NTP Configuration

The main NTP daemon, xntpd , reads its configuration file, /etc/inet/ntp.conf , when it starts up. The contents of the configuration file determine whether the system is a client or a server and also the address of the time server. This section describes the configuration options, as well as how to configure an NTP server and an NTP client.

NTP can be configured in a number of ways:

• The local system can be used as the reference time source.

• Another server on the local network can be used as the reference time source. This is preferred if you need to have all systems on the local network synchronized ”it might not be to the correct time, but all the systems can be synchronized at the same time.

• A server on the Internet can be used as the reference time source. A list of publicly available NTP servers can be found on the Web at www.ntp.org.

• A broadcast time signal, such as a GPS signal, can be used as the reference time source. This requires the installation of an interface card in the host to be configured. The IP address of the server, specified in the configuration file is of the form 127.127.t.u , where t is an integer that represents the clock type and u is an integer that indicates the unit number within the clock type.

The next two sections show how to set up an NTP server and an NTP client. Table 13.1 shows the current list of available clock types that can be used.

Table 13.1. Available Clock Types

As an example, it can be seen from Table 13.1 that a server with an IP address of 127.127.11.0 indicates that an Arbiter 1088A/B GPS Receiver is being used and is installed as unit 0.

The clock types are listed in the template server configuration file /etc/inet/ ntp.server .

Setting Up an NTP Server

To configure a system as an NTP server, the configuration file template /etc/inet/ntp.server needs to be copied to /etc/inet/ntp.conf . This file should be edited to suit your own configuration requirements. /etc/inet/ntp.server contains a valid list of clock types as well as server configuration parameters. The parameters are shown in the following example:

 # cat /etc/inet/ntp.server # ident "@(#)ntp.server 1.6     00/07/17 SMI" # # /etc/inet/ntp.server # # An example file that could be copied over to /etc/inet/ntp.conf and # edited; it provides a configuration template for a server that # listens to an external hardware clock, synchronizes the local clock, # and announces itself on the NTP multicast net. # # This is the external clock device.  The following devices are # recognized by xntpd 3-5.93e: # # XType Device    RefID          Description # ------------------------------------------------------- #  1    local     LCL            Undisciplined Local Clock ... (Truncated output) # # * All TrueTime receivers are now supported by one driver, type 5. #   Types 15 and 25 will be retained only for a limited time and may #   be reassigned in future. # # Some of the devices benefit from "fudge" factors.  See the xntpd # documentation. server 127.127.XType.0 prefer fudge 127.127.XType.0 stratum 0 broadcast 224.0.1.1 ttl 4 enable auth monitor driftfile /var/ntp/ntp.drift statsdir /var/ntp/ntpstats/ filegen peerstats file peerstats type day enable filegen loopstats file loopstats type day enable filegen clockstats file clockstats type day enable keys /etc/inet/ntp.keys trustedkey 0 requestkey 0 controlkey 0 

The parameters of interest are described here:

• server 127.127.Xtype.0 prefer ” The IP address of the preferred NTP server. To configure a local undisciplined clock as the server, you would change this to 127.127.1.0 . The prefer option is used when multiple servers are defined, to define a preference weighting for the order in which servers are referenced. An undisciplined clock is one that does not get its time from a reliable time source, such as a GPS signal. It is used to synchronize systems on a network with the same time, which is not necessarily absolutely correct.

• fudge 127.127.Xtype.0 stratum 0 ” The fudge option is used for special configuration options. For example, it can be used to change the stratum level of a reference clock: The lower the stratum level, the more reliable the source.

• broadcast 224.0.1.1 ttl 4 ” This is the multicast address that the server uses to broadcast to the network. The ttl 4 parameter specifies that the broadcast will time out in 4 seconds.

• enable auth monitor ” Enables the authentication and monitoring facility.

• driftfile /var/ntp/ntp.drift ” The default location of the drift file.

• statsdir /var/ntp/ntpstats/ ” This is the default location of the directory containing NTP statistics.

