1*2b15cb3dSCy Schubert<html lang="en"> 2*2b15cb3dSCy Schubert<head> 3*2b15cb3dSCy Schubert<title>NTP Configuration File User's Manual</title> 4*2b15cb3dSCy Schubert<meta http-equiv="Content-Type" content="text/html"> 5*2b15cb3dSCy Schubert<meta name="description" content="NTP Configuration File User's Manual"> 6*2b15cb3dSCy Schubert<meta name="generator" content="makeinfo 4.7"> 7*2b15cb3dSCy Schubert<link title="Top" rel="top" href="#Top"> 8*2b15cb3dSCy Schubert<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage"> 9*2b15cb3dSCy Schubert<meta http-equiv="Content-Style-Type" content="text/css"> 10*2b15cb3dSCy Schubert<style type="text/css"><!-- 11*2b15cb3dSCy Schubert pre.display { font-family:inherit } 12*2b15cb3dSCy Schubert pre.format { font-family:inherit } 13*2b15cb3dSCy Schubert pre.smalldisplay { font-family:inherit; font-size:smaller } 14*2b15cb3dSCy Schubert pre.smallformat { font-family:inherit; font-size:smaller } 15*2b15cb3dSCy Schubert pre.smallexample { font-size:smaller } 16*2b15cb3dSCy Schubert pre.smalllisp { font-size:smaller } 17*2b15cb3dSCy Schubert span.sc { font-variant:small-caps } 18*2b15cb3dSCy Schubert span.roman { font-family: serif; font-weight: normal; } 19*2b15cb3dSCy Schubert--></style> 20*2b15cb3dSCy Schubert</head> 21*2b15cb3dSCy Schubert<body> 22*2b15cb3dSCy Schubert<h1 class="settitle">NTP Configuration File User's Manual</h1> 23*2b15cb3dSCy Schubert<div class="node"> 24*2b15cb3dSCy Schubert<p><hr> 25*2b15cb3dSCy Schubert<a name="Top"></a>Next: <a rel="next" accesskey="n" href="#ntp_002econf-Description">ntp.conf Description</a>, 26*2b15cb3dSCy SchubertPrevious: <a rel="previous" accesskey="p" href="#dir">(dir)</a>, 27*2b15cb3dSCy SchubertUp: <a rel="up" accesskey="u" href="#dir">(dir)</a> 28*2b15cb3dSCy Schubert<br> 29*2b15cb3dSCy Schubert</div> 30*2b15cb3dSCy Schubert 31*2b15cb3dSCy Schubert<h2 class="unnumbered">NTP's Configuration File User Manual</h2> 32*2b15cb3dSCy Schubert 33*2b15cb3dSCy Schubert<p>This document describes the configuration file for the NTP Project's 34*2b15cb3dSCy Schubert<code>ntpd</code> program. 35*2b15cb3dSCy Schubert 36*2b15cb3dSCy Schubert <p>This document applies to version 4.2.8p1 of <code>ntp.conf</code>. 37*2b15cb3dSCy Schubert 38*2b15cb3dSCy Schubert <div class="shortcontents"> 39*2b15cb3dSCy Schubert<h2>Short Contents</h2> 40*2b15cb3dSCy Schubert<ul> 41*2b15cb3dSCy Schubert<a href="#Top">NTP's Configuration File User Manual</a> 42*2b15cb3dSCy Schubert</ul> 43*2b15cb3dSCy Schubert</div> 44*2b15cb3dSCy Schubert 45*2b15cb3dSCy Schubert<ul class="menu"> 46*2b15cb3dSCy Schubert<li><a accesskey="1" href="#ntp_002econf-Description">ntp.conf Description</a> 47*2b15cb3dSCy Schubert<li><a accesskey="2" href="#ntp_002econf-Notes">ntp.conf Notes</a> 48*2b15cb3dSCy Schubert</ul> 49*2b15cb3dSCy Schubert 50*2b15cb3dSCy Schubert<div class="node"> 51*2b15cb3dSCy Schubert<p><hr> 52*2b15cb3dSCy Schubert<a name="ntp_002econf-Description"></a>Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>, 53*2b15cb3dSCy SchubertUp: <a rel="up" accesskey="u" href="#Top">Top</a> 54*2b15cb3dSCy Schubert<br> 55*2b15cb3dSCy Schubert</div> 56*2b15cb3dSCy Schubert 57*2b15cb3dSCy Schubert<!-- node-name, next, previous, up --> 58*2b15cb3dSCy Schubert<h3 class="section">Description</h3> 59*2b15cb3dSCy Schubert 60*2b15cb3dSCy Schubert<p>The behavior of <code>ntpd</code> can be changed by a configuration file, 61*2b15cb3dSCy Schubertby default <code>ntp.conf</code>. 62*2b15cb3dSCy Schubert 63*2b15cb3dSCy Schubert<div class="node"> 64*2b15cb3dSCy Schubert<p><hr> 65*2b15cb3dSCy Schubert<a name="ntp_002econf-Notes"></a> 66*2b15cb3dSCy Schubert<br> 67*2b15cb3dSCy Schubert</div> 68*2b15cb3dSCy Schubert 69*2b15cb3dSCy Schubert<h3 class="section">Notes about ntp.conf</h3> 70*2b15cb3dSCy Schubert 71*2b15cb3dSCy Schubert<p><a name="index-ntp_002econf-1"></a><a name="index-Network-Time-Protocol-_0028NTP_0029-daemon-configuration-file-format-2"></a> 72*2b15cb3dSCy Schubert 73*2b15cb3dSCy Schubert <p>The 74*2b15cb3dSCy Schubert<code>ntp.conf</code> 75*2b15cb3dSCy Schubertconfiguration file is read at initial startup by the 76*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 77*2b15cb3dSCy Schubertdaemon in order to specify the synchronization sources, 78*2b15cb3dSCy Schubertmodes and other related information. 79*2b15cb3dSCy SchubertUsually, it is installed in the 80*2b15cb3dSCy Schubert<span class="file">/etc</span> 81*2b15cb3dSCy Schubertdirectory, 82*2b15cb3dSCy Schubertbut could be installed elsewhere 83*2b15cb3dSCy Schubert(see the daemon's 84*2b15cb3dSCy Schubert<code>-c</code> 85*2b15cb3dSCy Schubertcommand line option). 86*2b15cb3dSCy Schubert 87*2b15cb3dSCy Schubert <p>The file format is similar to other 88*2b15cb3dSCy Schubert<span class="sc">unix</span> 89*2b15cb3dSCy Schubertconfiguration files. 90*2b15cb3dSCy SchubertComments begin with a 91*2b15cb3dSCy Schubert# 92*2b15cb3dSCy Schubertcharacter and extend to the end of the line; 93*2b15cb3dSCy Schubertblank lines are ignored. 94*2b15cb3dSCy SchubertConfiguration commands consist of an initial keyword 95*2b15cb3dSCy Schubertfollowed by a list of arguments, 96*2b15cb3dSCy Schubertsome of which may be optional, separated by whitespace. 97*2b15cb3dSCy SchubertCommands may not be continued over multiple lines. 98*2b15cb3dSCy SchubertArguments may be host names, 99*2b15cb3dSCy Schuberthost addresses written in numeric, dotted-quad form, 100*2b15cb3dSCy Schubertintegers, floating point numbers (when specifying times in seconds) 101*2b15cb3dSCy Schubertand text strings. 102*2b15cb3dSCy Schubert 103*2b15cb3dSCy Schubert <p>The rest of this page describes the configuration and control options. 104*2b15cb3dSCy SchubertThe 105*2b15cb3dSCy Schubert"Notes on Configuring NTP and Setting up an NTP Subnet" 106*2b15cb3dSCy Schubertpage 107*2b15cb3dSCy Schubert(available as part of the HTML documentation 108*2b15cb3dSCy Schubertprovided in 109*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>) 110*2b15cb3dSCy Schubertcontains an extended discussion of these options. 111*2b15cb3dSCy SchubertIn addition to the discussion of general 112*2b15cb3dSCy Schubert<a href="#Configuration-Options">Configuration Options</a>, 113*2b15cb3dSCy Schubertthere are sections describing the following supported functionality 114*2b15cb3dSCy Schubertand the options used to control it: 115*2b15cb3dSCy Schubert <ul> 116*2b15cb3dSCy Schubert<li><a href="#Authentication-Support">Authentication Support</a> 117*2b15cb3dSCy Schubert<li><a href="#Monitoring-Support">Monitoring Support</a> 118*2b15cb3dSCy Schubert<li><a href="#Access-Control-Support">Access Control Support</a> 119*2b15cb3dSCy Schubert<li><a href="#Automatic-NTP-Configuration-Options">Automatic NTP Configuration Options</a> 120*2b15cb3dSCy Schubert<li><a href="#Reference-Clock-Support">Reference Clock Support</a> 121*2b15cb3dSCy Schubert<li><a href="#Miscellaneous-Options">Miscellaneous Options</a> 122*2b15cb3dSCy Schubert</ul> 123*2b15cb3dSCy Schubert 124*2b15cb3dSCy Schubert <p>Following these is a section describing 125*2b15cb3dSCy Schubert<a href="#Miscellaneous-Options">Miscellaneous Options</a>. 126*2b15cb3dSCy SchubertWhile there is a rich set of options available, 127*2b15cb3dSCy Schubertthe only required option is one or more 128*2b15cb3dSCy Schubert<code>pool</code>, 129*2b15cb3dSCy Schubert<code>server</code>, 130*2b15cb3dSCy Schubert<code>peer</code>, 131*2b15cb3dSCy Schubert<code>broadcast</code> 132*2b15cb3dSCy Schubertor 133*2b15cb3dSCy Schubert<code>manycastclient</code> 134*2b15cb3dSCy Schubertcommands. 135*2b15cb3dSCy Schubert<div class="node"> 136*2b15cb3dSCy Schubert<p><hr> 137*2b15cb3dSCy Schubert<a name="Configuration-Support"></a> 138*2b15cb3dSCy Schubert<br> 139*2b15cb3dSCy Schubert</div> 140*2b15cb3dSCy Schubert 141*2b15cb3dSCy Schubert<h4 class="subsection">Configuration Support</h4> 142*2b15cb3dSCy Schubert 143*2b15cb3dSCy Schubert<p>Following is a description of the configuration commands in 144*2b15cb3dSCy SchubertNTPv4. 145*2b15cb3dSCy SchubertThese commands have the same basic functions as in NTPv3 and 146*2b15cb3dSCy Schubertin some cases new functions and new arguments. 147*2b15cb3dSCy SchubertThere are two 148*2b15cb3dSCy Schubertclasses of commands, configuration commands that configure a 149*2b15cb3dSCy Schubertpersistent association with a remote server or peer or reference 150*2b15cb3dSCy Schubertclock, and auxiliary commands that specify environmental variables 151*2b15cb3dSCy Schubertthat control various related operations. 152*2b15cb3dSCy Schubert 153*2b15cb3dSCy Schubert<h5 class="subsubsection">Configuration Commands</h5> 154*2b15cb3dSCy Schubert 155*2b15cb3dSCy Schubert<p>The various modes are determined by the command keyword and the 156*2b15cb3dSCy Schuberttype of the required IP address. 157*2b15cb3dSCy SchubertAddresses are classed by type as 158*2b15cb3dSCy Schubert(s) a remote server or peer (IPv4 class A, B and C), (b) the 159*2b15cb3dSCy Schubertbroadcast address of a local interface, (m) a multicast address (IPv4 160*2b15cb3dSCy Schubertclass D), or (r) a reference clock address (127.127.x.x). 161*2b15cb3dSCy SchubertNote that 162*2b15cb3dSCy Schubertonly those options applicable to each command are listed below. 163*2b15cb3dSCy SchubertUse 164*2b15cb3dSCy Schubertof options not listed may not be caught as an error, but may result 165*2b15cb3dSCy Schubertin some weird and even destructive behavior. 166*2b15cb3dSCy Schubert 167*2b15cb3dSCy Schubert <p>If the Basic Socket Interface Extensions for IPv6 (RFC-2553) 168*2b15cb3dSCy Schubertis detected, support for the IPv6 address family is generated 169*2b15cb3dSCy Schubertin addition to the default support of the IPv4 address family. 170*2b15cb3dSCy SchubertIn a few cases, including the reslist billboard generated 171*2b15cb3dSCy Schubertby ntpdc, IPv6 addresses are automatically generated. 172*2b15cb3dSCy SchubertIPv6 addresses can be identified by the presence of colons 173*2b15cb3dSCy Schubert: 174*2b15cb3dSCy Schubertin the address field. 175*2b15cb3dSCy SchubertIPv6 addresses can be used almost everywhere where 176*2b15cb3dSCy SchubertIPv4 addresses can be used, 177*2b15cb3dSCy Schubertwith the exception of reference clock addresses, 178*2b15cb3dSCy Schubertwhich are always IPv4. 179*2b15cb3dSCy Schubert 180*2b15cb3dSCy Schubert <p>Note that in contexts where a host name is expected, a 181*2b15cb3dSCy Schubert<code>-4</code> 182*2b15cb3dSCy Schubertqualifier preceding 183*2b15cb3dSCy Schubertthe host name forces DNS resolution to the IPv4 namespace, 184*2b15cb3dSCy Schubertwhile a 185*2b15cb3dSCy Schubert<code>-6</code> 186*2b15cb3dSCy Schubertqualifier forces DNS resolution to the IPv6 namespace. 187*2b15cb3dSCy SchubertSee IPv6 references for the 188*2b15cb3dSCy Schubertequivalent classes for that address family. 189*2b15cb3dSCy Schubert <dl> 190*2b15cb3dSCy Schubert<dt><code>pool</code> <kbd>address</kbd> <code>[burst]</code> <code>[iburst]</code> <code>[version </code><kbd>version</kbd><code>]</code> <code>[prefer]</code> <code>[minpoll </code><kbd>minpoll</kbd><code>]</code> <code>[maxpoll </code><kbd>maxpoll</kbd><code>]</code><br><dt><code>server</code> <kbd>address</kbd> <code>[key </code><kbd>key</kbd> <kbd>|</kbd><code> autokey]</code> <code>[burst]</code> <code>[iburst]</code> <code>[version </code><kbd>version</kbd><code>]</code> <code>[prefer]</code> <code>[minpoll </code><kbd>minpoll</kbd><code>]</code> <code>[maxpoll </code><kbd>maxpoll</kbd><code>]</code><br><dt><code>peer</code> <kbd>address</kbd> <code>[key </code><kbd>key</kbd> <kbd>|</kbd><code> autokey]</code> <code>[version </code><kbd>version</kbd><code>]</code> <code>[prefer]</code> <code>[minpoll </code><kbd>minpoll</kbd><code>]</code> <code>[maxpoll </code><kbd>maxpoll</kbd><code>]</code><br><dt><code>broadcast</code> <kbd>address</kbd> <code>[key </code><kbd>key</kbd> <kbd>|</kbd><code> autokey]</code> <code>[version </code><kbd>version</kbd><code>]</code> <code>[prefer]</code> <code>[minpoll </code><kbd>minpoll</kbd><code>]</code> <code>[ttl </code><kbd>ttl</kbd><code>]</code><br><dt><code>manycastclient</code> <kbd>address</kbd> <code>[key </code><kbd>key</kbd> <kbd>|</kbd><code> autokey]</code> <code>[version </code><kbd>version</kbd><code>]</code> <code>[prefer]</code> <code>[minpoll </code><kbd>minpoll</kbd><code>]</code> <code>[maxpoll </code><kbd>maxpoll</kbd><code>]</code> <code>[ttl </code><kbd>ttl</kbd><code>]</code><dd></dl> 191*2b15cb3dSCy Schubert 192*2b15cb3dSCy Schubert <p>These five commands specify the time server name or address to 193*2b15cb3dSCy Schubertbe used and the mode in which to operate. 194*2b15cb3dSCy SchubertThe 195*2b15cb3dSCy Schubert<kbd>address</kbd> 196*2b15cb3dSCy Schubertcan be 197*2b15cb3dSCy Schuberteither a DNS name or an IP address in dotted-quad notation. 198*2b15cb3dSCy SchubertAdditional information on association behavior can be found in the 199*2b15cb3dSCy Schubert"Association Management" 200*2b15cb3dSCy Schubertpage 201*2b15cb3dSCy Schubert(available as part of the HTML documentation 202*2b15cb3dSCy Schubertprovided in 203*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 204*2b15cb3dSCy Schubert <dl> 205*2b15cb3dSCy Schubert<dt><code>pool</code><dd>For type s addresses, this command mobilizes a persistent 206*2b15cb3dSCy Schubertclient mode association with a number of remote servers. 207*2b15cb3dSCy SchubertIn this mode the local clock can synchronized to the 208*2b15cb3dSCy Schubertremote server, but the remote server can never be synchronized to 209*2b15cb3dSCy Schubertthe local clock. 210*2b15cb3dSCy Schubert<br><dt><code>server</code><dd>For type s and r addresses, this command mobilizes a persistent 211*2b15cb3dSCy Schubertclient mode association with the specified remote server or local 212*2b15cb3dSCy Schubertradio clock. 213*2b15cb3dSCy SchubertIn this mode the local clock can synchronized to the 214*2b15cb3dSCy Schubertremote server, but the remote server can never be synchronized to 215*2b15cb3dSCy Schubertthe local clock. 216*2b15cb3dSCy SchubertThis command should 217*2b15cb3dSCy Schubert<em>not</em> 218*2b15cb3dSCy Schubertbe used for type 219*2b15cb3dSCy Schubertb or m addresses. 220*2b15cb3dSCy Schubert<br><dt><code>peer</code><dd>For type s addresses (only), this command mobilizes a 221*2b15cb3dSCy Schubertpersistent symmetric-active mode association with the specified 222*2b15cb3dSCy Schubertremote peer. 223*2b15cb3dSCy SchubertIn this mode the local clock can be synchronized to 224*2b15cb3dSCy Schubertthe remote peer or the remote peer can be synchronized to the local 225*2b15cb3dSCy Schubertclock. 226*2b15cb3dSCy SchubertThis is useful in a network of servers where, depending on 227*2b15cb3dSCy Schubertvarious failure scenarios, either the local or remote peer may be 228*2b15cb3dSCy Schubertthe better source of time. 229*2b15cb3dSCy SchubertThis command should NOT be used for type 230*2b15cb3dSCy Schubertb, m or r addresses. 231*2b15cb3dSCy Schubert<br><dt><code>broadcast</code><dd>For type b and m addresses (only), this 232*2b15cb3dSCy Schubertcommand mobilizes a persistent broadcast mode association. 233*2b15cb3dSCy SchubertMultiple 234*2b15cb3dSCy Schubertcommands can be used to specify multiple local broadcast interfaces 235*2b15cb3dSCy Schubert(subnets) and/or multiple multicast groups. 236*2b15cb3dSCy SchubertNote that local 237*2b15cb3dSCy Schubertbroadcast messages go only to the interface associated with the 238*2b15cb3dSCy Schubertsubnet specified, but multicast messages go to all interfaces. 