6 Network Time Protocol

The Network Time Protocol (NTP) provides accurate, dependable, and synchronized time for hosts on both wide area networks (WANs) like the Internet network and local area networks (LANs). In particular, NTP provides synchronization traceable to clocks of high absolute accuracy, and avoids synchronization to clocks keeping bad time. The Tru64 UNIX NTP subsystem is derived from the University of Delaware's implementation, NTP Version 4.98a.

This chapter describes:

The Tru64 UNIX NTP subsystem and its components

How to plan for your NTP configuration

How to configure your system to use NTP

How to enable the high-resolution clock

How to monitor hosts that are running NTP

How to query servers that are running NTP

For introductory information on NTP, see ntp_intro(7). For troubleshooting information, see Section 9.10. Also, for information about the latest releases of NTP, more examples of how to configure NTP subnets, and more extensive NTP troubleshooting information, visit the NTP website at http://www.eecis.udel.edu/~ntp.

As an alternative to NTP, you can set your system time by using the rdate command or the timed daemon.

Note

The timed daemon is provided only for compatibility; use NTP for time synchronization. If you plan to run both the timed daemon and NTP, configure NTP first and run the timed daemon with the -E option.

For more information on the rdate command, see rdate(8) and ntp_manual_setup(7).

For more information on the timed daemon, see timed(8) and timedsetup(8).

6.1 NTP Environment

In the NTP environment, systems can have the following roles:

Client -- An NTP client system is a system that synchronizes its time with local NTP servers.

Server -- An NTP server is a local system that synchronizes its time with an Internet NTP server or with a local reference clock, or both for better accuracy.

Figure 6-1 shows a sample NTP configuration on a LAN in which host D is an NTP server that uses a local reference clock as its time source. Hosts A, B, C, E, F, and G are NTP clients, synchronizing their time with host D.

Figure 6-1: Sample NTP Configuration (Local Clock)

Figure 6-2 shows a sample NTP configuration in which host D is an NTP server that uses an Internet time server as its time source. Hosts A, B, C, E, F, and G are NTP clients, synchronizing their time with host D.

Figure 6-2: Sample NTP Configuration (Internet Source)

6.2 Planning NTP

Your system can be a local NTP server or an NTP client, or both. Figure 6-3 shows the NTP Setup Worksheet, which you can use to record the information required to configure NTP. If you are viewing this manual online, you can use the print feature to print a copy of this worksheet. The following sections explain the information you need to record on the worksheet.

Figure 6-3: NTP Setup Worksheet

6.2.1 Server Information

Time source

Your system's time source. For local NTP servers, the time source is one of the following:

Internet NTP servers -- If your system is connected to the Internet, you can obtain a list of possible NTP Internet servers from http://www.eecis.udel.edu/~ntp on the World Wide Web. Select a minimum of three systems from the server list with which to synchronize the time on your local NTP servers. Obtain permission from the contact person listed for each Internet server before specifying it as a server for your local NTP servers.

A reference clock -- If your network is not connected to the Internet network, you can select a system on your network to configure with a reference clock, which obtains its time via radio broadcasts or satellite transmissions. As a last resort, if no Internet servers or reference clock devices are available, you can select a system on your network to configure with a local reference clock, which means that the system uses its own CPU timekeeping unit as a reference clock.
See ntp_manual_setup(7) and ntp.conf(4) for information about configuring different types of reference clocks.

Server Internet address

The IP address of the Internet NTP server or the local reference clock. Local NTP servers are the time sources for NTP clients.

Server name

The host name of the Internet NTP server.

Version

The version of NTP daemon running on the Internet NTP server or the local reference clock. This can be Version 1 (the ntpd daemon), Version 2 (the xntpd daemon), or Version 3 (the xntpd daemon). Servers running Version 3.2 or earlier of the Tru64 UNIX operating system run Version 2 (the xntpd daemon); servers running Version 4.0 of the Tru64 UNIX operating system run Version 3 (the xntpd daemon).

Stratum

A stratum value describes the accuracy of a system's reference clock: the higher the number, the less accurate the clock.

If you are configuring a local reference clock, you can specify a higher stratum value to indicate that the clock's time is not very accurate. This discourages other systems from using your clock as a reliable time source, because NTP clients will obtain the time from the server with the lowest stratum they can find. For example, if you set a stratum of 8 for your local reference clock, NTP clients will ignore your server and use a server with stratum 2 or lower (if one can be found).