• filegen entries ” These (optional) three entries generate daily NTP statistics and are as follows :

  • loopstats ” Each update of the local clock is recorded.

  • peerstats ” Enables the recording of NTP peer server statistics and logs updates from peer NTP servers.

  • clockstats ” Collects statistics from the clock driver, that is, the software controlling a reference clock.

• keys /etc/inet/ntp.keys ” The default location for the key file if authentication is used.

• key entries ” These three entries define secure identifiers providing a mechanism for NTP clients and servers to authenticate each other (this is described fully in RFC 1305). The three entries are as follows:

  • controlkey ” Specifies a key identifier between 1 and 65535 that is used to authenticate commands issued to the ntpq program.

  • requestkey ” Specifies a key identifier between 1 and 65535 that is used to authenticate commands issued to the xntpdc program.

  • trustedkey ” Specifies the key identifiers that are trusted for commands issued to the ntpq and xntpdc commands. The values in this entry should be the same as those for the controlkey and requestkey entries.

After you have configured the ntp.conf file, create an empty drift file at the location specified in the configuration file and then start the xntpd daemon as follows:

 # /etc/init.d/xntpd start 

Setting Up an NTP Client

To configure a system as an NTP client, the configuration file template /etc/inet/ntp.client needs to be copied to /etc/inet/ntp.conf . This file doesn't normally need to be edited, as shown here:

 # cat /etc/inet/ntp.client # ident "@(#)ntp.client 1.3     00/07/17 SMI" # # /etc/inet/ntp.client # # An example file that could be copied over to /etc/inet/ntp.conf; it # provides a configuration for a host that passively waits for a server # to provide NTP packets on the ntp multicast net. # multicastclient 224.0.1.1 

The file contains only one entry by default, which uses the default multicast address to find NTP servers.

After you have configured the ntp.conf file, start the xntpd daemon as follows:

 # /etc/init.d/xntpd start 

When the /etc/init.d/xntpd script is run to start the NTP daemon, the ntpdate command is run to set the time initially. See the online manual page for ntpdate for a detailed description of this command.

The NTP Daemon

The daemon that controls NTP is xntpd and is started via the startup script /etc/rc2.d/S74xntpd .

The startup script for NTP resides in the /etc/rc2.d directory, so it is started when the system enters run level 2. The file /etc/init.d/xntpd is the same file, as the two are hard linked. This is confirmed by listing the inode of both files as shown in the following:

 # ls -i /etc/rc2.d/S74xntpd /etc/init.d/xntpd      90358 /etc/init.d/xntpd         90358 /etc/rc2.d/S74xntpd 

Notice that both of the files have the same inode number of 90358 . Either of these two scripts can be used to start and stop the xntpd daemon.

When the daemon is started, it reads from a configuration file /etc/inet/ntp.conf , which contains a number of configuration options and also determines whether the machine is a client or a server.

The xntpd daemon starts only if the configuration file /etc/inet/ntp.conf exists.

The xntpd daemon functions like this:

1. NTP servers advertise on the network every 64 seconds, using the multicast address 224.0.1.1 . The advertisement lets other systems know that this system is an NTP server.

2. When a server receives a request packet from a client, which also contains the client's time, it replies by inserting the correct time into the packet and returns it to the client.

3. The client compares this packet with what it has received and adjusts its clock accordingly . A client waits for several responses from a server (or a number of servers) before synchronizing its clock, so it can take up to about five minutes for an NTP client to synchronize with an NTP server.

Using ntpq to Identify Other NTP Servers

The ntpq command is an NTP query program that can be used to determine whether any NTP peer servers are on the network. The following example shows how to run the command:

 # ntpq ntpq> peers *LOCAL(0)        LOCAL(0)         3 l   64   64  377     0.00    0.000 10.03  224.0.1.1       0.0.0.0         16 -    -   64    0     0.00    0.000 16000.0 +sparc5          LOCAL(0)         4 u   27   64  377     0.02  391.027 10.22 ntpq> quit # 

In the example, there are two servers: One is the local system that is acting as an NTP server, and the other is the host named sparc5 .