239*2b15cb3dSCy SchubertIn broadcast mode the local server sends periodic broadcast 240*2b15cb3dSCy Schubertmessages to a client population at the 241*2b15cb3dSCy Schubert<kbd>address</kbd> 242*2b15cb3dSCy Schubertspecified, which is usually the broadcast address on (one of) the 243*2b15cb3dSCy Schubertlocal network(s) or a multicast address assigned to NTP. 244*2b15cb3dSCy SchubertThe IANA 245*2b15cb3dSCy Schuberthas assigned the multicast group address IPv4 224.0.1.1 and 246*2b15cb3dSCy SchubertIPv6 ff05::101 (site local) exclusively to 247*2b15cb3dSCy SchubertNTP, but other nonconflicting addresses can be used to contain the 248*2b15cb3dSCy Schubertmessages within administrative boundaries. 249*2b15cb3dSCy SchubertOrdinarily, this 250*2b15cb3dSCy Schubertspecification applies only to the local server operating as a 251*2b15cb3dSCy Schubertsender; for operation as a broadcast client, see the 252*2b15cb3dSCy Schubert<code>broadcastclient</code> 253*2b15cb3dSCy Schubertor 254*2b15cb3dSCy Schubert<code>multicastclient</code> 255*2b15cb3dSCy Schubertcommands 256*2b15cb3dSCy Schubertbelow. 257*2b15cb3dSCy Schubert<br><dt><code>manycastclient</code><dd>For type m addresses (only), this command mobilizes a 258*2b15cb3dSCy Schubertmanycast client mode association for the multicast address 259*2b15cb3dSCy Schubertspecified. 260*2b15cb3dSCy SchubertIn this case a specific address must be supplied which 261*2b15cb3dSCy Schubertmatches the address used on the 262*2b15cb3dSCy Schubert<code>manycastserver</code> 263*2b15cb3dSCy Schubertcommand for 264*2b15cb3dSCy Schubertthe designated manycast servers. 265*2b15cb3dSCy SchubertThe NTP multicast address 266*2b15cb3dSCy Schubert224.0.1.1 assigned by the IANA should NOT be used, unless specific 267*2b15cb3dSCy Schubertmeans are taken to avoid spraying large areas of the Internet with 268*2b15cb3dSCy Schubertthese messages and causing a possibly massive implosion of replies 269*2b15cb3dSCy Schubertat the sender. 270*2b15cb3dSCy SchubertThe 271*2b15cb3dSCy Schubert<code>manycastserver</code> 272*2b15cb3dSCy Schubertcommand specifies that the local server 273*2b15cb3dSCy Schubertis to operate in client mode with the remote servers that are 274*2b15cb3dSCy Schubertdiscovered as the result of broadcast/multicast messages. 275*2b15cb3dSCy SchubertThe 276*2b15cb3dSCy Schubertclient broadcasts a request message to the group address associated 277*2b15cb3dSCy Schubertwith the specified 278*2b15cb3dSCy Schubert<kbd>address</kbd> 279*2b15cb3dSCy Schubertand specifically enabled 280*2b15cb3dSCy Schubertservers respond to these messages. 281*2b15cb3dSCy SchubertThe client selects the servers 282*2b15cb3dSCy Schubertproviding the best time and continues as with the 283*2b15cb3dSCy Schubert<code>server</code> 284*2b15cb3dSCy Schubertcommand. 285*2b15cb3dSCy SchubertThe remaining servers are discarded as if never 286*2b15cb3dSCy Schubertheard. 287*2b15cb3dSCy Schubert</dl> 288*2b15cb3dSCy Schubert 289*2b15cb3dSCy Schubert <p>Options: 290*2b15cb3dSCy Schubert <dl> 291*2b15cb3dSCy Schubert<dt><code>autokey</code><dd>All packets sent to and received from the server or peer are to 292*2b15cb3dSCy Schubertinclude authentication fields encrypted using the autokey scheme 293*2b15cb3dSCy Schubertdescribed in 294*2b15cb3dSCy Schubert<a href="#Authentication-Options">Authentication Options</a>. 295*2b15cb3dSCy Schubert<br><dt><code>burst</code><dd>when the server is reachable, send a burst of eight packets 296*2b15cb3dSCy Schubertinstead of the usual one. 297*2b15cb3dSCy SchubertThe packet spacing is normally 2 s; 298*2b15cb3dSCy Schuberthowever, the spacing between the first and second packets 299*2b15cb3dSCy Schubertcan be changed with the calldelay command to allow 300*2b15cb3dSCy Schubertadditional time for a modem or ISDN call to complete. 301*2b15cb3dSCy SchubertThis is designed to improve timekeeping quality 302*2b15cb3dSCy Schubertwith the 303*2b15cb3dSCy Schubert<code>server</code> 304*2b15cb3dSCy Schubertcommand and s addresses. 305*2b15cb3dSCy Schubert<br><dt><code>iburst</code><dd>When the server is unreachable, send a burst of eight packets 306*2b15cb3dSCy Schubertinstead of the usual one. 307*2b15cb3dSCy SchubertThe packet spacing is normally 2 s; 308*2b15cb3dSCy Schuberthowever, the spacing between the first two packets can be 309*2b15cb3dSCy Schubertchanged with the calldelay command to allow 310*2b15cb3dSCy Schubertadditional time for a modem or ISDN call to complete. 311*2b15cb3dSCy SchubertThis is designed to speed the initial synchronization 312*2b15cb3dSCy Schubertacquisition with the 313*2b15cb3dSCy Schubert<code>server</code> 314*2b15cb3dSCy Schubertcommand and s addresses and when 315*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 316*2b15cb3dSCy Schubertis started with the 317*2b15cb3dSCy Schubert<code>-q</code> 318*2b15cb3dSCy Schubertoption. 319*2b15cb3dSCy Schubert<br><dt><code>key</code> <kbd>key</kbd><dd>All packets sent to and received from the server or peer are to 320*2b15cb3dSCy Schubertinclude authentication fields encrypted using the specified 321*2b15cb3dSCy Schubert<kbd>key</kbd> 322*2b15cb3dSCy Schubertidentifier with values from 1 to 65534, inclusive. 323*2b15cb3dSCy SchubertThe 324*2b15cb3dSCy Schubertdefault is to include no encryption field. 325*2b15cb3dSCy Schubert<br><dt><code>minpoll</code> <kbd>minpoll</kbd><br><dt><code>maxpoll</code> <kbd>maxpoll</kbd><dd>These options specify the minimum and maximum poll intervals 326*2b15cb3dSCy Schubertfor NTP messages, as a power of 2 in seconds 327*2b15cb3dSCy SchubertThe maximum poll 328*2b15cb3dSCy Schubertinterval defaults to 10 (1,024 s), but can be increased by the 329*2b15cb3dSCy Schubert<code>maxpoll</code> 330*2b15cb3dSCy Schubertoption to an upper limit of 17 (36.4 h). 331*2b15cb3dSCy SchubertThe 332*2b15cb3dSCy Schubertminimum poll interval defaults to 6 (64 s), but can be decreased by 333*2b15cb3dSCy Schubertthe 334*2b15cb3dSCy Schubert<code>minpoll</code> 335*2b15cb3dSCy Schubertoption to a lower limit of 4 (16 s). 336*2b15cb3dSCy Schubert<br><dt><code>noselect</code><dd>Marks the server as unused, except for display purposes. 337*2b15cb3dSCy SchubertThe server is discarded by the selection algroithm. 338*2b15cb3dSCy Schubert<br><dt><code>prefer</code><dd>Marks the server as preferred. 339*2b15cb3dSCy SchubertAll other things being equal, 340*2b15cb3dSCy Schubertthis host will be chosen for synchronization among a set of 341*2b15cb3dSCy Schubertcorrectly operating hosts. 342*2b15cb3dSCy SchubertSee the 343*2b15cb3dSCy Schubert"Mitigation Rules and the prefer Keyword" 344*2b15cb3dSCy Schubertpage 345*2b15cb3dSCy Schubert(available as part of the HTML documentation 346*2b15cb3dSCy Schubertprovided in 347*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>) 348*2b15cb3dSCy Schubertfor further information. 349*2b15cb3dSCy Schubert<br><dt><code>ttl</code> <kbd>ttl</kbd><dd>This option is used only with broadcast server and manycast 350*2b15cb3dSCy Schubertclient modes. 351*2b15cb3dSCy SchubertIt specifies the time-to-live 352*2b15cb3dSCy Schubert<kbd>ttl</kbd> 353*2b15cb3dSCy Schubertto 354*2b15cb3dSCy Schubertuse on broadcast server and multicast server and the maximum 355*2b15cb3dSCy Schubert<kbd>ttl</kbd> 356*2b15cb3dSCy Schubertfor the expanding ring search with manycast 357*2b15cb3dSCy Schubertclient packets. 358*2b15cb3dSCy SchubertSelection of the proper value, which defaults to 359*2b15cb3dSCy Schubert127, is something of a black art and should be coordinated with the 360*2b15cb3dSCy Schubertnetwork administrator. 361*2b15cb3dSCy Schubert<br><dt><code>version</code> <kbd>version</kbd><dd>Specifies the version number to be used for outgoing NTP 362*2b15cb3dSCy Schubertpackets. 363*2b15cb3dSCy SchubertVersions 1-4 are the choices, with version 4 the 364*2b15cb3dSCy Schubertdefault. 365*2b15cb3dSCy Schubert</dl> 366*2b15cb3dSCy Schubert 367*2b15cb3dSCy Schubert<h5 class="subsubsection">Auxiliary Commands</h5> 368*2b15cb3dSCy Schubert 369*2b15cb3dSCy Schubert <dl> 370*2b15cb3dSCy Schubert<dt><code>broadcastclient</code><dd>This command enables reception of broadcast server messages to 371*2b15cb3dSCy Schubertany local interface (type b) address. 372*2b15cb3dSCy SchubertUpon receiving a message for 373*2b15cb3dSCy Schubertthe first time, the broadcast client measures the nominal server 374*2b15cb3dSCy Schubertpropagation delay using a brief client/server exchange with the 375*2b15cb3dSCy Schubertserver, then enters the broadcast client mode, in which it 376*2b15cb3dSCy Schubertsynchronizes to succeeding broadcast messages. 377*2b15cb3dSCy SchubertNote that, in order 378*2b15cb3dSCy Schubertto avoid accidental or malicious disruption in this mode, both the 379*2b15cb3dSCy Schubertserver and client should operate using symmetric-key or public-key 380*2b15cb3dSCy Schubertauthentication as described in 381*2b15cb3dSCy Schubert<a href="#Authentication-Options">Authentication Options</a>. 382*2b15cb3dSCy Schubert<br><dt><code>manycastserver</code> <kbd>address</kbd> <kbd>...</kbd><dd>This command enables reception of manycast client messages to 383*2b15cb3dSCy Schubertthe multicast group address(es) (type m) specified. 384*2b15cb3dSCy SchubertAt least one 385*2b15cb3dSCy Schubertaddress is required, but the NTP multicast address 224.0.1.1 386*2b15cb3dSCy Schubertassigned by the IANA should NOT be used, unless specific means are 387*2b15cb3dSCy Schuberttaken to limit the span of the reply and avoid a possibly massive 388*2b15cb3dSCy Schubertimplosion at the original sender. 389*2b15cb3dSCy SchubertNote that, in order to avoid 390*2b15cb3dSCy Schubertaccidental or malicious disruption in this mode, both the server 391*2b15cb3dSCy Schubertand client should operate using symmetric-key or public-key 392*2b15cb3dSCy Schubertauthentication as described in 393*2b15cb3dSCy Schubert<a href="#Authentication-Options">Authentication Options</a>. 394*2b15cb3dSCy Schubert<br><dt><code>multicastclient</code> <kbd>address</kbd> <kbd>...</kbd><dd>This command enables reception of multicast server messages to 395*2b15cb3dSCy Schubertthe multicast group address(es) (type m) specified. 396*2b15cb3dSCy SchubertUpon receiving 397*2b15cb3dSCy Schuberta message for the first time, the multicast client measures the 398*2b15cb3dSCy Schubertnominal server propagation delay using a brief client/server 399*2b15cb3dSCy Schubertexchange with the server, then enters the broadcast client mode, in 400*2b15cb3dSCy Schubertwhich it synchronizes to succeeding multicast messages. 401*2b15cb3dSCy SchubertNote that, 402*2b15cb3dSCy Schubertin order to avoid accidental or malicious disruption in this mode, 403*2b15cb3dSCy Schubertboth the server and client should operate using symmetric-key or 404*2b15cb3dSCy Schubertpublic-key authentication as described in 405*2b15cb3dSCy Schubert<a href="#Authentication-Options">Authentication Options</a>. 406*2b15cb3dSCy Schubert<br><dt><code>mdnstries</code> <kbd>number</kbd><dd>If we are participating in mDNS, 407*2b15cb3dSCy Schubertafter we have synched for the first time 408*2b15cb3dSCy Schubertwe attempt to register with the mDNS system. 409*2b15cb3dSCy SchubertIf that registration attempt fails, 410*2b15cb3dSCy Schubertwe try again at one minute intervals for up to 411*2b15cb3dSCy Schubert<code>mdnstries</code> 412*2b15cb3dSCy Schuberttimes. 413*2b15cb3dSCy SchubertAfter all, 414*2b15cb3dSCy Schubert<code>ntpd</code> 415*2b15cb3dSCy Schubertmay be starting before mDNS. 416*2b15cb3dSCy SchubertThe default value for 417*2b15cb3dSCy Schubert<code>mdnstries</code> 418*2b15cb3dSCy Schubertis 5. 419*2b15cb3dSCy Schubert</dl> 420*2b15cb3dSCy Schubert<div class="node"> 421*2b15cb3dSCy Schubert<p><hr> 422*2b15cb3dSCy Schubert<a name="Authentication-Support"></a> 423*2b15cb3dSCy Schubert<br> 424*2b15cb3dSCy Schubert</div> 425*2b15cb3dSCy Schubert 426*2b15cb3dSCy Schubert<h4 class="subsection">Authentication Support</h4> 427*2b15cb3dSCy Schubert 428*2b15cb3dSCy Schubert<p>Authentication support allows the NTP client to verify that the 429*2b15cb3dSCy Schubertserver is in fact known and trusted and not an intruder intending 430*2b15cb3dSCy Schubertaccidentally or on purpose to masquerade as that server. 431*2b15cb3dSCy SchubertThe NTPv3 432*2b15cb3dSCy Schubertspecification RFC-1305 defines a scheme which provides 433*2b15cb3dSCy Schubertcryptographic authentication of received NTP packets. 434*2b15cb3dSCy SchubertOriginally, 435*2b15cb3dSCy Schubertthis was done using the Data Encryption Standard (DES) algorithm 436*2b15cb3dSCy Schubertoperating in Cipher Block Chaining (CBC) mode, commonly called 437*2b15cb3dSCy SchubertDES-CBC. 438*2b15cb3dSCy SchubertSubsequently, this was replaced by the RSA Message Digest 439*2b15cb3dSCy Schubert5 (MD5) algorithm using a private key, commonly called keyed-MD5. 440*2b15cb3dSCy SchubertEither algorithm computes a message digest, or one-way hash, which 441*2b15cb3dSCy Schubertcan be used to verify the server has the correct private key and 442*2b15cb3dSCy Schubertkey identifier. 443*2b15cb3dSCy Schubert 444*2b15cb3dSCy Schubert <p>NTPv4 retains the NTPv3 scheme, properly described as symmetric key 445*2b15cb3dSCy Schubertcryptography and, in addition, provides a new Autokey scheme 446*2b15cb3dSCy Schubertbased on public key cryptography. 447*2b15cb3dSCy SchubertPublic key cryptography is generally considered more secure 448*2b15cb3dSCy Schubertthan symmetric key cryptography, since the security is based 449*2b15cb3dSCy Schuberton a private value which is generated by each server and 450*2b15cb3dSCy Schubertnever revealed. 451*2b15cb3dSCy SchubertWith Autokey all key distribution and 452*2b15cb3dSCy Schubertmanagement functions involve only public values, which 453*2b15cb3dSCy Schubertconsiderably simplifies key distribution and storage. 454*2b15cb3dSCy SchubertPublic key management is based on X.509 certificates, 455*2b15cb3dSCy Schubertwhich can be provided by commercial services or 456*2b15cb3dSCy Schubertproduced by utility programs in the OpenSSL software library 457*2b15cb3dSCy Schubertor the NTPv4 distribution. 458*2b15cb3dSCy Schubert 459*2b15cb3dSCy Schubert <p>While the algorithms for symmetric key cryptography are 460*2b15cb3dSCy Schubertincluded in the NTPv4 distribution, public key cryptography 461*2b15cb3dSCy Schubertrequires the OpenSSL software library to be installed 462*2b15cb3dSCy Schubertbefore building the NTP distribution. 463*2b15cb3dSCy SchubertDirections for doing that 464*2b15cb3dSCy Schubertare on the Building and Installing the Distribution page. 465*2b15cb3dSCy Schubert 466*2b15cb3dSCy Schubert <p>Authentication is configured separately for each association 467*2b15cb3dSCy Schubertusing the 468*2b15cb3dSCy Schubert<code>key</code> 469*2b15cb3dSCy Schubertor 470*2b15cb3dSCy Schubert<code>autokey</code> 471*2b15cb3dSCy Schubertsubcommand on the 472*2b15cb3dSCy Schubert<code>peer</code>, 473*2b15cb3dSCy Schubert<code>server</code>, 474*2b15cb3dSCy Schubert<code>broadcast</code> 475*2b15cb3dSCy Schubertand 476*2b15cb3dSCy Schubert<code>manycastclient</code> 477*2b15cb3dSCy Schubertconfiguration commands as described in 478*2b15cb3dSCy Schubert<a href="#Configuration-Options">Configuration Options</a> 479*2b15cb3dSCy Schubertpage. 480*2b15cb3dSCy SchubertThe authentication 481*2b15cb3dSCy Schubertoptions described below specify the locations of the key files, 482*2b15cb3dSCy Schubertif other than default, which symmetric keys are trusted 483*2b15cb3dSCy Schubertand the interval between various operations, if other than default. 484*2b15cb3dSCy Schubert 485*2b15cb3dSCy Schubert <p>Authentication is always enabled, 486*2b15cb3dSCy Schubertalthough ineffective if not configured as 487*2b15cb3dSCy Schubertdescribed below. 488*2b15cb3dSCy SchubertIf a NTP packet arrives 489*2b15cb3dSCy Schubertincluding a message authentication 490*2b15cb3dSCy Schubertcode (MAC), it is accepted only if it 491*2b15cb3dSCy Schubertpasses all cryptographic checks. 492*2b15cb3dSCy SchubertThe 493*2b15cb3dSCy Schubertchecks require correct key ID, key value 494*2b15cb3dSCy Schubertand message digest. 