You can supply a value from 0 to 15 for the Stratum field; however it is best not to override the default value assigned by NTP unless you have a specific reason for doing so. For local reference clocks, that default value is 3. For other clocks, the default value is 0.

6.2.2 Client Information

Local NTP server address: The local NTP server IP address. Local NTP servers are the time sources for NTP clients.
Server name: The local NTP server name.
Version: The version of NTP daemon running on the local NTP server. This can be Version 1 (the ntpd daemon), Version 2 (the xntpd daemon), or Version 3 the (the xntpd daemon). Servers running Version 3.2 or earlier of the Tru64 UNIX operating system run Version 2 (the xntpd daemon); servers running Version 4.0 of the Tru64 UNIX operating system run Version 3 (the xntpd daemon).

6.3 Configuring NTP

Use the SysMan Menu application of the Common Desktop Environment (CDE) Application Manager to configure NTP servers and clients. To invoke the SysMan Menu application, follow the instructions in Section 1.2.1.

Note

Do not use the SysMan Menu to configure NTP on local NTP servers that use a local or external reference clock as a time source. Instead, see ntp_manual_setup(7) for instructions.
Also, if you plan to use both NTP and the timed daemon, set up NTP prior to setting up the timed daemon.

To configure NTP, do the following:

From the SysMan Menu, select Networking-->Additional Network Services-->Network Time Protocol (NTP)-->Configure system as an NTP client to display the Configure NTP Client dialog box.
Alternatively, enter the following command on a command line:
```
# /usr/bin/sysman ntp_config
```

Indicate whether you want to enable authentication by selecting the appropriate check box. If you choose to enable authentication, you must enter at least one authentication key as follows; repeat the steps to add additional keys:
1. Select Add under the Authentication Keys list to display the Add/Modify dialog box.
2. Enter the Key Number and Key for a peer or peers. The Key Number is a number from 1-15 that identifies the Key. The Key is an alphanumeric password of 1-8 characters with no spaces.
3. Select OK to add the authentication key to the list and to dismiss the Add/Modify dialog box.
Your authentication keys are stored in the /etc/ntp.keys file when you save your configuration and close the Configure NTP Client dialog box.

Select Add under the Servers & Peers list to display the Add/Modify dialog box.

Enter the host name, mode, version, and key number for an NTP server. If the NTP Server's IP address is not available through DNS or NIS, you must add it to the /etc/hosts database on your system as described in Network Administration: Connections.
For clients, enter the information for an NTP server that is local to your site.
For servers, enter the information for an Internet NTP server or a local reference clock. (See Section 6.2 for information.) If you are configuring a local reference clock and you need to override the default stratum that the xntpd daemon assigns to it, select the Fudge Factor check box and select a value from 0 to 15 for the Stratum field.
The information will be recorded in the /etc/ntp.conf file. For clients, entries in this file are designated as server entries because clients can synchronize their time only with these systems. An NTP server, however, can contain server and peer entries in its ntp.conf file. A peer system can be synchronized to another system's time or it can synchronize another system's time to its own.

Select OK to validate the parameters you entered and to dismiss the Add/Modify dialog box. To add other NTP servers, repeat steps 3 through 5. It is best to specify at least three servers.

Indicate whether you want to correct large time differences by selecting the appropriate check box.
This option, enabled by default, allows xntpd to correct differences of more than 1000 seconds between your system time and your system's NTP server's time that occur after the xntpd daemon is started. The ntpdate command is run at boot time by the /sbin/init.d/settime script to correct initial time differences. If your system is sensitive to security threats, do not enable this option. If you do not use this option, time differences of more than 1000 seconds will cause the xntpd daemon to log a message to the syslogd daemon and exit.

Indicate whether you want to prevent time from being set backwards by selecting the appropriate check box. The default is to allow the xntpd daemon to set the system time backward.

Select OK to accept the configuration and to close the Configure NTP Client dialog box.

A new dialog box is displayed indicating that the changes have been saved and prompting you to start the xntpd daemon.

Select Yes to start the daemon and apply your changes immediately, or select No to close the Configure NTP Client dialog box and apply the changes the next time you reboot your system.

Note

When you start NTP, the system attempts to synchronize its clock with an NTP server's clock. If you previously enabled a screen saver on your system, the time difference might be enough to activate it. In some cases, this blanks the screen, but it does not harm the system. Move the mouse or hit a key on the keyboard to reactivate the display.

