntpres fails.

NTP sample scenarios

This first scenario would be used when configuring a single host to use NTP. The host seattle.mynet.com is expected to run as a stratum 2 server because it is configured to get the time from two time servers with radio clocks, ntp1.ossi.com and ntp.olivetti.com. The ntpd daemon stores the frequency error of the clock on seattle.mynet.com in /etc/driftfile. This is a good example to use if you just want to get ntpd up and running quickly. Note that it can take a day or two for a host to synchronize with a time server.

Here is the ntp.conf file for seattle.mynet.com:

# # Peer configuration for 10.0.246.11 (seattle.mynet.com) # peer 192.240.4.1 # ntp1.ossi.com peer 129.189.134.6 # ntp.olivetti.com

driftfile /etc/driftfile

This next scenario is the complete configuration for mynet.com. The configuration files here configure mynet.com to match the topology discussed in ``NTP guidelines''. All hosts can be configured dynamically with ntpd. There are no restrictions on which hosts can be designated as time servers in a given host's configuration file.

Here is the ntp.conf file for acapulco:

# # Peer configuration file for 10.0.246.16 (acapulco.mynet.com) # peer 128.115.14.97 # clock.llnl.gov peer 16.1.0.22 # clepsydra.dec.com peer seattle.mynet.com peer moscow.mynet.com

broadcast 10.0.246.255

driftfile /etc/ntp.drift resolver /etc/ntpres keys /etc/ntp.keys requestkey 65534 controlkey 65535

Here is the ntp.keys file for acapulco:

   2313      M    APassword
   65534     M    NoSecret
   65535     M    BadKey

Here is the ntp.conf file for seattle:

# # Peer configuration for seattle (10.0.246.11) # peer 129.189.134.6 # ntp.olivetti.com peer 192.240.4.1 # ntp1.ossi.com peer acapulco peer moscow

broadcast 10.0.246.255

driftfile /etc/ntp.drift resolver /etc/ntpres keys /etc/ntp.keys requestkey 65534 controlkey 65535

Here is the ntp.keys file for seattle:

   2313      M    APassword
   65534     M    NoSecret
   65535     M    BadKey

Here is the ntp.conf file for moscow:

# # Peer configuration file for 10.0.246.7 # moscow.mynet.com # peer 130.43.2.2 # apple.com peer 192.52.195.10 # norad.arc.nasa.gov peer seattle.mynet.com peer acapulco.mynet.com

broadcast 10.0.246.255

driftfile /etc/ntp.drift resolver /etc/ntpres keys /etc/ntp.keys requestkey 65534 controlkey 65535

Here is the ntp.keys file for moscow:

   2313      M    APassword
   65534     M    NoSecret
   65535     M    BadKey

Here is the ntp.conf file for chicago:

   # Peer configuration used by all stratum 3
   #      servers at mynet.com
   #
   broadcastclient  yes
   broadcastdelay   0.0500
   driftfile        /etc/ntp.drift
   resolver         /etc/ntpres
   keys             /etc/ntp.keys
   requestkey  65534
   controlkey  65535

Here is the ntp.keys file for chicago:

   2313      M    APassword
   65534     M    NoSecret
   65535     M    BadKey

Testing and tuning NTP

The server can be tuned using the precision statement. A fragment that would simply reset the precision to its default value follows:

   precision   -6

The precision statement sets the value of sys.precision. The variable sys.precision is the base two logarithm of the expected precision of the system clock. The default value is -6 on all servers. The sys.precision variable is defined in RFC 1305.

The NTP protocol makes use of sys.precision in several places. For one, sys.precision is included in packets sent to peers and is used by them as a kind of quality indicator. When faced with selecting for synchronization purposes one of several servers, all of which are at the same stratum and offer about the same network path delay, clients prefer to synchronize to those claiming the smallest (most negative) value of sys.precision. The effect is particularly pronounced when all the servers are on the same LAN. Hence, if you run several stratum 1 servers, or three or four stratum 2 servers, and you would like clients to prefer one of these over the others for synchronization, you can accomplish this by decreasing the value of sys.precision on the preferred server or by increasing this value on the other servers, or by doing both.

The other tuning parameter is the antihop aperture and is derived from sys.precision and NTP.MAXSKW using the following equation:

   antihop aperture = 2 ** sys.precision + NTP.MAXSKW

This equation says that the antihop aperture is equal to 2 raised to the sys.precision power plus NTP.MAXSKW.

Making the antihop aperture larger makes it less likely that the host will ``hop'' from the server it is currently synchronizing with to a different server. Unfortunately, this also increases the probability that the host continue to synchronize with a server whose clock is no longer accurate.

Making the antihop aperture smaller allows the host to hop more freely from server to server, but this can also cause it to generate a fair bit more NTP packet traffic than necessary and to no good purpose. Given the agreement among current stratum 1 NTP servers and the performance typical of the Internet, it is recommended that the antihop aperture be kept between 0.020 and 0.030. The default value is about 0.026.

NTP query commands

Two query programs, ntpq(ADMN) and ntpdc(ADMN), are available for use by the network administrator. The ntpq command sends queries and receives responses using NTP standard mode 6 control messages, while the ntpdc command uses NTP private mode 7 messages to send its requests. The format and content of these messages are specific to ntpdc. This command allows you to inspect a wide variety of internal counters and other state data. It also provides you with an interface to the runtime reconfiguration facility.