495*2b15cb3dSCy SchubertIf the packet has 496*2b15cb3dSCy Schubertbeen modified in any way or replayed 497*2b15cb3dSCy Schubertby an intruder, it will fail one or more 498*2b15cb3dSCy Schubertof these checks and be discarded. 499*2b15cb3dSCy SchubertFurthermore, the Autokey scheme requires a 500*2b15cb3dSCy Schubertpreliminary protocol exchange to obtain 501*2b15cb3dSCy Schubertthe server certificate, verify its 502*2b15cb3dSCy Schubertcredentials and initialize the protocol 503*2b15cb3dSCy Schubert 504*2b15cb3dSCy Schubert <p>The 505*2b15cb3dSCy Schubert<code>auth</code> 506*2b15cb3dSCy Schubertflag controls whether new associations or 507*2b15cb3dSCy Schubertremote configuration commands require cryptographic authentication. 508*2b15cb3dSCy SchubertThis flag can be set or reset by the 509*2b15cb3dSCy Schubert<code>enable</code> 510*2b15cb3dSCy Schubertand 511*2b15cb3dSCy Schubert<code>disable</code> 512*2b15cb3dSCy Schubertcommands and also by remote 513*2b15cb3dSCy Schubertconfiguration commands sent by a 514*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 515*2b15cb3dSCy Schubertprogram running in 516*2b15cb3dSCy Schubertanother machine. 517*2b15cb3dSCy SchubertIf this flag is enabled, which is the default 518*2b15cb3dSCy Schubertcase, new broadcast client and symmetric passive associations and 519*2b15cb3dSCy Schubertremote configuration commands must be cryptographically 520*2b15cb3dSCy Schubertauthenticated using either symmetric key or public key cryptography. 521*2b15cb3dSCy SchubertIf this 522*2b15cb3dSCy Schubertflag is disabled, these operations are effective 523*2b15cb3dSCy Schuberteven if not cryptographic 524*2b15cb3dSCy Schubertauthenticated. 525*2b15cb3dSCy SchubertIt should be understood 526*2b15cb3dSCy Schubertthat operating with the 527*2b15cb3dSCy Schubert<code>auth</code> 528*2b15cb3dSCy Schubertflag disabled invites a significant vulnerability 529*2b15cb3dSCy Schubertwhere a rogue hacker can 530*2b15cb3dSCy Schubertmasquerade as a falseticker and seriously 531*2b15cb3dSCy Schubertdisrupt system timekeeping. 532*2b15cb3dSCy SchubertIt is 533*2b15cb3dSCy Schubertimportant to note that this flag has no purpose 534*2b15cb3dSCy Schubertother than to allow or disallow 535*2b15cb3dSCy Schuberta new association in response to new broadcast 536*2b15cb3dSCy Schubertand symmetric active messages 537*2b15cb3dSCy Schubertand remote configuration commands and, in particular, 538*2b15cb3dSCy Schubertthe flag has no effect on 539*2b15cb3dSCy Schubertthe authentication process itself. 540*2b15cb3dSCy Schubert 541*2b15cb3dSCy Schubert <p>An attractive alternative where multicast support is available 542*2b15cb3dSCy Schubertis manycast mode, in which clients periodically troll 543*2b15cb3dSCy Schubertfor servers as described in the 544*2b15cb3dSCy Schubert<a href="#Automatic-NTP-Configuration-Options">Automatic NTP Configuration Options</a> 545*2b15cb3dSCy Schubertpage. 546*2b15cb3dSCy SchubertEither symmetric key or public key 547*2b15cb3dSCy Schubertcryptographic authentication can be used in this mode. 548*2b15cb3dSCy SchubertThe principle advantage 549*2b15cb3dSCy Schubertof manycast mode is that potential servers need not be 550*2b15cb3dSCy Schubertconfigured in advance, 551*2b15cb3dSCy Schubertsince the client finds them during regular operation, 552*2b15cb3dSCy Schubertand the configuration 553*2b15cb3dSCy Schubertfiles for all clients can be identical. 554*2b15cb3dSCy Schubert 555*2b15cb3dSCy Schubert <p>The security model and protocol schemes for 556*2b15cb3dSCy Schubertboth symmetric key and public key 557*2b15cb3dSCy Schubertcryptography are summarized below; 558*2b15cb3dSCy Schubertfurther details are in the briefings, papers 559*2b15cb3dSCy Schubertand reports at the NTP project page linked from 560*2b15cb3dSCy Schubert<code>http://www.ntp.org/</code>. 561*2b15cb3dSCy Schubert 562*2b15cb3dSCy Schubert<h5 class="subsubsection">Symmetric-Key Cryptography</h5> 563*2b15cb3dSCy Schubert 564*2b15cb3dSCy Schubert<p>The original RFC-1305 specification allows any one of possibly 565*2b15cb3dSCy Schubert65,534 keys, each distinguished by a 32-bit key identifier, to 566*2b15cb3dSCy Schubertauthenticate an association. 567*2b15cb3dSCy SchubertThe servers and clients involved must 568*2b15cb3dSCy Schubertagree on the key and key identifier to 569*2b15cb3dSCy Schubertauthenticate NTP packets. 570*2b15cb3dSCy SchubertKeys and 571*2b15cb3dSCy Schubertrelated information are specified in a key 572*2b15cb3dSCy Schubertfile, usually called 573*2b15cb3dSCy Schubert<span class="file">ntp.keys</span>, 574*2b15cb3dSCy Schubertwhich must be distributed and stored using 575*2b15cb3dSCy Schubertsecure means beyond the scope of the NTP protocol itself. 576*2b15cb3dSCy SchubertBesides the keys used 577*2b15cb3dSCy Schubertfor ordinary NTP associations, 578*2b15cb3dSCy Schubertadditional keys can be used as passwords for the 579*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 580*2b15cb3dSCy Schubertand 581*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 582*2b15cb3dSCy Schubertutility programs. 583*2b15cb3dSCy Schubert 584*2b15cb3dSCy Schubert <p>When 585*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 586*2b15cb3dSCy Schubertis first started, it reads the key file specified in the 587*2b15cb3dSCy Schubert<code>keys</code> 588*2b15cb3dSCy Schubertconfiguration command and installs the keys 589*2b15cb3dSCy Schubertin the key cache. 590*2b15cb3dSCy SchubertHowever, 591*2b15cb3dSCy Schubertindividual keys must be activated with the 592*2b15cb3dSCy Schubert<code>trusted</code> 593*2b15cb3dSCy Schubertcommand before use. 594*2b15cb3dSCy SchubertThis 595*2b15cb3dSCy Schubertallows, for instance, the installation of possibly 596*2b15cb3dSCy Schubertseveral batches of keys and 597*2b15cb3dSCy Schubertthen activating or deactivating each batch 598*2b15cb3dSCy Schubertremotely using 599*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code>. 600*2b15cb3dSCy SchubertThis also provides a revocation capability that can be used 601*2b15cb3dSCy Schubertif a key becomes compromised. 602*2b15cb3dSCy SchubertThe 603*2b15cb3dSCy Schubert<code>requestkey</code> 604*2b15cb3dSCy Schubertcommand selects the key used as the password for the 605*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 606*2b15cb3dSCy Schubertutility, while the 607*2b15cb3dSCy Schubert<code>controlkey</code> 608*2b15cb3dSCy Schubertcommand selects the key used as the password for the 609*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 610*2b15cb3dSCy Schubertutility. 611*2b15cb3dSCy Schubert 612*2b15cb3dSCy Schubert<h5 class="subsubsection">Public Key Cryptography</h5> 613*2b15cb3dSCy Schubert 614*2b15cb3dSCy Schubert<p>NTPv4 supports the original NTPv3 symmetric key scheme 615*2b15cb3dSCy Schubertdescribed in RFC-1305 and in addition the Autokey protocol, 616*2b15cb3dSCy Schubertwhich is based on public key cryptography. 617*2b15cb3dSCy SchubertThe Autokey Version 2 protocol described on the Autokey Protocol 618*2b15cb3dSCy Schubertpage verifies packet integrity using MD5 message digests 619*2b15cb3dSCy Schubertand verifies the source with digital signatures and any of several 620*2b15cb3dSCy Schubertdigest/signature schemes. 621*2b15cb3dSCy SchubertOptional identity schemes described on the Identity Schemes 622*2b15cb3dSCy Schubertpage and based on cryptographic challenge/response algorithms 623*2b15cb3dSCy Schubertare also available. 624*2b15cb3dSCy SchubertUsing all of these schemes provides strong security against 625*2b15cb3dSCy Schubertreplay with or without modification, spoofing, masquerade 626*2b15cb3dSCy Schubertand most forms of clogging attacks. 627*2b15cb3dSCy Schubert 628*2b15cb3dSCy Schubert <p>The Autokey protocol has several modes of operation 629*2b15cb3dSCy Schubertcorresponding to the various NTP modes supported. 630*2b15cb3dSCy SchubertMost modes use a special cookie which can be 631*2b15cb3dSCy Schubertcomputed independently by the client and server, 632*2b15cb3dSCy Schubertbut encrypted in transmission. 633*2b15cb3dSCy SchubertAll modes use in addition a variant of the S-KEY scheme, 634*2b15cb3dSCy Schubertin which a pseudo-random key list is generated and used 635*2b15cb3dSCy Schubertin reverse order. 636*2b15cb3dSCy SchubertThese schemes are described along with an executive summary, 637*2b15cb3dSCy Schubertcurrent status, briefing slides and reading list on the 638*2b15cb3dSCy Schubert<a href="#Autonomous-Authentication">Autonomous Authentication</a> 639*2b15cb3dSCy Schubertpage. 640*2b15cb3dSCy Schubert 641*2b15cb3dSCy Schubert <p>The specific cryptographic environment used by Autokey servers 642*2b15cb3dSCy Schubertand clients is determined by a set of files 643*2b15cb3dSCy Schubertand soft links generated by the 644*2b15cb3dSCy Schubert<code>ntp-keygen(1ntpkeygenmdoc)</code> 645*2b15cb3dSCy Schubertprogram. 646*2b15cb3dSCy SchubertThis includes a required host key file, 647*2b15cb3dSCy Schubertrequired certificate file and optional sign key file, 648*2b15cb3dSCy Schubertleapsecond file and identity scheme files. 649*2b15cb3dSCy SchubertThe 650*2b15cb3dSCy Schubertdigest/signature scheme is specified in the X.509 certificate 651*2b15cb3dSCy Schubertalong with the matching sign key. 652*2b15cb3dSCy SchubertThere are several schemes 653*2b15cb3dSCy Schubertavailable in the OpenSSL software library, each identified 654*2b15cb3dSCy Schubertby a specific string such as 655*2b15cb3dSCy Schubert<code>md5WithRSAEncryption</code>, 656*2b15cb3dSCy Schubertwhich stands for the MD5 message digest with RSA 657*2b15cb3dSCy Schubertencryption scheme. 658*2b15cb3dSCy SchubertThe current NTP distribution supports 659*2b15cb3dSCy Schubertall the schemes in the OpenSSL library, including 660*2b15cb3dSCy Schubertthose based on RSA and DSA digital signatures. 661*2b15cb3dSCy Schubert 662*2b15cb3dSCy Schubert <p>NTP secure groups can be used to define cryptographic compartments 663*2b15cb3dSCy Schubertand security hierarchies. 664*2b15cb3dSCy SchubertIt is important that every host 665*2b15cb3dSCy Schubertin the group be able to construct a certificate trail to one 666*2b15cb3dSCy Schubertor more trusted hosts in the same group. 667*2b15cb3dSCy SchubertEach group 668*2b15cb3dSCy Schuberthost runs the Autokey protocol to obtain the certificates 669*2b15cb3dSCy Schubertfor all hosts along the trail to one or more trusted hosts. 670*2b15cb3dSCy SchubertThis requires the configuration file in all hosts to be 671*2b15cb3dSCy Schubertengineered so that, even under anticipated failure conditions, 672*2b15cb3dSCy Schubertthe NTP subnet will form such that every group host can find 673*2b15cb3dSCy Schuberta trail to at least one trusted host. 674*2b15cb3dSCy Schubert 675*2b15cb3dSCy Schubert<h5 class="subsubsection">Naming and Addressing</h5> 676*2b15cb3dSCy Schubert 677*2b15cb3dSCy Schubert<p>It is important to note that Autokey does not use DNS to 678*2b15cb3dSCy Schubertresolve addresses, since DNS can't be completely trusted 679*2b15cb3dSCy Schubertuntil the name servers have synchronized clocks. 680*2b15cb3dSCy SchubertThe cryptographic name used by Autokey to bind the host identity 681*2b15cb3dSCy Schubertcredentials and cryptographic values must be independent 682*2b15cb3dSCy Schubertof interface, network and any other naming convention. 683*2b15cb3dSCy SchubertThe name appears in the host certificate in either or both 684*2b15cb3dSCy Schubertthe subject and issuer fields, so protection against 685*2b15cb3dSCy SchubertDNS compromise is essential. 686*2b15cb3dSCy Schubert 687*2b15cb3dSCy Schubert <p>By convention, the name of an Autokey host is the name returned 688*2b15cb3dSCy Schubertby the Unix 689*2b15cb3dSCy Schubert<code>gethostname(2)</code> 690*2b15cb3dSCy Schubertsystem call or equivalent in other systems. 691*2b15cb3dSCy SchubertBy the system design 692*2b15cb3dSCy Schubertmodel, there are no provisions to allow alternate names or aliases. 693*2b15cb3dSCy SchubertHowever, this is not to say that DNS aliases, different names 694*2b15cb3dSCy Schubertfor each interface, etc., are constrained in any way. 695*2b15cb3dSCy Schubert 696*2b15cb3dSCy Schubert <p>It is also important to note that Autokey verifies authenticity 697*2b15cb3dSCy Schubertusing the host name, network address and public keys, 698*2b15cb3dSCy Schubertall of which are bound together by the protocol specifically 699*2b15cb3dSCy Schubertto deflect masquerade attacks. 700*2b15cb3dSCy SchubertFor this reason Autokey 701*2b15cb3dSCy Schubertincludes the source and destinatino IP addresses in message digest 702*2b15cb3dSCy Schubertcomputations and so the same addresses must be available 703*2b15cb3dSCy Schubertat both the server and client. 704*2b15cb3dSCy SchubertFor this reason operation 705*2b15cb3dSCy Schubertwith network address translation schemes is not possible. 706*2b15cb3dSCy SchubertThis reflects the intended robust security model where government 707*2b15cb3dSCy Schubertand corporate NTP servers are operated outside firewall perimeters. 708*2b15cb3dSCy Schubert 709*2b15cb3dSCy Schubert<h5 class="subsubsection">Operation</h5> 710*2b15cb3dSCy Schubert 711*2b15cb3dSCy Schubert<p>A specific combination of authentication scheme (none, 712*2b15cb3dSCy Schubertsymmetric key, public key) and identity scheme is called 713*2b15cb3dSCy Schuberta cryptotype, although not all combinations are compatible. 714*2b15cb3dSCy SchubertThere may be management configurations where the clients, 715*2b15cb3dSCy Schubertservers and peers may not all support the same cryptotypes. 716*2b15cb3dSCy SchubertA secure NTPv4 subnet can be configured in many ways while 717*2b15cb3dSCy Schubertkeeping in mind the principles explained above and 718*2b15cb3dSCy Schubertin this section. 719*2b15cb3dSCy SchubertNote however that some cryptotype 720*2b15cb3dSCy Schubertcombinations may successfully interoperate with each other, 721*2b15cb3dSCy Schubertbut may not represent good security practice. 722*2b15cb3dSCy Schubert 723*2b15cb3dSCy Schubert <p>The cryptotype of an association is determined at the time 724*2b15cb3dSCy Schubertof mobilization, either at configuration time or some time 725*2b15cb3dSCy Schubertlater when a message of appropriate cryptotype arrives. 726*2b15cb3dSCy SchubertWhen mobilized by a 727*2b15cb3dSCy Schubert<code>server</code> 728*2b15cb3dSCy Schubertor 729*2b15cb3dSCy Schubert<code>peer</code> 730*2b15cb3dSCy Schubertconfiguration command and no 731*2b15cb3dSCy Schubert<code>key</code> 732*2b15cb3dSCy Schubertor 733*2b15cb3dSCy Schubert<code>autokey</code> 734*2b15cb3dSCy Schubertsubcommands are present, the association is not 735*2b15cb3dSCy Schubertauthenticated; if the 736*2b15cb3dSCy Schubert<code>key</code> 737*2b15cb3dSCy Schubertsubcommand is present, the association is authenticated 738*2b15cb3dSCy Schubertusing the symmetric key ID specified; if the 739*2b15cb3dSCy Schubert<code>autokey</code> 740*2b15cb3dSCy Schubertsubcommand is present, the association is authenticated 741*2b15cb3dSCy Schubertusing Autokey. 742*2b15cb3dSCy Schubert 743*2b15cb3dSCy Schubert <p>When multiple identity schemes are supported in the Autokey 744*2b15cb3dSCy Schubertprotocol, the first message exchange determines which one is used. 745*2b15cb3dSCy SchubertThe client request message contains bits corresponding 746*2b15cb3dSCy Schubertto which schemes it has available. 747*2b15cb3dSCy SchubertThe server response message 748*2b15cb3dSCy Schubertcontains bits corresponding to which schemes it has available. 749*2b15cb3dSCy SchubertBoth server and client match the received bits with their own 750*2b15cb3dSCy Schubertand select a common scheme. 751*2b15cb3dSCy Schubert 752*2b15cb3dSCy Schubert <p>Following the principle that time is a public value, 753*2b15cb3dSCy Schuberta server responds to any client packet that matches 754*2b15cb3dSCy Schubertits cryptotype capabilities. 