If you choose Yes, you are informed that the NTP daemons have been started. Select OK to dismiss the message and to close the Configure NTP Client dialog box.

You can modify your NTP configuration after the initial setup. You can also stop and restart the xntpd daemon as necessary. See the online help for more information.

6.4 Enabling the High-Resolution Clock

The operating system includes an optional high-resolution clock that can be used for time-stamping and for measuring events that occur on the order of microseconds, such as the time spent in a critical code path. Programmers might be able to use this information to find the source of a bug or to determine where a program can be optimized to improve performance.

To enable the high-resolution clock, add the following line to the kernel configuration file and rebuild the kernel:

options MICRO_TIME

The system clock (CLOCK_REALTIME) resolution as returned by the clock_getres function does not change, nor does the timer resolution. However, the time as returned by the clock_gettime routine is extrapolated between the clock ticks, and the granularity of the time returned is in microseconds. The resulting time values are SMP-safe, they are monotonically increasing, and they have an apparent resolution of 1 microsecond.

6.5 Monitoring Hosts Running the xntpd Daemon

You can monitor the hosts running the xntpd daemon by using either the ntpq command or the xntpdc command.

To monitor the local host's NTP status using the ntpq command, use the following syntax:

ntpq [options...]

To monitor remote hosts' NTP status using the ntpq command, use the following syntax:

ntpq [options...] host1 host2...

Table 6-1 shows the ntpq command options.

Table 6-1: Options to the ntpq Command

Option	Function
`-c subcommand`	Interprets `subcommand` as an interactive format command and adds it to a list of commands to be executed on the specified host or hosts
`-i`	Forces `ntpq` to operate in interactive mode
`-p`	Prints a list of peers and a summary of their state

You can specify ntpq subcommands on the command line with the -c option, or you can run the ntpq program interactively with the -i option. When you are finished entering subcommands in interactive mode, enter quit to exit the program.

By default, the subcommands apply to the local host. You can specify a host other than the local host on the command line or with the host subcommand in interactive mode. See ntpq(8) for more information about this command and its subcommands.

The following example shows normal output from the ntpq command with the -p option (or peers subcommand):

% ntpq -p
     remote           refid      st  when poll reach  delay  offset   disp
==========================================================================
*host2.corp.com  host121.corp.co  2    47   64  377    31.3   93.94   16.5
+host4.corp.com  host2.corp.com   3   212 1024  377    33.8   89.58   16.9
 host8.corp.com  host2.corp.com  16 never   64    0     0.0    0.00  64000

The last line of the previous example shows that host8 is either not running NTP or cannot be reached.

To monitor the local host's NTP status using the xntpdc command, use the following syntax:

xntpdc [options...]

To monitor remote hosts' NTP status using the xntpdc command, use the following syntax:

xntpdc [options...] host1 host2...

Note

The latest versions of the xntpdc command and xntpd daemon, delivered with NTP Version 4, are incompatible with previous versions of NTP. If you use the latest xntpdc command to collect information from an older xntpd daemon, or an older xntpdc command to collect information from the latest xntpd daemon, you will receive inconsistent results.

Table 6-2 shows some of the xntpdc command options.

Table 6-2: Options to the xntpdc Command

Option	Function
`-c subcommand`	Interprets `subcommand` as an interactive format command and adds it to a list of commands to be executed on the specified host or hosts.
`-i`	Forces `xntpdc` to operate in interactive mode.
`-l`	Prints a list of peers that are known to the server.
`-p`	Prints a list of peers and a summary of their state. This is similar in format to the `ntpq -p` command.

See xntpdc(8) for more information on this command and its subcommands.

The following example shows normal output from the xntpdc command with the -p option:

% xntpdc -p
     remote           refid      st  when poll reach  delay  offset   disp
==========================================================================
*host2.corp.com host121.corp.co   2    47   64   377   31.3   93.94   16.5
+host4.corp.com host2.corp.com    3   212 1024   377   33.8   89.58   16.9
.host5.corp.com host12.usc.edu    2   111 1024   377   39.1   46.98   17.7

6.6 Querying Servers Running NTP

You can query time by using the ntp and ntpdate commands. However, it is best to use the ntpdate command because it works with all versions of NTP and provides additional features.