Both ntpdc and ntpd use seconds as the unit of time, both when reading the configuration file and when doing runtime reconfiguration. Both programs also print values in seconds. On the other hand, ntpq prints all time values in milliseconds. You must, therefore, take special care to convert values output by ntpq from milliseconds to seconds before modifying the configuration file, either manually or with ntpdc.

The ntpd daemon is designed to allow its configuration to be modified at runtime. Nearly everything that can be configured in the configuration file ntp.conf may be altered using ntpdc.

Further examples of NTP

This example demonstrates the use of ntpq and ntpdc to list the servers that chicago.mynet.com is currently polling. The server marked with an asterisk (*) is the one that chicago is currently synchronizing with. chicago is also listening for broadcast packets on the subnet with IP address 10.0.246, but no packets are currently being broadcast there. Note the difference in the units used by ntpq and ntpdc to display delay, offset, and dispersion. The former uses milliseconds, whereas the latter uses seconds.

chicago# ntpq
ntpq> peer

     remote           refid        st  when poll reach delay offset   disp
==========================================================================
 10.0.246.255     0.0.0.0       16 never   64    0    0.0   0.00  64000
*acapulco.mynet.com  clepsydra.dec  2    53   64  376   81.1  -1.00   12.4
+moscow.mynet.com    norad.arc.nas  2    11   64   37   41.2  30.00 7504.3

chicago# ntpd
ntpd> peer

     remote           local           st poll reach  delay   offset   disp
===========================================================================
*acapulco.mynet.com  10.0.246.16    2   64  376  0.0811 -0.001003 0.0124
-moscow.mynet.com    10.0.246.7     2   64   37  0.0412  0.030001 7.5043
^10.0.246.255     0.0.0.0          16   64    0  0.0000  0.000000 64.000

This information tells us, among other things, that:

chicago is currently synchronizing with acapulco.
acapulco is at stratum 2, implying that chicago is at stratum 3.
chicago is polling acapulco once every 64 seconds.
The reachability register for acapulco is octal 376.
The clock on chicago is 1 millisecond, or more precisely, 1003 microseconds, behind the clock on acapulco.
The roundtrip delay to acapulco is 81 milliseconds.
The dispersion is 12.4 milliseconds.

Troubleshooting NTP

The ntpd daemon records all problems and errors using the syslog(SLIB) system call into the file /usr/adm/syslog. You can examine this log for signs of trouble. For example, too many entries indicating that the local clock was stepped instead of slewed to the correct time suggest that the daemon is having trouble synchronizing the clock. (In this instance, more than two entries per hour on a consistent basis is probably too many.) The most likely cause is that some other program, perhaps timed, is also setting or slewing the clock.

Another sign of more than one entity setting or slewing the clock is the following message in the syslog file:

   Previous time adjustment did not complete

One of the following messages is issued when the clock of another host (the remote clock) is off by more than 1000 seconds from the clock on the local host (the local clock):

   Clock appears to be number_of_seconds seconds fast, 
   something may be wrong

   Clock appears to be number_of_seconds seconds slow, 
   something may be wrong

In this situation, ntpd will not try to synchronize with that host. If you want to synchronize with that host, you will need to set the local clock to within 1000 seconds of the remote clock. You can accomplish this by using the ntpdate(ADMN) command.

Running mixed synchronization subnets

The ntpd time daemon is an implementation of NTP version 3. By default, ntpd sends NTP packets marked as being of the version 3 variety. However, another implementation of the NTP time daemon, called ntpd, may be running on hosts you wish to poll. If this is the case, you must include the version option in the peer or server configuration statements for those hosts to force ntpd to send packets of the version 1 variety.

For example, if the host apple.com at IP address 130.43.2.2 is a host you wish to poll in symmetric active mode and you know that apple.com is running ntpd instead of ntpd, you should include the following configuration statement in your local host's ntp.conf file:

   peer 130.43.2.2 version 1     # apple.com (running ntpd)

This statement ensures that version 1 NTP packets are sent by your local host to apple.com.

For interoperability with hosts running ODT 2.0 and 3.0, you must specify ``version 2'' in your local host's ntp.conf file. For example, if the host apple.com at IP address 130.43.2.2 is a host you wish to poll in symmetric active mode and you know that apple.com is running ODT 2.0, you should include the following configuration statement in your local host's ntp.conf file:

   peer 130.43.2.2 version 2     # apple.com

For more about NTP

To obtain more information about DNS files and commands, consult the following manual pages:

 ---------------------------------------------------------
 Manual page      Purpose
 ---------------------------------------------------------
 ntpdate(ADMN)    set the date and time via NTP
 ntpq(ADMN)       standard NTP query program
 ntptrace(ADMN)   trace a chain of NTP hosts
                  back to their master time source
 ntpd(ADMN)       NTP daemon
 ntpdc(ADMN)      query/control program for the NTP daemon

To get more information about NTP and related protocols, see the following Requests for Comments (RFCs).

 -------------------------------------------------
 RFC    Title
 -------------------------------------------------
 1059   Network Time Protocol Version 1
        specification and implementation
 1119   Network Time Protocol Version 2
        specification and implementation
 1128   Measured performance of the Network Time
        Protocol in the Internet system
 1129   Internet time synchronization: The Network
        Time Protocol
 1305   Network Time Protocol Version 3