755*2b15cb3dSCy SchubertThus, a server receiving 756*2b15cb3dSCy Schubertan unauthenticated packet will respond with an unauthenticated 757*2b15cb3dSCy Schubertpacket, while the same server receiving a packet of a cryptotype 758*2b15cb3dSCy Schubertit supports will respond with packets of that cryptotype. 759*2b15cb3dSCy SchubertHowever, unconfigured broadcast or manycast client 760*2b15cb3dSCy Schubertassociations or symmetric passive associations will not be 761*2b15cb3dSCy Schubertmobilized unless the server supports a cryptotype compatible 762*2b15cb3dSCy Schubertwith the first packet received. 763*2b15cb3dSCy SchubertBy default, unauthenticated associations will not be mobilized 764*2b15cb3dSCy Schubertunless overridden in a decidedly dangerous way. 765*2b15cb3dSCy Schubert 766*2b15cb3dSCy Schubert <p>Some examples may help to reduce confusion. 767*2b15cb3dSCy SchubertClient Alice has no specific cryptotype selected. 768*2b15cb3dSCy SchubertServer Bob has both a symmetric key file and minimal Autokey files. 769*2b15cb3dSCy SchubertAlice's unauthenticated messages arrive at Bob, who replies with 770*2b15cb3dSCy Schubertunauthenticated messages. 771*2b15cb3dSCy SchubertCathy has a copy of Bob's symmetric 772*2b15cb3dSCy Schubertkey file and has selected key ID 4 in messages to Bob. 773*2b15cb3dSCy SchubertBob verifies the message with his key ID 4. 774*2b15cb3dSCy SchubertIf it's the 775*2b15cb3dSCy Schubertsame key and the message is verified, Bob sends Cathy a reply 776*2b15cb3dSCy Schubertauthenticated with that key. 777*2b15cb3dSCy SchubertIf verification fails, 778*2b15cb3dSCy SchubertBob sends Cathy a thing called a crypto-NAK, which tells her 779*2b15cb3dSCy Schubertsomething broke. 780*2b15cb3dSCy SchubertShe can see the evidence using the 781*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 782*2b15cb3dSCy Schubertprogram. 783*2b15cb3dSCy Schubert 784*2b15cb3dSCy Schubert <p>Denise has rolled her own host key and certificate. 785*2b15cb3dSCy SchubertShe also uses one of the identity schemes as Bob. 786*2b15cb3dSCy SchubertShe sends the first Autokey message to Bob and they 787*2b15cb3dSCy Schubertboth dance the protocol authentication and identity steps. 788*2b15cb3dSCy SchubertIf all comes out okay, Denise and Bob continue as described above. 789*2b15cb3dSCy Schubert 790*2b15cb3dSCy Schubert <p>It should be clear from the above that Bob can support 791*2b15cb3dSCy Schubertall the girls at the same time, as long as he has compatible 792*2b15cb3dSCy Schubertauthentication and identity credentials. 793*2b15cb3dSCy SchubertNow, Bob can act just like the girls in his own choice of servers; 794*2b15cb3dSCy Schuberthe can run multiple configured associations with multiple different 795*2b15cb3dSCy Schubertservers (or the same server, although that might not be useful). 796*2b15cb3dSCy SchubertBut, wise security policy might preclude some cryptotype 797*2b15cb3dSCy Schubertcombinations; for instance, running an identity scheme 798*2b15cb3dSCy Schubertwith one server and no authentication with another might not be wise. 799*2b15cb3dSCy Schubert 800*2b15cb3dSCy Schubert<h5 class="subsubsection">Key Management</h5> 801*2b15cb3dSCy Schubert 802*2b15cb3dSCy Schubert<p>The cryptographic values used by the Autokey protocol are 803*2b15cb3dSCy Schubertincorporated as a set of files generated by the 804*2b15cb3dSCy Schubert<code>ntp-keygen(1ntpkeygenmdoc)</code> 805*2b15cb3dSCy Schubertutility program, including symmetric key, host key and 806*2b15cb3dSCy Schubertpublic certificate files, as well as sign key, identity parameters 807*2b15cb3dSCy Schubertand leapseconds files. 808*2b15cb3dSCy SchubertAlternatively, host and sign keys and 809*2b15cb3dSCy Schubertcertificate files can be generated by the OpenSSL utilities 810*2b15cb3dSCy Schubertand certificates can be imported from public certificate 811*2b15cb3dSCy Schubertauthorities. 812*2b15cb3dSCy SchubertNote that symmetric keys are necessary for the 813*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 814*2b15cb3dSCy Schubertand 815*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 816*2b15cb3dSCy Schubertutility programs. 817*2b15cb3dSCy SchubertThe remaining files are necessary only for the 818*2b15cb3dSCy SchubertAutokey protocol. 819*2b15cb3dSCy Schubert 820*2b15cb3dSCy Schubert <p>Certificates imported from OpenSSL or public certificate 821*2b15cb3dSCy Schubertauthorities have certian limitations. 822*2b15cb3dSCy SchubertThe certificate should be in ASN.1 syntax, X.509 Version 3 823*2b15cb3dSCy Schubertformat and encoded in PEM, which is the same format 824*2b15cb3dSCy Schubertused by OpenSSL. 825*2b15cb3dSCy SchubertThe overall length of the certificate encoded 826*2b15cb3dSCy Schubertin ASN.1 must not exceed 1024 bytes. 827*2b15cb3dSCy SchubertThe subject distinguished 828*2b15cb3dSCy Schubertname field (CN) is the fully qualified name of the host 829*2b15cb3dSCy Schuberton which it is used; the remaining subject fields are ignored. 830*2b15cb3dSCy SchubertThe certificate extension fields must not contain either 831*2b15cb3dSCy Schuberta subject key identifier or a issuer key identifier field; 832*2b15cb3dSCy Schuberthowever, an extended key usage field for a trusted host must 833*2b15cb3dSCy Schubertcontain the value 834*2b15cb3dSCy Schubert<code>trustRoot</code>;. 835*2b15cb3dSCy SchubertOther extension fields are ignored. 836*2b15cb3dSCy Schubert 837*2b15cb3dSCy Schubert<h5 class="subsubsection">Authentication Commands</h5> 838*2b15cb3dSCy Schubert 839*2b15cb3dSCy Schubert <dl> 840*2b15cb3dSCy Schubert<dt><code>autokey</code> <code>[</code><kbd>logsec</kbd><code>]</code><dd>Specifies the interval between regenerations of the session key 841*2b15cb3dSCy Schubertlist used with the Autokey protocol. 842*2b15cb3dSCy SchubertNote that the size of the key 843*2b15cb3dSCy Schubertlist for each association depends on this interval and the current 844*2b15cb3dSCy Schubertpoll interval. 845*2b15cb3dSCy SchubertThe default value is 12 (4096 s or about 1.1 hours). 846*2b15cb3dSCy SchubertFor poll intervals above the specified interval, a session key list 847*2b15cb3dSCy Schubertwith a single entry will be regenerated for every message 848*2b15cb3dSCy Schubertsent. 849*2b15cb3dSCy Schubert<br><dt><code>controlkey</code> <kbd>key</kbd><dd>Specifies the key identifier to use with the 850*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 851*2b15cb3dSCy Schubertutility, which uses the standard 852*2b15cb3dSCy Schubertprotocol defined in RFC-1305. 853*2b15cb3dSCy SchubertThe 854*2b15cb3dSCy Schubert<kbd>key</kbd> 855*2b15cb3dSCy Schubertargument is 856*2b15cb3dSCy Schubertthe key identifier for a trusted key, where the value can be in the 857*2b15cb3dSCy Schubertrange 1 to 65,534, inclusive. 858*2b15cb3dSCy Schubert<br><dt><code>crypto</code> <code>[cert </code><kbd>file</kbd><code>]</code> <code>[leap </code><kbd>file</kbd><code>]</code> <code>[randfile </code><kbd>file</kbd><code>]</code> <code>[host </code><kbd>file</kbd><code>]</code> <code>[sign </code><kbd>file</kbd><code>]</code> <code>[gq </code><kbd>file</kbd><code>]</code> <code>[gqpar </code><kbd>file</kbd><code>]</code> <code>[iffpar </code><kbd>file</kbd><code>]</code> <code>[mvpar </code><kbd>file</kbd><code>]</code> <code>[pw </code><kbd>password</kbd><code>]</code><dd>This command requires the OpenSSL library. 859*2b15cb3dSCy SchubertIt activates public key 860*2b15cb3dSCy Schubertcryptography, selects the message digest and signature 861*2b15cb3dSCy Schubertencryption scheme and loads the required private and public 862*2b15cb3dSCy Schubertvalues described above. 863*2b15cb3dSCy SchubertIf one or more files are left unspecified, 864*2b15cb3dSCy Schubertthe default names are used as described above. 865*2b15cb3dSCy SchubertUnless the complete path and name of the file are specified, the 866*2b15cb3dSCy Schubertlocation of a file is relative to the keys directory specified 867*2b15cb3dSCy Schubertin the 868*2b15cb3dSCy Schubert<code>keysdir</code> 869*2b15cb3dSCy Schubertcommand or default 870*2b15cb3dSCy Schubert<span class="file">/usr/local/etc</span>. 871*2b15cb3dSCy SchubertFollowing are the subcommands: 872*2b15cb3dSCy Schubert <dl> 873*2b15cb3dSCy Schubert<dt><code>cert</code> <kbd>file</kbd><dd>Specifies the location of the required host public certificate file. 874*2b15cb3dSCy SchubertThis overrides the link 875*2b15cb3dSCy Schubert<span class="file">ntpkey_cert_</span><kbd>hostname</kbd> 876*2b15cb3dSCy Schubertin the keys directory. 877*2b15cb3dSCy Schubert<br><dt><code>gqpar</code> <kbd>file</kbd><dd>Specifies the location of the optional GQ parameters file. 878*2b15cb3dSCy SchubertThis 879*2b15cb3dSCy Schubertoverrides the link 880*2b15cb3dSCy Schubert<span class="file">ntpkey_gq_</span><kbd>hostname</kbd> 881*2b15cb3dSCy Schubertin the keys directory. 882*2b15cb3dSCy Schubert<br><dt><code>host</code> <kbd>file</kbd><dd>Specifies the location of the required host key file. 883*2b15cb3dSCy SchubertThis overrides 884*2b15cb3dSCy Schubertthe link 885*2b15cb3dSCy Schubert<span class="file">ntpkey_key_</span><kbd>hostname</kbd> 886*2b15cb3dSCy Schubertin the keys directory. 887*2b15cb3dSCy Schubert<br><dt><code>iffpar</code> <kbd>file</kbd><dd>Specifies the location of the optional IFF parameters file.This 888*2b15cb3dSCy Schubertoverrides the link 889*2b15cb3dSCy Schubert<span class="file">ntpkey_iff_</span><kbd>hostname</kbd> 890*2b15cb3dSCy Schubertin the keys directory. 891*2b15cb3dSCy Schubert<br><dt><code>leap</code> <kbd>file</kbd><dd>Specifies the location of the optional leapsecond file. 892*2b15cb3dSCy SchubertThis overrides the link 893*2b15cb3dSCy Schubert<span class="file">ntpkey_leap</span> 894*2b15cb3dSCy Schubertin the keys directory. 895*2b15cb3dSCy Schubert<br><dt><code>mvpar</code> <kbd>file</kbd><dd>Specifies the location of the optional MV parameters file. 896*2b15cb3dSCy SchubertThis 897*2b15cb3dSCy Schubertoverrides the link 898*2b15cb3dSCy Schubert<span class="file">ntpkey_mv_</span><kbd>hostname</kbd> 899*2b15cb3dSCy Schubertin the keys directory. 900*2b15cb3dSCy Schubert<br><dt><code>pw</code> <kbd>password</kbd><dd>Specifies the password to decrypt files containing private keys and 901*2b15cb3dSCy Schubertidentity parameters. 902*2b15cb3dSCy SchubertThis is required only if these files have been 903*2b15cb3dSCy Schubertencrypted. 904*2b15cb3dSCy Schubert<br><dt><code>randfile</code> <kbd>file</kbd><dd>Specifies the location of the random seed file used by the OpenSSL 905*2b15cb3dSCy Schubertlibrary. 906*2b15cb3dSCy SchubertThe defaults are described in the main text above. 907*2b15cb3dSCy Schubert<br><dt><code>sign</code> <kbd>file</kbd><dd>Specifies the location of the optional sign key file. 908*2b15cb3dSCy SchubertThis overrides 909*2b15cb3dSCy Schubertthe link 910*2b15cb3dSCy Schubert<span class="file">ntpkey_sign_</span><kbd>hostname</kbd> 911*2b15cb3dSCy Schubertin the keys directory. 912*2b15cb3dSCy SchubertIf this file is 913*2b15cb3dSCy Schubertnot found, the host key is also the sign key. 914*2b15cb3dSCy Schubert</dl> 915*2b15cb3dSCy Schubert <br><dt><code>keys</code> <kbd>keyfile</kbd><dd>Specifies the complete path and location of the MD5 key file 916*2b15cb3dSCy Schubertcontaining the keys and key identifiers used by 917*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code>, 918*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 919*2b15cb3dSCy Schubertand 920*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 921*2b15cb3dSCy Schubertwhen operating with symmetric key cryptography. 922*2b15cb3dSCy SchubertThis is the same operation as the 923*2b15cb3dSCy Schubert<code>-k</code> 924*2b15cb3dSCy Schubertcommand line option. 925*2b15cb3dSCy Schubert<br><dt><code>keysdir</code> <kbd>path</kbd><dd>This command specifies the default directory path for 926*2b15cb3dSCy Schubertcryptographic keys, parameters and certificates. 927*2b15cb3dSCy SchubertThe default is 928*2b15cb3dSCy Schubert<span class="file">/usr/local/etc/</span>. 929*2b15cb3dSCy Schubert<br><dt><code>requestkey</code> <kbd>key</kbd><dd>Specifies the key identifier to use with the 930*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 931*2b15cb3dSCy Schubertutility program, which uses a 932*2b15cb3dSCy Schubertproprietary protocol specific to this implementation of 933*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code>. 934*2b15cb3dSCy SchubertThe 935*2b15cb3dSCy Schubert<kbd>key</kbd> 936*2b15cb3dSCy Schubertargument is a key identifier 937*2b15cb3dSCy Schubertfor the trusted key, where the value can be in the range 1 to 938*2b15cb3dSCy Schubert65,534, inclusive. 939*2b15cb3dSCy Schubert<br><dt><code>revoke</code> <kbd>logsec</kbd><dd>Specifies the interval between re-randomization of certain 940*2b15cb3dSCy Schubertcryptographic values used by the Autokey scheme, as a power of 2 in 941*2b15cb3dSCy Schubertseconds. 942*2b15cb3dSCy SchubertThese values need to be updated frequently in order to 943*2b15cb3dSCy Schubertdeflect brute-force attacks on the algorithms of the scheme; 944*2b15cb3dSCy Schuberthowever, updating some values is a relatively expensive operation. 945*2b15cb3dSCy SchubertThe default interval is 16 (65,536 s or about 18 hours). 946*2b15cb3dSCy SchubertFor poll 947*2b15cb3dSCy Schubertintervals above the specified interval, the values will be updated 948*2b15cb3dSCy Schubertfor every message sent. 949*2b15cb3dSCy Schubert<br><dt><code>trustedkey</code> <kbd>key</kbd> <kbd>...</kbd><dd>Specifies the key identifiers which are trusted for the 950*2b15cb3dSCy Schubertpurposes of authenticating peers with symmetric key cryptography, 951*2b15cb3dSCy Schubertas well as keys used by the 952*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 953*2b15cb3dSCy Schubertand 954*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 955*2b15cb3dSCy Schubertprograms. 956*2b15cb3dSCy SchubertThe authentication procedures require that both the local 957*2b15cb3dSCy Schubertand remote servers share the same key and key identifier for this 958*2b15cb3dSCy Schubertpurpose, although different keys can be used with different 959*2b15cb3dSCy Schubertservers. 960*2b15cb3dSCy SchubertThe 961*2b15cb3dSCy Schubert<kbd>key</kbd> 962*2b15cb3dSCy Schubertarguments are 32-bit unsigned 963*2b15cb3dSCy Schubertintegers with values from 1 to 65,534. 964*2b15cb3dSCy Schubert</dl> 965*2b15cb3dSCy Schubert 966*2b15cb3dSCy Schubert<h5 class="subsubsection">Error Codes</h5> 967*2b15cb3dSCy Schubert 968*2b15cb3dSCy Schubert<p>The following error codes are reported via the NTP control 969*2b15cb3dSCy Schubertand monitoring protocol trap mechanism. 970*2b15cb3dSCy Schubert <dl> 971*2b15cb3dSCy Schubert<dt>101<dd>(bad field format or length) 972*2b15cb3dSCy SchubertThe packet has invalid version, length or format. 973*2b15cb3dSCy Schubert<br><dt>102<dd>(bad timestamp) 974*2b15cb3dSCy SchubertThe packet timestamp is the same or older than the most recent received. 975*2b15cb3dSCy SchubertThis could be due to a replay or a server clock time step. 976*2b15cb3dSCy Schubert<br><dt>103<dd>(bad filestamp) 977*2b15cb3dSCy SchubertThe packet filestamp is the same or older than the most recent received. 978*2b15cb3dSCy SchubertThis could be due to a replay or a key file generation error. 979*2b15cb3dSCy Schubert<br><dt>104<dd>(bad or missing public key) 980*2b15cb3dSCy SchubertThe public key is missing, has incorrect format or is an unsupported type. 981*2b15cb3dSCy Schubert<br><dt>105<dd>(unsupported digest type) 982*2b15cb3dSCy SchubertThe server requires an unsupported digest/signature scheme. 983*2b15cb3dSCy Schubert<br><dt>106<dd>(mismatched digest types) 984*2b15cb3dSCy SchubertNot used. 985*2b15cb3dSCy Schubert<br><dt>107<dd>(bad signature length) 986*2b15cb3dSCy SchubertThe signature length does not match the current public key. 987*2b15cb3dSCy Schubert<br><dt>108<dd>(signature not verified) 988*2b15cb3dSCy SchubertThe message fails the signature check. 989*2b15cb3dSCy SchubertIt could be bogus or signed by a 990*2b15cb3dSCy Schubertdifferent private key. 991*2b15cb3dSCy Schubert<br><dt>109<dd>(certificate not verified) 992*2b15cb3dSCy SchubertThe certificate is invalid or signed with the wrong key. 993*2b15cb3dSCy Schubert<br><dt>110<dd>(certificate not verified) 994*2b15cb3dSCy SchubertThe certificate is not yet valid or has expired or the signature could not 995*2b15cb3dSCy Schubertbe verified. 996*2b15cb3dSCy Schubert<br><dt>111<dd>(bad or missing cookie) 997*2b15cb3dSCy SchubertThe cookie is missing, corrupted or bogus. 998*2b15cb3dSCy Schubert<br><dt>112<dd>(bad or missing leapseconds table) 999*2b15cb3dSCy SchubertThe leapseconds table is missing, corrupted or bogus. 1000*2b15cb3dSCy Schubert<br><dt>113<dd>(bad or missing certificate) 1001*2b15cb3dSCy SchubertThe certificate is missing, corrupted or bogus. 1002*2b15cb3dSCy Schubert<br><dt>114<dd>(bad or missing identity) 1003*2b15cb3dSCy SchubertThe identity key is missing, corrupt or bogus. 1004*2b15cb3dSCy Schubert</dl> 1005*2b15cb3dSCy Schubert <div class="node"> 1006*2b15cb3dSCy Schubert<p><hr> 1007*2b15cb3dSCy Schubert<a name="Monitoring-Support"></a> 1008*2b15cb3dSCy Schubert<br> 1009*2b15cb3dSCy Schubert</div> 1010*2b15cb3dSCy Schubert 1011*2b15cb3dSCy Schubert<h4 class="subsection">Monitoring Support</h4> 1012*2b15cb3dSCy Schubert 1013*2b15cb3dSCy Schubert<p><code>ntpd(1ntpdmdoc)</code> 1014*2b15cb3dSCy Schubertincludes a comprehensive monitoring facility suitable 1015*2b15cb3dSCy Schubertfor continuous, long term recording of server and client 1016*2b15cb3dSCy Schuberttimekeeping performance. 1017*2b15cb3dSCy SchubertSee the 1018*2b15cb3dSCy Schubert<code>statistics</code> 1019*2b15cb3dSCy Schubertcommand below 1020*2b15cb3dSCy Schubertfor a listing and example of each type of statistics currently 1021*2b15cb3dSCy Schubertsupported. 1022*2b15cb3dSCy SchubertStatistic files are managed using file generation sets 1023*2b15cb3dSCy Schubertand scripts in the 1024*2b15cb3dSCy Schubert<span class="file">./scripts</span> 1025*2b15cb3dSCy Schubertdirectory of this distribution. 1026*2b15cb3dSCy SchubertUsing 1027*2b15cb3dSCy Schubertthese facilities and 1028*2b15cb3dSCy Schubert<span class="sc">unix</span> 1029*2b15cb3dSCy Schubert<code>cron(8)</code> 1030*2b15cb3dSCy Schubertjobs, the data can be 1031*2b15cb3dSCy Schubertautomatically summarized and archived for retrospective analysis. 1032*2b15cb3dSCy Schubert 1033*2b15cb3dSCy Schubert<h5 class="subsubsection">Monitoring Commands</h5> 1034*2b15cb3dSCy Schubert 1035*2b15cb3dSCy Schubert <dl> 1036*2b15cb3dSCy Schubert<dt><code>statistics</code> <kbd>name</kbd> <kbd>...</kbd><dd>Enables writing of statistics records. 1037*2b15cb3dSCy SchubertCurrently, eight kinds of 1038*2b15cb3dSCy Schubert<kbd>name</kbd> 1039*2b15cb3dSCy Schubertstatistics are supported. 1040*2b15cb3dSCy Schubert <dl> 1041*2b15cb3dSCy Schubert<dt><code>clockstats</code><dd>Enables recording of clock driver statistics information. 1042*2b15cb3dSCy SchubertEach update 1043*2b15cb3dSCy Schubertreceived from a clock driver appends a line of the following form to 1044*2b15cb3dSCy Schubertthe file generation set named 1045*2b15cb3dSCy Schubert<code>clockstats</code>: 1046*2b15cb3dSCy Schubert<pre class="verbatim"> 1047*2b15cb3dSCy Schubert 49213 525.624 127.127.4.1 93 226 00:08:29.606 D 1048*2b15cb3dSCy Schubert </pre> 1049*2b15cb3dSCy Schubert 1050*2b15cb3dSCy Schubert <p>The first two fields show the date (Modified Julian Day) and time 1051*2b15cb3dSCy Schubert(seconds and fraction past UTC midnight). 1052*2b15cb3dSCy SchubertThe next field shows the 1053*2b15cb3dSCy Schubertclock address in dotted-quad notation. 1054*2b15cb3dSCy SchubertThe final field shows the last 1055*2b15cb3dSCy Schuberttimecode received from the clock in decoded ASCII format, where 1056*2b15cb3dSCy Schubertmeaningful. 1057*2b15cb3dSCy SchubertIn some clock drivers a good deal of additional information 1058*2b15cb3dSCy Schubertcan be gathered and displayed as well. 1059*2b15cb3dSCy SchubertSee information specific to each 1060*2b15cb3dSCy Schubertclock for further details. 1061*2b15cb3dSCy Schubert<br><dt><code>cryptostats</code><dd>This option requires the OpenSSL cryptographic software library. 1062*2b15cb3dSCy SchubertIt 1063*2b15cb3dSCy Schubertenables recording of cryptographic public key protocol information. 1064*2b15cb3dSCy SchubertEach message received by the protocol module appends a line of the 1065*2b15cb3dSCy Schubertfollowing form to the file generation set named 1066*2b15cb3dSCy Schubert<code>cryptostats</code>: 1067*2b15cb3dSCy Schubert<pre class="verbatim"> 1068*2b15cb3dSCy Schubert 49213 525.624 127.127.4.1 message 1069*2b15cb3dSCy Schubert </pre> 1070*2b15cb3dSCy Schubert 1071*2b15cb3dSCy Schubert <p>The first two fields show the date (Modified Julian Day) and time 1072*2b15cb3dSCy Schubert(seconds and fraction past UTC midnight). 1073*2b15cb3dSCy SchubertThe next field shows the peer 1074*2b15cb3dSCy Schubertaddress in dotted-quad notation, The final message field includes the 1075*2b15cb3dSCy Schubertmessage type and certain ancillary information. 1076*2b15cb3dSCy SchubertSee the 1077*2b15cb3dSCy Schubert<a href="#Authentication-Options">Authentication Options</a> 1078*2b15cb3dSCy Schubertsection for further information. 1079*2b15cb3dSCy Schubert<br><dt><code>loopstats</code><dd>Enables recording of loop filter statistics information. 1080*2b15cb3dSCy SchubertEach 1081*2b15cb3dSCy Schubertupdate of the local clock outputs a line of the following form to 1082*2b15cb3dSCy Schubertthe file generation set named 1083*2b15cb3dSCy Schubert<code>loopstats</code>: 1084*2b15cb3dSCy Schubert<pre class="verbatim"> 1085*2b15cb3dSCy Schubert 50935 75440.031 0.000006019 13.778190 0.000351733 0.0133806 1086*2b15cb3dSCy Schubert </pre> 1087*2b15cb3dSCy Schubert 1088*2b15cb3dSCy Schubert <p>The first two fields show the date (Modified Julian Day) and 1089*2b15cb3dSCy Schuberttime (seconds and fraction past UTC midnight). 1090*2b15cb3dSCy SchubertThe next five fields 1091*2b15cb3dSCy Schubertshow time offset (seconds), frequency offset (parts per million - 1092*2b15cb3dSCy SchubertPPM), RMS jitter (seconds), Allan deviation (PPM) and clock 1093*2b15cb3dSCy Schubertdiscipline time constant. 1094*2b15cb3dSCy Schubert<br><dt><code>peerstats</code><dd>Enables recording of peer statistics information. 1095*2b15cb3dSCy SchubertThis includes 1096*2b15cb3dSCy Schubertstatistics records of all peers of a NTP server and of special 1097*2b15cb3dSCy Schubertsignals, where present and configured. 1098*2b15cb3dSCy SchubertEach valid update appends a 1099*2b15cb3dSCy Schubertline of the following form to the current element of a file 1100*2b15cb3dSCy Schubertgeneration set named 1101*2b15cb3dSCy Schubert<code>peerstats</code>: 1102*2b15cb3dSCy Schubert<pre class="verbatim"> 1103*2b15cb3dSCy Schubert 48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674 1104*2b15cb3dSCy Schubert </pre> 1105*2b15cb3dSCy Schubert 1106*2b15cb3dSCy Schubert <p>The first two fields show the date (Modified Julian Day) and 1107*2b15cb3dSCy Schuberttime (seconds and fraction past UTC midnight). 1108*2b15cb3dSCy SchubertThe next two fields 1109*2b15cb3dSCy Schubertshow the peer address in dotted-quad notation and status, 1110*2b15cb3dSCy Schubertrespectively. 1111*2b15cb3dSCy SchubertThe status field is encoded in hex in the format 1112*2b15cb3dSCy Schubertdescribed in Appendix A of the NTP specification RFC 1305. 1113*2b15cb3dSCy SchubertThe final four fields show the offset, 1114*2b15cb3dSCy Schubertdelay, dispersion and RMS jitter, all in seconds. 1115*2b15cb3dSCy Schubert<br><dt><code>rawstats</code><dd>Enables recording of raw-timestamp statistics information. 1116*2b15cb3dSCy SchubertThis 1117*2b15cb3dSCy Schubertincludes statistics records of all peers of a NTP server and of 1118*2b15cb3dSCy Schubertspecial signals, where present and configured. 1119*2b15cb3dSCy SchubertEach NTP message 1120*2b15cb3dSCy Schubertreceived from a peer or clock driver appends a line of the 1121*2b15cb3dSCy Schubertfollowing form to the file generation set named 1122*2b15cb3dSCy Schubert<code>rawstats</code>: 1123*2b15cb3dSCy Schubert<pre class="verbatim"> 1124*2b15cb3dSCy Schubert 50928 2132.543 128.4.1.1 128.4.1.20 3102453281.584327000 3102453281.58622800031 02453332.540806000 3102453332.541458000 1125*2b15cb3dSCy Schubert </pre> 1126*2b15cb3dSCy Schubert 1127*2b15cb3dSCy Schubert <p>The first two fields show the date (Modified Julian Day) and 1128*2b15cb3dSCy Schuberttime (seconds and fraction past UTC midnight). 1129*2b15cb3dSCy SchubertThe next two fields 1130*2b15cb3dSCy Schubertshow the remote peer or clock address followed by the local address 1131*2b15cb3dSCy Schubertin dotted-quad notation. 1132*2b15cb3dSCy SchubertThe final four fields show the originate, 1133*2b15cb3dSCy Schubertreceive, transmit and final NTP timestamps in order. 1134*2b15cb3dSCy SchubertThe timestamp 1135*2b15cb3dSCy Schubertvalues are as received and before processing by the various data 1136*2b15cb3dSCy Schubertsmoothing and mitigation algorithms. 1137*2b15cb3dSCy Schubert<br><dt><code>sysstats</code><dd>Enables recording of ntpd statistics counters on a periodic basis. 1138*2b15cb3dSCy SchubertEach 1139*2b15cb3dSCy Schuberthour a line of the following form is appended to the file generation 1140*2b15cb3dSCy Schubertset named 1141*2b15cb3dSCy Schubert<code>sysstats</code>: 1142*2b15cb3dSCy Schubert<pre class="verbatim"> 1143*2b15cb3dSCy Schubert 50928 2132.543 36000 81965 0 9546 56 71793 512 540 10 147 1144*2b15cb3dSCy Schubert </pre> 1145*2b15cb3dSCy Schubert 1146*2b15cb3dSCy Schubert <p>The first two fields show the date (Modified Julian Day) and time 1147*2b15cb3dSCy Schubert(seconds and fraction past UTC midnight). 1148*2b15cb3dSCy SchubertThe remaining ten fields show 1149*2b15cb3dSCy Schubertthe statistics counter values accumulated since the last generated 1150*2b15cb3dSCy Schubertline. 1151*2b15cb3dSCy Schubert <dl> 1152*2b15cb3dSCy Schubert<dt>Time since restart <code>36000</code><dd>Time in hours since the system was last rebooted. 1153*2b15cb3dSCy Schubert<br><dt>Packets received <code>81965</code><dd>Total number of packets received. 1154*2b15cb3dSCy Schubert<br><dt>Packets processed <code>0</code><dd>Number of packets received in response to previous packets sent 1155*2b15cb3dSCy Schubert<br><dt>Current version <code>9546</code><dd>Number of packets matching the current NTP version. 1156*2b15cb3dSCy Schubert<br><dt>Previous version <code>56</code><dd>Number of packets matching the previous NTP version. 1157*2b15cb3dSCy Schubert<br><dt>Bad version <code>71793</code><dd>Number of packets matching neither NTP version. 1158*2b15cb3dSCy Schubert<br><dt>Access denied <code>512</code><dd>Number of packets denied access for any reason. 1159*2b15cb3dSCy Schubert<br><dt>Bad length or format <code>540</code><dd>Number of packets with invalid length, format or port number. 1160*2b15cb3dSCy Schubert<br><dt>Bad authentication <code>10</code><dd>Number of packets not verified as authentic. 1161*2b15cb3dSCy Schubert<br><dt>Rate exceeded <code>147</code><dd>Number of packets discarded due to rate limitation. 1162*2b15cb3dSCy Schubert</dl> 1163*2b15cb3dSCy Schubert <br><dt><code>statsdir</code> <kbd>directory_path</kbd><dd>Indicates the full path of a directory where statistics files 1164*2b15cb3dSCy Schubertshould be created (see below). 1165*2b15cb3dSCy SchubertThis keyword allows 1166*2b15cb3dSCy Schubertthe (otherwise constant) 1167*2b15cb3dSCy Schubert<code>filegen</code> 1168*2b15cb3dSCy Schubertfilename prefix to be modified for file generation sets, which 1169*2b15cb3dSCy Schubertis useful for handling statistics logs. 1170*2b15cb3dSCy Schubert<br><dt><code>filegen</code> <kbd>name</kbd> <code>[file </code><kbd>filename</kbd><code>]</code> <code>[type </code><kbd>typename</kbd><code>]</code> <code>[link | nolink]</code> <code>[enable | disable]</code><dd>Configures setting of generation file set name. 1171*2b15cb3dSCy SchubertGeneration 1172*2b15cb3dSCy Schubertfile sets provide a means for handling files that are 1173*2b15cb3dSCy Schubertcontinuously growing during the lifetime of a server. 1174*2b15cb3dSCy SchubertServer statistics are a typical example for such files. 1175*2b15cb3dSCy SchubertGeneration file sets provide access to a set of files used 1176*2b15cb3dSCy Schubertto store the actual data. 1177*2b15cb3dSCy SchubertAt any time at most one element 1178*2b15cb3dSCy Schubertof the set is being written to. 1179*2b15cb3dSCy SchubertThe type given specifies 1180*2b15cb3dSCy Schubertwhen and how data will be directed to a new element of the set. 1181*2b15cb3dSCy SchubertThis way, information stored in elements of a file set 1182*2b15cb3dSCy Schubertthat are currently unused are available for administrational 1183*2b15cb3dSCy Schubertoperations without the risk of disturbing the operation of ntpd. 1184*2b15cb3dSCy Schubert(Most important: they can be removed to free space for new data 1185*2b15cb3dSCy Schubertproduced.) 1186*2b15cb3dSCy Schubert 1187*2b15cb3dSCy Schubert <p>Note that this command can be sent from the 1188*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 1189*2b15cb3dSCy Schubertprogram running at a remote location. 1190*2b15cb3dSCy Schubert <dl> 1191*2b15cb3dSCy Schubert<dt><code>name</code><dd>This is the type of the statistics records, as shown in the 1192*2b15cb3dSCy Schubert<code>statistics</code> 1193*2b15cb3dSCy Schubertcommand. 1194*2b15cb3dSCy Schubert<br><dt><code>file</code> <kbd>filename</kbd><dd>This is the file name for the statistics records. 1195*2b15cb3dSCy SchubertFilenames of set 1196*2b15cb3dSCy Schubertmembers are built from three concatenated elements 1197*2b15cb3dSCy Schubert<code>prefix</code>, 1198*2b15cb3dSCy Schubert<code>filename</code> 1199*2b15cb3dSCy Schubertand 1200*2b15cb3dSCy Schubert<code>suffix</code>: 1201*2b15cb3dSCy Schubert <dl> 1202*2b15cb3dSCy Schubert<dt><code>prefix</code><dd>This is a constant filename path. 1203*2b15cb3dSCy SchubertIt is not subject to 1204*2b15cb3dSCy Schubertmodifications via the 1205*2b15cb3dSCy Schubert<kbd>filegen</kbd> 1206*2b15cb3dSCy Schubertoption. 1207*2b15cb3dSCy SchubertIt is defined by the 1208*2b15cb3dSCy Schubertserver, usually specified as a compile-time constant. 1209*2b15cb3dSCy SchubertIt may, 1210*2b15cb3dSCy Schuberthowever, be configurable for individual file generation sets 1211*2b15cb3dSCy Schubertvia other commands. 1212*2b15cb3dSCy SchubertFor example, the prefix used with 1213*2b15cb3dSCy Schubert<kbd>loopstats</kbd> 1214*2b15cb3dSCy Schubertand 1215*2b15cb3dSCy Schubert<kbd>peerstats</kbd> 1216*2b15cb3dSCy Schubertgeneration can be configured using the 1217*2b15cb3dSCy Schubert<kbd>statsdir</kbd> 1218*2b15cb3dSCy Schubertoption explained above. 1219*2b15cb3dSCy Schubert<br><dt><code>filename</code><dd>This string is directly concatenated to the prefix mentioned 1220*2b15cb3dSCy Schubertabove (no intervening 1221*2b15cb3dSCy Schubert/). 1222*2b15cb3dSCy SchubertThis can be modified using 1223*2b15cb3dSCy Schubertthe file argument to the 1224*2b15cb3dSCy Schubert<kbd>filegen</kbd> 1225*2b15cb3dSCy Schubertstatement. 1226*2b15cb3dSCy SchubertNo 1227*2b15cb3dSCy Schubert<span class="file">..</span> 1228*2b15cb3dSCy Schubertelements are 1229*2b15cb3dSCy Schubertallowed in this component to prevent filenames referring to 1230*2b15cb3dSCy Schubertparts outside the filesystem hierarchy denoted by 1231*2b15cb3dSCy Schubert<kbd>prefix</kbd>. 1232*2b15cb3dSCy Schubert<br><dt><code>suffix</code><dd>This part is reflects individual elements of a file set. 1233*2b15cb3dSCy SchubertIt is 1234*2b15cb3dSCy Schubertgenerated according to the type of a file set. 1235*2b15cb3dSCy Schubert</dl> 1236*2b15cb3dSCy Schubert <br><dt><code>type</code> <kbd>typename</kbd><dd>A file generation set is characterized by its type. 1237*2b15cb3dSCy SchubertThe following 1238*2b15cb3dSCy Schuberttypes are supported: 1239*2b15cb3dSCy Schubert <dl> 1240*2b15cb3dSCy Schubert<dt><code>none</code><dd>The file set is actually a single plain file. 1241*2b15cb3dSCy Schubert<br><dt><code>pid</code><dd>One element of file set is used per incarnation of a ntpd 1242*2b15cb3dSCy Schubertserver. 1243*2b15cb3dSCy SchubertThis type does not perform any changes to file set 1244*2b15cb3dSCy Schubertmembers during runtime, however it provides an easy way of 1245*2b15cb3dSCy Schubertseparating files belonging to different 1246*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 1247*2b15cb3dSCy Schubertserver incarnations. 1248*2b15cb3dSCy SchubertThe set member filename is built by appending a 1249*2b15cb3dSCy Schubert. 1250*2b15cb3dSCy Schubertto concatenated 1251*2b15cb3dSCy Schubert<kbd>prefix</kbd> 1252*2b15cb3dSCy Schubertand 1253*2b15cb3dSCy Schubert<kbd>filename</kbd> 1254*2b15cb3dSCy Schubertstrings, and 1255*2b15cb3dSCy Schubertappending the decimal representation of the process ID of the 1256*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 1257*2b15cb3dSCy Schubertserver process. 1258*2b15cb3dSCy Schubert<br><dt><code>day</code><dd>One file generation set element is created per day. 1259*2b15cb3dSCy SchubertA day is 1260*2b15cb3dSCy Schubertdefined as the period between 00:00 and 24:00 UTC. 1261*2b15cb3dSCy SchubertThe file set 1262*2b15cb3dSCy Schubertmember suffix consists of a 1263*2b15cb3dSCy Schubert. 1264*2b15cb3dSCy Schubertand a day specification in 1265*2b15cb3dSCy Schubertthe form 1266*2b15cb3dSCy Schubert<code>YYYYMMdd</code>. 1267*2b15cb3dSCy Schubert<code>YYYY</code> 1268*2b15cb3dSCy Schubertis a 4-digit year number (e.g., 1992). 1269*2b15cb3dSCy Schubert<code>MM</code> 1270*2b15cb3dSCy Schubertis a two digit month number. 1271*2b15cb3dSCy Schubert<code>dd</code> 1272*2b15cb3dSCy Schubertis a two digit day number. 1273*2b15cb3dSCy SchubertThus, all information written at 10 December 1992 would end up 1274*2b15cb3dSCy Schubertin a file named 1275*2b15cb3dSCy Schubert<kbd>prefix</kbd> 1276*2b15cb3dSCy Schubert<kbd>filename</kbd>.19921210. 1277*2b15cb3dSCy Schubert<br><dt><code>week</code><dd>Any file set member contains data related to a certain week of 1278*2b15cb3dSCy Schuberta year. 1279*2b15cb3dSCy SchubertThe term week is defined by computing day-of-year 1280*2b15cb3dSCy Schubertmodulo 7. 1281*2b15cb3dSCy SchubertElements of such a file generation set are 1282*2b15cb3dSCy Schubertdistinguished by appending the following suffix to the file set 1283*2b15cb3dSCy Schubertfilename base: A dot, a 4-digit year number, the letter 1284*2b15cb3dSCy Schubert<code>W</code>, 1285*2b15cb3dSCy Schubertand a 2-digit week number. 1286*2b15cb3dSCy SchubertFor example, information from January, 1287*2b15cb3dSCy Schubert10th 1992 would end up in a file with suffix 1288*2b15cb3dSCy Schubert.No . Ns Ar 1992W1 . 1289*2b15cb3dSCy Schubert<br><dt><code>month</code><dd>One generation file set element is generated per month. 1290*2b15cb3dSCy SchubertThe 1291*2b15cb3dSCy Schubertfile name suffix consists of a dot, a 4-digit year number, and 1292*2b15cb3dSCy Schuberta 2-digit month. 1293*2b15cb3dSCy Schubert<br><dt><code>year</code><dd>One generation file element is generated per year. 1294*2b15cb3dSCy SchubertThe filename 1295*2b15cb3dSCy Schubertsuffix consists of a dot and a 4 digit year number. 1296*2b15cb3dSCy Schubert<br><dt><code>age</code><dd>This type of file generation sets changes to a new element of 1297*2b15cb3dSCy Schubertthe file set every 24 hours of server operation. 1298*2b15cb3dSCy SchubertThe filename 1299*2b15cb3dSCy Schubertsuffix consists of a dot, the letter 1300*2b15cb3dSCy Schubert<code>a</code>, 1301*2b15cb3dSCy Schubertand an 8-digit number. 1302*2b15cb3dSCy SchubertThis number is taken to be the number of seconds the server is 1303*2b15cb3dSCy Schubertrunning at the start of the corresponding 24-hour period. 1304*2b15cb3dSCy SchubertInformation is only written to a file generation by specifying 1305*2b15cb3dSCy Schubert<code>enable</code>; 1306*2b15cb3dSCy Schubertoutput is prevented by specifying 1307*2b15cb3dSCy Schubert<code>disable</code>. 1308*2b15cb3dSCy Schubert</dl> 1309*2b15cb3dSCy Schubert <br><dt><code>link</code> | <code>nolink</code><dd>It is convenient to be able to access the current element of a file 1310*2b15cb3dSCy Schubertgeneration set by a fixed name. 1311*2b15cb3dSCy SchubertThis feature is enabled by 1312*2b15cb3dSCy Schubertspecifying 1313*2b15cb3dSCy Schubert<code>link</code> 1314*2b15cb3dSCy Schubertand disabled using 1315*2b15cb3dSCy Schubert<code>nolink</code>. 1316*2b15cb3dSCy SchubertIf link is specified, a 1317*2b15cb3dSCy Schuberthard link from the current file set element to a file without 1318*2b15cb3dSCy Schubertsuffix is created. 1319*2b15cb3dSCy SchubertWhen there is already a file with this name and 1320*2b15cb3dSCy Schubertthe number of links of this file is one, it is renamed appending a 1321*2b15cb3dSCy Schubertdot, the letter 1322*2b15cb3dSCy Schubert<code>C</code>, 1323*2b15cb3dSCy Schubertand the pid of the ntpd server process. 1324*2b15cb3dSCy SchubertWhen the 1325*2b15cb3dSCy Schubertnumber of links is greater than one, the file is unlinked. 1326*2b15cb3dSCy SchubertThis 1327*2b15cb3dSCy Schubertallows the current file to be accessed by a constant name. 1328*2b15cb3dSCy Schubert<br><dt><code>enable</code> <code>|</code> <code>disable</code><dd>Enables or disables the recording function. 1329*2b15cb3dSCy Schubert</dl> 1330*2b15cb3dSCy Schubert </dl> 1331*2b15cb3dSCy Schubert </dl> 1332*2b15cb3dSCy Schubert<div class="node"> 1333*2b15cb3dSCy Schubert<p><hr> 1334*2b15cb3dSCy Schubert<a name="Access-Control-Support"></a> 1335*2b15cb3dSCy Schubert<br> 1336*2b15cb3dSCy Schubert</div> 1337*2b15cb3dSCy Schubert 1338*2b15cb3dSCy Schubert<h4 class="subsection">Access Control Support</h4> 1339*2b15cb3dSCy Schubert 1340*2b15cb3dSCy Schubert<p>The 1341*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 1342*2b15cb3dSCy Schubertdaemon implements a general purpose address/mask based restriction 1343*2b15cb3dSCy Schubertlist. 1344*2b15cb3dSCy SchubertThe list contains address/match entries sorted first 1345*2b15cb3dSCy Schubertby increasing address values and and then by increasing mask values. 1346*2b15cb3dSCy SchubertA match occurs when the bitwise AND of the mask and the packet 1347*2b15cb3dSCy Schubertsource address is equal to the bitwise AND of the mask and 1348*2b15cb3dSCy Schubertaddress in the list. 1349*2b15cb3dSCy SchubertThe list is searched in order with the 1350*2b15cb3dSCy Schubertlast match found defining the restriction flags associated 1351*2b15cb3dSCy Schubertwith the entry. 1352*2b15cb3dSCy SchubertAdditional information and examples can be found in the 1353*2b15cb3dSCy Schubert"Notes on Configuring NTP and Setting up a NTP Subnet" 1354*2b15cb3dSCy Schubertpage 1355*2b15cb3dSCy Schubert(available as part of the HTML documentation 1356*2b15cb3dSCy Schubertprovided in 1357*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 1358*2b15cb3dSCy Schubert 1359*2b15cb3dSCy Schubert <p>The restriction facility was implemented in conformance 1360*2b15cb3dSCy Schubertwith the access policies for the original NSFnet backbone 1361*2b15cb3dSCy Schuberttime servers. 1362*2b15cb3dSCy SchubertLater the facility was expanded to deflect 1363*2b15cb3dSCy Schubertcryptographic and clogging attacks. 1364*2b15cb3dSCy SchubertWhile this facility may 1365*2b15cb3dSCy Schubertbe useful for keeping unwanted or broken or malicious clients 1366*2b15cb3dSCy Schubertfrom congesting innocent servers, it should not be considered 1367*2b15cb3dSCy Schubertan alternative to the NTP authentication facilities. 1368*2b15cb3dSCy SchubertSource address based restrictions are easily circumvented 1369*2b15cb3dSCy Schubertby a determined cracker. 1370*2b15cb3dSCy Schubert 1371*2b15cb3dSCy Schubert <p>Clients can be denied service because they are explicitly 1372*2b15cb3dSCy Schubertincluded in the restrict list created by the restrict command 1373*2b15cb3dSCy Schubertor implicitly as the result of cryptographic or rate limit 1374*2b15cb3dSCy Schubertviolations. 1375*2b15cb3dSCy SchubertCryptographic violations include certificate 1376*2b15cb3dSCy Schubertor identity verification failure; rate limit violations generally 1377*2b15cb3dSCy Schubertresult from defective NTP implementations that send packets 1378*2b15cb3dSCy Schubertat abusive rates. 1379*2b15cb3dSCy SchubertSome violations cause denied service 1380*2b15cb3dSCy Schubertonly for the offending packet, others cause denied service 1381*2b15cb3dSCy Schubertfor a timed period and others cause the denied service for 1382*2b15cb3dSCy Schubertan indefinate period. 1383*2b15cb3dSCy SchubertWhen a client or network is denied access 1384*2b15cb3dSCy Schubertfor an indefinate period, the only way at present to remove 1385*2b15cb3dSCy Schubertthe restrictions is by restarting the server. 1386*2b15cb3dSCy Schubert 1387*2b15cb3dSCy Schubert<h5 class="subsubsection">The Kiss-of-Death Packet</h5> 1388*2b15cb3dSCy Schubert 1389*2b15cb3dSCy Schubert<p>Ordinarily, packets denied service are simply dropped with no 1390*2b15cb3dSCy Schubertfurther action except incrementing statistics counters. 1391*2b15cb3dSCy SchubertSometimes a 1392*2b15cb3dSCy Schubertmore proactive response is needed, such as a server message that 1393*2b15cb3dSCy Schubertexplicitly requests the client to stop sending and leave a message 1394*2b15cb3dSCy Schubertfor the system operator. 1395*2b15cb3dSCy SchubertA special packet format has been created 1396*2b15cb3dSCy Schubertfor this purpose called the "kiss-of-death" (KoD) packet. 1397*2b15cb3dSCy SchubertKoD packets have the leap bits set unsynchronized and stratum set 1398*2b15cb3dSCy Schubertto zero and the reference identifier field set to a four-byte 1399*2b15cb3dSCy SchubertASCII code. 1400*2b15cb3dSCy SchubertIf the 1401*2b15cb3dSCy Schubert<code>noserve</code> 1402*2b15cb3dSCy Schubertor 1403*2b15cb3dSCy Schubert<code>notrust</code> 1404*2b15cb3dSCy Schubertflag of the matching restrict list entry is set, 1405*2b15cb3dSCy Schubertthe code is "DENY"; if the 1406*2b15cb3dSCy Schubert<code>limited</code> 1407*2b15cb3dSCy Schubertflag is set and the rate limit 1408*2b15cb3dSCy Schubertis exceeded, the code is "RATE". 1409*2b15cb3dSCy SchubertFinally, if a cryptographic violation occurs, the code is "CRYP". 1410*2b15cb3dSCy Schubert 1411*2b15cb3dSCy Schubert <p>A client receiving a KoD performs a set of sanity checks to 1412*2b15cb3dSCy Schubertminimize security exposure, then updates the stratum and 1413*2b15cb3dSCy Schubertreference identifier peer variables, sets the access 1414*2b15cb3dSCy Schubertdenied (TEST4) bit in the peer flash variable and sends 1415*2b15cb3dSCy Schuberta message to the log. 1416*2b15cb3dSCy SchubertAs long as the TEST4 bit is set, 1417*2b15cb3dSCy Schubertthe client will send no further packets to the server. 1418*2b15cb3dSCy SchubertThe only way at present to recover from this condition is 1419*2b15cb3dSCy Schubertto restart the protocol at both the client and server. 1420*2b15cb3dSCy SchubertThis 1421*2b15cb3dSCy Schuberthappens automatically at the client when the association times out. 1422*2b15cb3dSCy SchubertIt will happen at the server only if the server operator cooperates. 1423*2b15cb3dSCy Schubert 1424*2b15cb3dSCy Schubert<h5 class="subsubsection">Access Control Commands</h5> 1425*2b15cb3dSCy Schubert 1426*2b15cb3dSCy Schubert <dl> 1427*2b15cb3dSCy Schubert<dt><code>discard</code> <code>[average </code><kbd>avg</kbd><code>]</code> <code>[minimum </code><kbd>min</kbd><code>]</code> <code>[monitor </code><kbd>prob</kbd><code>]</code><dd>Set the parameters of the 1428*2b15cb3dSCy Schubert<code>limited</code> 1429*2b15cb3dSCy Schubertfacility which protects the server from 1430*2b15cb3dSCy Schubertclient abuse. 1431*2b15cb3dSCy SchubertThe 1432*2b15cb3dSCy Schubert<code>average</code> 1433*2b15cb3dSCy Schubertsubcommand specifies the minimum average packet 1434*2b15cb3dSCy Schubertspacing, while the 1435*2b15cb3dSCy Schubert<code>minimum</code> 1436*2b15cb3dSCy Schubertsubcommand specifies the minimum packet spacing. 1437*2b15cb3dSCy SchubertPackets that violate these minima are discarded 1438*2b15cb3dSCy Schubertand a kiss-o'-death packet returned if enabled. 1439*2b15cb3dSCy SchubertThe default 1440*2b15cb3dSCy Schubertminimum average and minimum are 5 and 2, respectively. 1441*2b15cb3dSCy SchubertThe monitor subcommand specifies the probability of discard 1442*2b15cb3dSCy Schubertfor packets that overflow the rate-control window. 1443*2b15cb3dSCy Schubert<br><dt><code>restrict</code> <code>address</code> <code>[mask </code><kbd>mask</kbd><code>]</code> <code>[</code><kbd>flag</kbd> <kbd>...</kbd><code>]</code><dd>The 1444*2b15cb3dSCy Schubert<kbd>address</kbd> 1445*2b15cb3dSCy Schubertargument expressed in 1446*2b15cb3dSCy Schubertdotted-quad form is the address of a host or network. 1447*2b15cb3dSCy SchubertAlternatively, the 1448*2b15cb3dSCy Schubert<kbd>address</kbd> 1449*2b15cb3dSCy Schubertargument can be a valid host DNS name. 1450*2b15cb3dSCy SchubertThe 1451*2b15cb3dSCy Schubert<kbd>mask</kbd> 1452*2b15cb3dSCy Schubertargument expressed in dotted-quad form defaults to 1453*2b15cb3dSCy Schubert<code>255.255.255.255</code>, 1454*2b15cb3dSCy Schubertmeaning that the 1455*2b15cb3dSCy Schubert<kbd>address</kbd> 1456*2b15cb3dSCy Schubertis treated as the address of an individual host. 1457*2b15cb3dSCy SchubertA default entry (address 1458*2b15cb3dSCy Schubert<code>0.0.0.0</code>, 1459*2b15cb3dSCy Schubertmask 1460*2b15cb3dSCy Schubert<code>0.0.0.0</code>) 1461*2b15cb3dSCy Schubertis always included and is always the first entry in the list. 1462*2b15cb3dSCy SchubertNote that text string 1463*2b15cb3dSCy Schubert<code>default</code>, 1464*2b15cb3dSCy Schubertwith no mask option, may 1465*2b15cb3dSCy Schubertbe used to indicate the default entry. 1466*2b15cb3dSCy SchubertIn the current implementation, 1467*2b15cb3dSCy Schubert<code>flag</code> 1468*2b15cb3dSCy Schubertalways 1469*2b15cb3dSCy Schubertrestricts access, i.e., an entry with no flags indicates that free 1470*2b15cb3dSCy Schubertaccess to the server is to be given. 1471*2b15cb3dSCy SchubertThe flags are not orthogonal, 1472*2b15cb3dSCy Schubertin that more restrictive flags will often make less restrictive 1473*2b15cb3dSCy Schubertones redundant. 1474*2b15cb3dSCy SchubertThe flags can generally be classed into two 1475*2b15cb3dSCy Schubertcategories, those which restrict time service and those which 1476*2b15cb3dSCy Schubertrestrict informational queries and attempts to do run-time 1477*2b15cb3dSCy Schubertreconfiguration of the server. 1478*2b15cb3dSCy SchubertOne or more of the following flags 1479*2b15cb3dSCy Schubertmay be specified: 1480*2b15cb3dSCy Schubert <dl> 1481*2b15cb3dSCy Schubert<dt><code>ignore</code><dd>Deny packets of all kinds, including 1482*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 1483*2b15cb3dSCy Schubertand 1484*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 1485*2b15cb3dSCy Schubertqueries. 1486*2b15cb3dSCy Schubert<br><dt><code>kod</code><dd>If this flag is set when an access violation occurs, a kiss-o'-death 1487*2b15cb3dSCy Schubert(KoD) packet is sent. 1488*2b15cb3dSCy SchubertKoD packets are rate limited to no more than one 1489*2b15cb3dSCy Schubertper second. 1490*2b15cb3dSCy SchubertIf another KoD packet occurs within one second after the 1491*2b15cb3dSCy Schubertlast one, the packet is dropped. 1492*2b15cb3dSCy Schubert<br><dt><code>limited</code><dd>Deny service if the packet spacing violates the lower limits specified 1493*2b15cb3dSCy Schubertin the discard command. 1494*2b15cb3dSCy SchubertA history of clients is kept using the 1495*2b15cb3dSCy Schubertmonitoring capability of 1496*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code>. 1497*2b15cb3dSCy SchubertThus, monitoring is always active as 1498*2b15cb3dSCy Schubertlong as there is a restriction entry with the 1499*2b15cb3dSCy Schubert<code>limited</code> 1500*2b15cb3dSCy Schubertflag. 1501*2b15cb3dSCy Schubert<br><dt><code>lowpriotrap</code><dd>Declare traps set by matching hosts to be low priority. 1502*2b15cb3dSCy SchubertThe 1503*2b15cb3dSCy Schubertnumber of traps a server can maintain is limited (the current limit 1504*2b15cb3dSCy Schubertis 3). 1505*2b15cb3dSCy SchubertTraps are usually assigned on a first come, first served 1506*2b15cb3dSCy Schubertbasis, with later trap requestors being denied service. 1507*2b15cb3dSCy SchubertThis flag 1508*2b15cb3dSCy Schubertmodifies the assignment algorithm by allowing low priority traps to 1509*2b15cb3dSCy Schubertbe overridden by later requests for normal priority traps. 1510*2b15cb3dSCy Schubert<br><dt><code>nomodify</code><dd>Deny 1511*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 1512*2b15cb3dSCy Schubertand 1513*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 1514*2b15cb3dSCy Schubertqueries which attempt to modify the state of the 1515*2b15cb3dSCy Schubertserver (i.e., run time reconfiguration). 1516*2b15cb3dSCy SchubertQueries which return 1517*2b15cb3dSCy Schubertinformation are permitted. 1518*2b15cb3dSCy Schubert<br><dt><code>noquery</code><dd>Deny 1519*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 1520*2b15cb3dSCy Schubertand 1521*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 1522*2b15cb3dSCy Schubertqueries. 1523*2b15cb3dSCy SchubertTime service is not affected. 1524*2b15cb3dSCy Schubert<br><dt><code>nopeer</code><dd>Deny packets which would result in mobilizing a new association. 1525*2b15cb3dSCy SchubertThis 1526*2b15cb3dSCy Schubertincludes broadcast and symmetric active packets when a configured 1527*2b15cb3dSCy Schubertassociation does not exist. 1528*2b15cb3dSCy SchubertIt also includes 1529*2b15cb3dSCy Schubert<code>pool</code> 1530*2b15cb3dSCy Schubertassociations, so if you want to use servers from a 1531*2b15cb3dSCy Schubert<code>pool</code> 1532*2b15cb3dSCy Schubertdirective and also want to use 1533*2b15cb3dSCy Schubert<code>nopeer</code> 1534*2b15cb3dSCy Schubertby default, you'll want a 1535*2b15cb3dSCy Schubert<code>restrict source ...</code> <code>line</code> <code>as</code> <code>well</code> <code>that</code> <code>does</code> 1536*2b15cb3dSCy Schubert<br><dt>not<dd>include the 1537*2b15cb3dSCy Schubert<code>nopeer</code> 1538*2b15cb3dSCy Schubertdirective. 1539*2b15cb3dSCy Schubert<br><dt><code>noserve</code><dd>Deny all packets except 1540*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 1541*2b15cb3dSCy Schubertand 1542*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 1543*2b15cb3dSCy Schubertqueries. 1544*2b15cb3dSCy Schubert<br><dt><code>notrap</code><dd>Decline to provide mode 6 control message trap service to matching 1545*2b15cb3dSCy Schuberthosts. 1546*2b15cb3dSCy SchubertThe trap service is a subsystem of the ntpdq control message 1547*2b15cb3dSCy Schubertprotocol which is intended for use by remote event logging programs. 1548*2b15cb3dSCy Schubert<br><dt><code>notrust</code><dd>Deny service unless the packet is cryptographically authenticated. 1549*2b15cb3dSCy Schubert<br><dt><code>ntpport</code><dd>This is actually a match algorithm modifier, rather than a 1550*2b15cb3dSCy Schubertrestriction flag. 1551*2b15cb3dSCy SchubertIts presence causes the restriction entry to be 1552*2b15cb3dSCy Schubertmatched only if the source port in the packet is the standard NTP 1553*2b15cb3dSCy SchubertUDP port (123). 1554*2b15cb3dSCy SchubertBoth 1555*2b15cb3dSCy Schubert<code>ntpport</code> 1556*2b15cb3dSCy Schubertand 1557*2b15cb3dSCy Schubert<code>non-ntpport</code> 1558*2b15cb3dSCy Schubertmay 1559*2b15cb3dSCy Schubertbe specified. 1560*2b15cb3dSCy SchubertThe 1561*2b15cb3dSCy Schubert<code>ntpport</code> 1562*2b15cb3dSCy Schubertis considered more specific and 1563*2b15cb3dSCy Schubertis sorted later in the list. 1564*2b15cb3dSCy Schubert<br><dt><code>version</code><dd>Deny packets that do not match the current NTP version. 1565*2b15cb3dSCy Schubert</dl> 1566*2b15cb3dSCy Schubert 1567*2b15cb3dSCy Schubert <p>Default restriction list entries with the flags ignore, interface, 1568*2b15cb3dSCy Schubertntpport, for each of the local host's interface addresses are 1569*2b15cb3dSCy Schubertinserted into the table at startup to prevent the server 1570*2b15cb3dSCy Schubertfrom attempting to synchronize to its own time. 1571*2b15cb3dSCy SchubertA default entry is also always present, though if it is 1572*2b15cb3dSCy Schubertotherwise unconfigured; no flags are associated 1573*2b15cb3dSCy Schubertwith the default entry (i.e., everything besides your own 1574*2b15cb3dSCy SchubertNTP server is unrestricted). 1575*2b15cb3dSCy Schubert</dl> 1576*2b15cb3dSCy Schubert<div class="node"> 1577*2b15cb3dSCy Schubert<p><hr> 1578*2b15cb3dSCy Schubert<a name="Automatic-NTP-Configuration-Options"></a> 1579*2b15cb3dSCy Schubert<br> 1580*2b15cb3dSCy Schubert</div> 1581*2b15cb3dSCy Schubert 1582*2b15cb3dSCy Schubert<h4 class="subsection">Automatic NTP Configuration Options</h4> 1583*2b15cb3dSCy Schubert 1584*2b15cb3dSCy Schubert<h5 class="subsubsection">Manycasting</h5> 1585*2b15cb3dSCy Schubert 1586*2b15cb3dSCy Schubert<p>Manycasting is a automatic discovery and configuration paradigm 1587*2b15cb3dSCy Schubertnew to NTPv4. 1588*2b15cb3dSCy SchubertIt is intended as a means for a multicast client 1589*2b15cb3dSCy Schubertto troll the nearby network neighborhood to find cooperating 1590*2b15cb3dSCy Schubertmanycast servers, validate them using cryptographic means 1591*2b15cb3dSCy Schubertand evaluate their time values with respect to other servers 1592*2b15cb3dSCy Schubertthat might be lurking in the vicinity. 1593*2b15cb3dSCy SchubertThe intended result is that each manycast client mobilizes 1594*2b15cb3dSCy Schubertclient associations with some number of the "best" 1595*2b15cb3dSCy Schubertof the nearby manycast servers, yet automatically reconfigures 1596*2b15cb3dSCy Schubertto sustain this number of servers should one or another fail. 1597*2b15cb3dSCy Schubert 1598*2b15cb3dSCy Schubert <p>Note that the manycasting paradigm does not coincide 1599*2b15cb3dSCy Schubertwith the anycast paradigm described in RFC-1546, 1600*2b15cb3dSCy Schubertwhich is designed to find a single server from a clique 1601*2b15cb3dSCy Schubertof servers providing the same service. 1602*2b15cb3dSCy SchubertThe manycast paradigm is designed to find a plurality 1603*2b15cb3dSCy Schubertof redundant servers satisfying defined optimality criteria. 1604*2b15cb3dSCy Schubert 1605*2b15cb3dSCy Schubert <p>Manycasting can be used with either symmetric key 1606*2b15cb3dSCy Schubertor public key cryptography. 1607*2b15cb3dSCy SchubertThe public key infrastructure (PKI) 1608*2b15cb3dSCy Schubertoffers the best protection against compromised keys 1609*2b15cb3dSCy Schubertand is generally considered stronger, at least with relatively 1610*2b15cb3dSCy Schubertlarge key sizes. 1611*2b15cb3dSCy SchubertIt is implemented using the Autokey protocol and 1612*2b15cb3dSCy Schubertthe OpenSSL cryptographic library available from 1613*2b15cb3dSCy Schubert<code>http://www.openssl.org/</code>. 1614*2b15cb3dSCy SchubertThe library can also be used with other NTPv4 modes 1615*2b15cb3dSCy Schubertas well and is highly recommended, especially for broadcast modes. 1616*2b15cb3dSCy Schubert 1617*2b15cb3dSCy Schubert <p>A persistent manycast client association is configured 1618*2b15cb3dSCy Schubertusing the manycastclient command, which is similar to the 1619*2b15cb3dSCy Schubertserver command but with a multicast (IPv4 class 1620*2b15cb3dSCy Schubert<code>D</code> 1621*2b15cb3dSCy Schubertor IPv6 prefix 1622*2b15cb3dSCy Schubert<code>FF</code>) 1623*2b15cb3dSCy Schubertgroup address. 1624*2b15cb3dSCy SchubertThe IANA has designated IPv4 address 224.1.1.1 1625*2b15cb3dSCy Schubertand IPv6 address FF05::101 (site local) for NTP. 1626*2b15cb3dSCy SchubertWhen more servers are needed, it broadcasts manycast 1627*2b15cb3dSCy Schubertclient messages to this address at the minimum feasible rate 1628*2b15cb3dSCy Schubertand minimum feasible time-to-live (TTL) hops, depending 1629*2b15cb3dSCy Schuberton how many servers have already been found. 1630*2b15cb3dSCy SchubertThere can be as many manycast client associations 1631*2b15cb3dSCy Schubertas different group address, each one serving as a template 1632*2b15cb3dSCy Schubertfor a future ephemeral unicast client/server association. 1633*2b15cb3dSCy Schubert 1634*2b15cb3dSCy Schubert <p>Manycast servers configured with the 1635*2b15cb3dSCy Schubert<code>manycastserver</code> 1636*2b15cb3dSCy Schubertcommand listen on the specified group address for manycast 1637*2b15cb3dSCy Schubertclient messages. 1638*2b15cb3dSCy SchubertNote the distinction between manycast client, 1639*2b15cb3dSCy Schubertwhich actively broadcasts messages, and manycast server, 1640*2b15cb3dSCy Schubertwhich passively responds to them. 1641*2b15cb3dSCy SchubertIf a manycast server is 1642*2b15cb3dSCy Schubertin scope of the current TTL and is itself synchronized 1643*2b15cb3dSCy Schubertto a valid source and operating at a stratum level equal 1644*2b15cb3dSCy Schubertto or lower than the manycast client, it replies to the 1645*2b15cb3dSCy Schubertmanycast client message with an ordinary unicast server message. 1646*2b15cb3dSCy Schubert 1647*2b15cb3dSCy Schubert <p>The manycast client receiving this message mobilizes 1648*2b15cb3dSCy Schubertan ephemeral client/server association according to the 1649*2b15cb3dSCy Schubertmatching manycast client template, but only if cryptographically 1650*2b15cb3dSCy Schubertauthenticated and the server stratum is less than or equal 1651*2b15cb3dSCy Schubertto the client stratum. 1652*2b15cb3dSCy SchubertAuthentication is explicitly required 1653*2b15cb3dSCy Schubertand either symmetric key or public key (Autokey) can be used. 1654*2b15cb3dSCy SchubertThen, the client polls the server at its unicast address 1655*2b15cb3dSCy Schubertin burst mode in order to reliably set the host clock 1656*2b15cb3dSCy Schubertand validate the source. 1657*2b15cb3dSCy SchubertThis normally results 1658*2b15cb3dSCy Schubertin a volley of eight client/server at 2-s intervals 1659*2b15cb3dSCy Schubertduring which both the synchronization and cryptographic 1660*2b15cb3dSCy Schubertprotocols run concurrently. 1661*2b15cb3dSCy SchubertFollowing the volley, 1662*2b15cb3dSCy Schubertthe client runs the NTP intersection and clustering 1663*2b15cb3dSCy Schubertalgorithms, which act to discard all but the "best" 1664*2b15cb3dSCy Schubertassociations according to stratum and synchronization 1665*2b15cb3dSCy Schubertdistance. 1666*2b15cb3dSCy SchubertThe surviving associations then continue 1667*2b15cb3dSCy Schubertin ordinary client/server mode. 1668*2b15cb3dSCy Schubert 1669*2b15cb3dSCy Schubert <p>The manycast client polling strategy is designed to reduce 1670*2b15cb3dSCy Schubertas much as possible the volume of manycast client messages 1671*2b15cb3dSCy Schubertand the effects of implosion due to near-simultaneous 1672*2b15cb3dSCy Schubertarrival of manycast server messages. 1673*2b15cb3dSCy SchubertThe strategy is determined by the 1674*2b15cb3dSCy Schubert<code>manycastclient</code>, 1675*2b15cb3dSCy Schubert<code>tos</code> 1676*2b15cb3dSCy Schubertand 1677*2b15cb3dSCy Schubert<code>ttl</code> 1678*2b15cb3dSCy Schubertconfiguration commands. 1679*2b15cb3dSCy SchubertThe manycast poll interval is 1680*2b15cb3dSCy Schubertnormally eight times the system poll interval, 1681*2b15cb3dSCy Schubertwhich starts out at the 1682*2b15cb3dSCy Schubert<code>minpoll</code> 1683*2b15cb3dSCy Schubertvalue specified in the 1684*2b15cb3dSCy Schubert<code>manycastclient</code>, 1685*2b15cb3dSCy Schubertcommand and, under normal circumstances, increments to the 1686*2b15cb3dSCy Schubert<code>maxpolll</code> 1687*2b15cb3dSCy Schubertvalue specified in this command. 1688*2b15cb3dSCy SchubertInitially, the TTL is 1689*2b15cb3dSCy Schubertset at the minimum hops specified by the ttl command. 1690*2b15cb3dSCy SchubertAt each retransmission the TTL is increased until reaching 1691*2b15cb3dSCy Schubertthe maximum hops specified by this command or a sufficient 1692*2b15cb3dSCy Schubertnumber client associations have been found. 1693*2b15cb3dSCy SchubertFurther retransmissions use the same TTL. 1694*2b15cb3dSCy Schubert 1695*2b15cb3dSCy Schubert <p>The quality and reliability of the suite of associations 1696*2b15cb3dSCy Schubertdiscovered by the manycast client is determined by the NTP 1697*2b15cb3dSCy Schubertmitigation algorithms and the 1698*2b15cb3dSCy Schubert<code>minclock</code> 1699*2b15cb3dSCy Schubertand 1700*2b15cb3dSCy Schubert<code>minsane</code> 1701*2b15cb3dSCy Schubertvalues specified in the 1702*2b15cb3dSCy Schubert<code>tos</code> 1703*2b15cb3dSCy Schubertconfiguration command. 1704*2b15cb3dSCy SchubertAt least 1705*2b15cb3dSCy Schubert<code>minsane</code> 1706*2b15cb3dSCy Schubertcandidate servers must be available and the mitigation 1707*2b15cb3dSCy Schubertalgorithms produce at least 1708*2b15cb3dSCy Schubert<code>minclock</code> 1709*2b15cb3dSCy Schubertsurvivors in order to synchronize the clock. 1710*2b15cb3dSCy SchubertByzantine agreement principles require at least four 1711*2b15cb3dSCy Schubertcandidates in order to correctly discard a single falseticker. 1712*2b15cb3dSCy SchubertFor legacy purposes, 1713*2b15cb3dSCy Schubert<code>minsane</code> 1714*2b15cb3dSCy Schubertdefaults to 1 and 1715*2b15cb3dSCy Schubert<code>minclock</code> 1716*2b15cb3dSCy Schubertdefaults to 3. 1717*2b15cb3dSCy SchubertFor manycast service 1718*2b15cb3dSCy Schubert<code>minsane</code> 1719*2b15cb3dSCy Schubertshould be explicitly set to 4, assuming at least that 1720*2b15cb3dSCy Schubertnumber of servers are available. 1721*2b15cb3dSCy Schubert 1722*2b15cb3dSCy Schubert <p>If at least 1723*2b15cb3dSCy Schubert<code>minclock</code> 1724*2b15cb3dSCy Schubertservers are found, the manycast poll interval is immediately 1725*2b15cb3dSCy Schubertset to eight times 1726*2b15cb3dSCy Schubert<code>maxpoll</code>. 1727*2b15cb3dSCy SchubertIf less than 1728*2b15cb3dSCy Schubert<code>minclock</code> 1729*2b15cb3dSCy Schubertservers are found when the TTL has reached the maximum hops, 1730*2b15cb3dSCy Schubertthe manycast poll interval is doubled. 1731*2b15cb3dSCy SchubertFor each transmission 1732*2b15cb3dSCy Schubertafter that, the poll interval is doubled again until 1733*2b15cb3dSCy Schubertreaching the maximum of eight times 1734*2b15cb3dSCy Schubert<code>maxpoll</code>. 1735*2b15cb3dSCy SchubertFurther transmissions use the same poll interval and 1736*2b15cb3dSCy SchubertTTL values. 1737*2b15cb3dSCy SchubertNote that while all this is going on, 1738*2b15cb3dSCy Schuberteach client/server association found is operating normally 1739*2b15cb3dSCy Schubertit the system poll interval. 1740*2b15cb3dSCy Schubert 1741*2b15cb3dSCy Schubert <p>Administratively scoped multicast boundaries are normally 1742*2b15cb3dSCy Schubertspecified by the network router configuration and, 1743*2b15cb3dSCy Schubertin the case of IPv6, the link/site scope prefix. 1744*2b15cb3dSCy SchubertBy default, the increment for TTL hops is 32 starting 1745*2b15cb3dSCy Schubertfrom 31; however, the 1746*2b15cb3dSCy Schubert<code>ttl</code> 1747*2b15cb3dSCy Schubertconfiguration command can be 1748*2b15cb3dSCy Schubertused to modify the values to match the scope rules. 1749*2b15cb3dSCy Schubert 1750*2b15cb3dSCy Schubert <p>It is often useful to narrow the range of acceptable 1751*2b15cb3dSCy Schubertservers which can be found by manycast client associations. 1752*2b15cb3dSCy SchubertBecause manycast servers respond only when the client 1753*2b15cb3dSCy Schubertstratum is equal to or greater than the server stratum, 1754*2b15cb3dSCy Schubertprimary (stratum 1) servers fill find only primary servers 1755*2b15cb3dSCy Schubertin TTL range, which is probably the most common objective. 1756*2b15cb3dSCy SchubertHowever, unless configured otherwise, all manycast clients 1757*2b15cb3dSCy Schubertin TTL range will eventually find all primary servers 1758*2b15cb3dSCy Schubertin TTL range, which is probably not the most common 1759*2b15cb3dSCy Schubertobjective in large networks. 1760*2b15cb3dSCy SchubertThe 1761*2b15cb3dSCy Schubert<code>tos</code> 1762*2b15cb3dSCy Schubertcommand can be used to modify this behavior. 1763*2b15cb3dSCy SchubertServers with stratum below 1764*2b15cb3dSCy Schubert<code>floor</code> 1765*2b15cb3dSCy Schubertor above 1766*2b15cb3dSCy Schubert<code>ceiling</code> 1767*2b15cb3dSCy Schubertspecified in the 1768*2b15cb3dSCy Schubert<code>tos</code> 1769*2b15cb3dSCy Schubertcommand are strongly discouraged during the selection 1770*2b15cb3dSCy Schubertprocess; however, these servers may be temporally 1771*2b15cb3dSCy Schubertaccepted if the number of servers within TTL range is 1772*2b15cb3dSCy Schubertless than 1773*2b15cb3dSCy Schubert<code>minclock</code>. 1774*2b15cb3dSCy Schubert 1775*2b15cb3dSCy Schubert <p>The above actions occur for each manycast client message, 1776*2b15cb3dSCy Schubertwhich repeats at the designated poll interval. 1777*2b15cb3dSCy SchubertHowever, once the ephemeral client association is mobilized, 1778*2b15cb3dSCy Schubertsubsequent manycast server replies are discarded, 1779*2b15cb3dSCy Schubertsince that would result in a duplicate association. 1780*2b15cb3dSCy SchubertIf during a poll interval the number of client associations 1781*2b15cb3dSCy Schubertfalls below 1782*2b15cb3dSCy Schubert<code>minclock</code>, 1783*2b15cb3dSCy Schubertall manycast client prototype associations are reset 1784*2b15cb3dSCy Schubertto the initial poll interval and TTL hops and operation 1785*2b15cb3dSCy Schubertresumes from the beginning. 1786*2b15cb3dSCy SchubertIt is important to avoid 1787*2b15cb3dSCy Schubertfrequent manycast client messages, since each one requires 1788*2b15cb3dSCy Schubertall manycast servers in TTL range to respond. 1789*2b15cb3dSCy SchubertThe result could well be an implosion, either minor or major, 1790*2b15cb3dSCy Schubertdepending on the number of servers in range. 1791*2b15cb3dSCy SchubertThe recommended value for 1792*2b15cb3dSCy Schubert<code>maxpoll</code> 1793*2b15cb3dSCy Schubertis 12 (4,096 s). 1794*2b15cb3dSCy Schubert 1795*2b15cb3dSCy Schubert <p>It is possible and frequently useful to configure a host 1796*2b15cb3dSCy Schubertas both manycast client and manycast server. 1797*2b15cb3dSCy SchubertA number of hosts configured this way and sharing a common 1798*2b15cb3dSCy Schubertgroup address will automatically organize themselves 1799*2b15cb3dSCy Schubertin an optimum configuration based on stratum and 1800*2b15cb3dSCy Schubertsynchronization distance. 1801*2b15cb3dSCy SchubertFor example, consider an NTP 1802*2b15cb3dSCy Schubertsubnet of two primary servers and a hundred or more 1803*2b15cb3dSCy Schubertdependent clients. 1804*2b15cb3dSCy SchubertWith two exceptions, all servers 1805*2b15cb3dSCy Schubertand clients have identical configuration files including both 1806*2b15cb3dSCy Schubert<code>multicastclient</code> 1807*2b15cb3dSCy Schubertand 1808*2b15cb3dSCy Schubert<code>multicastserver</code> 1809*2b15cb3dSCy Schubertcommands using, for instance, multicast group address 1810*2b15cb3dSCy Schubert239.1.1.1. 1811*2b15cb3dSCy SchubertThe only exception is that each primary server 1812*2b15cb3dSCy Schubertconfiguration file must include commands for the primary 1813*2b15cb3dSCy Schubertreference source such as a GPS receiver. 1814*2b15cb3dSCy Schubert 1815*2b15cb3dSCy Schubert <p>The remaining configuration files for all secondary 1816*2b15cb3dSCy Schubertservers and clients have the same contents, except for the 1817*2b15cb3dSCy Schubert<code>tos</code> 1818*2b15cb3dSCy Schubertcommand, which is specific for each stratum level. 1819*2b15cb3dSCy SchubertFor stratum 1 and stratum 2 servers, that command is 1820*2b15cb3dSCy Schubertnot necessary. 1821*2b15cb3dSCy SchubertFor stratum 3 and above servers the 1822*2b15cb3dSCy Schubert<code>floor</code> 1823*2b15cb3dSCy Schubertvalue is set to the intended stratum number. 1824*2b15cb3dSCy SchubertThus, all stratum 3 configuration files are identical, 1825*2b15cb3dSCy Schubertall stratum 4 files are identical and so forth. 1826*2b15cb3dSCy Schubert 1827*2b15cb3dSCy Schubert <p>Once operations have stabilized in this scenario, 1828*2b15cb3dSCy Schubertthe primary servers will find the primary reference source 1829*2b15cb3dSCy Schubertand each other, since they both operate at the same 1830*2b15cb3dSCy Schubertstratum (1), but not with any secondary server or client, 1831*2b15cb3dSCy Schubertsince these operate at a higher stratum. 1832*2b15cb3dSCy SchubertThe secondary 1833*2b15cb3dSCy Schubertservers will find the servers at the same stratum level. 1834*2b15cb3dSCy SchubertIf one of the primary servers loses its GPS receiver, 1835*2b15cb3dSCy Schubertit will continue to operate as a client and other clients 1836*2b15cb3dSCy Schubertwill time out the corresponding association and 1837*2b15cb3dSCy Schubertre-associate accordingly. 1838*2b15cb3dSCy Schubert 1839*2b15cb3dSCy Schubert <p>Some administrators prefer to avoid running 1840*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 1841*2b15cb3dSCy Schubertcontinuously and run either 1842*2b15cb3dSCy Schubert<code>ntpdate(8)</code> 1843*2b15cb3dSCy Schubertor 1844*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 1845*2b15cb3dSCy Schubert<code>-q</code> 1846*2b15cb3dSCy Schubertas a cron job. 1847*2b15cb3dSCy SchubertIn either case the servers must be 1848*2b15cb3dSCy Schubertconfigured in advance and the program fails if none are 1849*2b15cb3dSCy Schubertavailable when the cron job runs. 1850*2b15cb3dSCy SchubertA really slick 1851*2b15cb3dSCy Schubertapplication of manycast is with 1852*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 1853*2b15cb3dSCy Schubert<code>-q</code>. 1854*2b15cb3dSCy SchubertThe program wakes up, scans the local landscape looking 1855*2b15cb3dSCy Schubertfor the usual suspects, selects the best from among 1856*2b15cb3dSCy Schubertthe rascals, sets the clock and then departs. 1857*2b15cb3dSCy SchubertServers do not have to be configured in advance and 1858*2b15cb3dSCy Schubertall clients throughout the network can have the same 1859*2b15cb3dSCy Schubertconfiguration file. 1860*2b15cb3dSCy Schubert 1861*2b15cb3dSCy Schubert<h5 class="subsubsection">Manycast Interactions with Autokey</h5> 1862*2b15cb3dSCy Schubert 1863*2b15cb3dSCy Schubert<p>Each time a manycast client sends a client mode packet 1864*2b15cb3dSCy Schubertto a multicast group address, all manycast servers 1865*2b15cb3dSCy Schubertin scope generate a reply including the host name 1866*2b15cb3dSCy Schubertand status word. 1867*2b15cb3dSCy SchubertThe manycast clients then run 1868*2b15cb3dSCy Schubertthe Autokey protocol, which collects and verifies 1869*2b15cb3dSCy Schubertall certificates involved. 1870*2b15cb3dSCy SchubertFollowing the burst interval 1871*2b15cb3dSCy Schubertall but three survivors are cast off, 1872*2b15cb3dSCy Schubertbut the certificates remain in the local cache. 1873*2b15cb3dSCy SchubertIt often happens that several complete signing trails 1874*2b15cb3dSCy Schubertfrom the client to the primary servers are collected in this way. 1875*2b15cb3dSCy Schubert 1876*2b15cb3dSCy Schubert <p>About once an hour or less often if the poll interval 1877*2b15cb3dSCy Schubertexceeds this, the client regenerates the Autokey key list. 1878*2b15cb3dSCy SchubertThis is in general transparent in client/server mode. 1879*2b15cb3dSCy SchubertHowever, about once per day the server private value 1880*2b15cb3dSCy Schubertused to generate cookies is refreshed along with all 1881*2b15cb3dSCy Schubertmanycast client associations. 1882*2b15cb3dSCy SchubertIn this case all 1883*2b15cb3dSCy Schubertcryptographic values including certificates is refreshed. 1884*2b15cb3dSCy SchubertIf a new certificate has been generated since 1885*2b15cb3dSCy Schubertthe last refresh epoch, it will automatically revoke 1886*2b15cb3dSCy Schubertall prior certificates that happen to be in the 1887*2b15cb3dSCy Schubertcertificate cache. 1888*2b15cb3dSCy SchubertAt the same time, the manycast 1889*2b15cb3dSCy Schubertscheme starts all over from the beginning and 1890*2b15cb3dSCy Schubertthe expanding ring shrinks to the minimum and increments 1891*2b15cb3dSCy Schubertfrom there while collecting all servers in scope. 1892*2b15cb3dSCy Schubert 1893*2b15cb3dSCy Schubert<h5 class="subsubsection">Manycast Options</h5> 1894*2b15cb3dSCy Schubert 1895*2b15cb3dSCy Schubert <dl> 1896*2b15cb3dSCy Schubert<dt><code>tos</code> <code>[ceiling </code><kbd>ceiling</kbd><code> | cohort { 0 | 1 } | floor </code><kbd>floor</kbd><code> | minclock </code><kbd>minclock</kbd><code> | minsane </code><kbd>minsane</kbd><code>]</code><dd>This command affects the clock selection and clustering 1897*2b15cb3dSCy Schubertalgorithms. 1898*2b15cb3dSCy SchubertIt can be used to select the quality and 1899*2b15cb3dSCy Schubertquantity of peers used to synchronize the system clock 1900*2b15cb3dSCy Schubertand is most useful in manycast mode. 1901*2b15cb3dSCy SchubertThe variables operate 1902*2b15cb3dSCy Schubertas follows: 1903*2b15cb3dSCy Schubert <dl> 1904*2b15cb3dSCy Schubert<dt><code>ceiling</code> <kbd>ceiling</kbd><dd>Peers with strata above 1905*2b15cb3dSCy Schubert<code>ceiling</code> 1906*2b15cb3dSCy Schubertwill be discarded if there are at least 1907*2b15cb3dSCy Schubert<code>minclock</code> 1908*2b15cb3dSCy Schubertpeers remaining. 1909*2b15cb3dSCy SchubertThis value defaults to 15, but can be changed 1910*2b15cb3dSCy Schubertto any number from 1 to 15. 1911*2b15cb3dSCy Schubert<br><dt><code>cohort</code> <code>{0 | 1}</code><dd>This is a binary flag which enables (0) or disables (1) 1912*2b15cb3dSCy Schubertmanycast server replies to manycast clients with the same 1913*2b15cb3dSCy Schubertstratum level. 1914*2b15cb3dSCy SchubertThis is useful to reduce implosions where 1915*2b15cb3dSCy Schubertlarge numbers of clients with the same stratum level 1916*2b15cb3dSCy Schubertare present. 1917*2b15cb3dSCy SchubertThe default is to enable these replies. 1918*2b15cb3dSCy Schubert<br><dt><code>floor</code> <kbd>floor</kbd><dd>Peers with strata below 1919*2b15cb3dSCy Schubert<code>floor</code> 1920*2b15cb3dSCy Schubertwill be discarded if there are at least 1921*2b15cb3dSCy Schubert<code>minclock</code> 1922*2b15cb3dSCy Schubertpeers remaining. 1923*2b15cb3dSCy SchubertThis value defaults to 1, but can be changed 1924*2b15cb3dSCy Schubertto any number from 1 to 15. 1925*2b15cb3dSCy Schubert<br><dt><code>minclock</code> <kbd>minclock</kbd><dd>The clustering algorithm repeatedly casts out outlyer 1926*2b15cb3dSCy Schubertassociations until no more than 1927*2b15cb3dSCy Schubert<code>minclock</code> 1928*2b15cb3dSCy Schubertassociations remain. 1929*2b15cb3dSCy SchubertThis value defaults to 3, 1930*2b15cb3dSCy Schubertbut can be changed to any number from 1 to the number of 1931*2b15cb3dSCy Schubertconfigured sources. 1932*2b15cb3dSCy Schubert<br><dt><code>minsane</code> <kbd>minsane</kbd><dd>This is the minimum number of candidates available 1933*2b15cb3dSCy Schubertto the clock selection algorithm in order to produce 1934*2b15cb3dSCy Schubertone or more truechimers for the clustering algorithm. 1935*2b15cb3dSCy SchubertIf fewer than this number are available, the clock is 1936*2b15cb3dSCy Schubertundisciplined and allowed to run free. 1937*2b15cb3dSCy SchubertThe default is 1 1938*2b15cb3dSCy Schubertfor legacy purposes. 1939*2b15cb3dSCy SchubertHowever, according to principles of 1940*2b15cb3dSCy SchubertByzantine agreement, 1941*2b15cb3dSCy Schubert<code>minsane</code> 1942*2b15cb3dSCy Schubertshould be at least 4 in order to detect and discard 1943*2b15cb3dSCy Schuberta single falseticker. 1944*2b15cb3dSCy Schubert</dl> 1945*2b15cb3dSCy Schubert <br><dt><code>ttl</code> <kbd>hop</kbd> <kbd>...</kbd><dd>This command specifies a list of TTL values in increasing 1946*2b15cb3dSCy Schubertorder, up to 8 values can be specified. 1947*2b15cb3dSCy SchubertIn manycast mode these values are used in turn 1948*2b15cb3dSCy Schubertin an expanding-ring search. 1949*2b15cb3dSCy SchubertThe default is eight 1950*2b15cb3dSCy Schubertmultiples of 32 starting at 31. 1951*2b15cb3dSCy Schubert</dl> 1952*2b15cb3dSCy Schubert<div class="node"> 1953*2b15cb3dSCy Schubert<p><hr> 1954*2b15cb3dSCy Schubert<a name="Reference-Clock-Support"></a> 1955*2b15cb3dSCy Schubert<br> 1956*2b15cb3dSCy Schubert</div> 1957*2b15cb3dSCy Schubert 1958*2b15cb3dSCy Schubert<h4 class="subsection">Reference Clock Support</h4> 1959*2b15cb3dSCy Schubert 1960*2b15cb3dSCy Schubert<p>The NTP Version 4 daemon supports some three dozen different radio, 1961*2b15cb3dSCy Schubertsatellite and modem reference clocks plus a special pseudo-clock 1962*2b15cb3dSCy Schubertused for backup or when no other clock source is available. 1963*2b15cb3dSCy SchubertDetailed descriptions of individual device drivers and options can 1964*2b15cb3dSCy Schubertbe found in the 1965*2b15cb3dSCy Schubert"Reference Clock Drivers" 1966*2b15cb3dSCy Schubertpage 1967*2b15cb3dSCy Schubert(available as part of the HTML documentation 1968*2b15cb3dSCy Schubertprovided in 1969*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 1970*2b15cb3dSCy SchubertAdditional information can be found in the pages linked 1971*2b15cb3dSCy Schubertthere, including the 1972*2b15cb3dSCy Schubert"Debugging Hints for Reference Clock Drivers" 1973*2b15cb3dSCy Schubertand 1974*2b15cb3dSCy Schubert"How To Write a Reference Clock Driver" 1975*2b15cb3dSCy Schubertpages 1976*2b15cb3dSCy Schubert(available as part of the HTML documentation 1977*2b15cb3dSCy Schubertprovided in 1978*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 1979*2b15cb3dSCy SchubertIn addition, support for a PPS 1980*2b15cb3dSCy Schubertsignal is available as described in the 1981*2b15cb3dSCy Schubert"Pulse-per-second (PPS) Signal Interfacing" 1982*2b15cb3dSCy Schubertpage 1983*2b15cb3dSCy Schubert(available as part of the HTML documentation 1984*2b15cb3dSCy Schubertprovided in 1985*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 1986*2b15cb3dSCy SchubertMany 1987*2b15cb3dSCy Schubertdrivers support special line discipline/streams modules which can 1988*2b15cb3dSCy Schubertsignificantly improve the accuracy using the driver. 1989*2b15cb3dSCy SchubertThese are 1990*2b15cb3dSCy Schubertdescribed in the 1991*2b15cb3dSCy Schubert"Line Disciplines and Streams Drivers" 1992*2b15cb3dSCy Schubertpage 1993*2b15cb3dSCy Schubert(available as part of the HTML documentation 1994*2b15cb3dSCy Schubertprovided in 1995*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 1996*2b15cb3dSCy Schubert 1997*2b15cb3dSCy Schubert <p>A reference clock will generally (though not always) be a radio 1998*2b15cb3dSCy Schuberttimecode receiver which is synchronized to a source of standard 1999*2b15cb3dSCy Schuberttime such as the services offered by the NRC in Canada and NIST and 2000*2b15cb3dSCy SchubertUSNO in the US. 2001*2b15cb3dSCy SchubertThe interface between the computer and the timecode 2002*2b15cb3dSCy Schubertreceiver is device dependent, but is usually a serial port. 2003*2b15cb3dSCy SchubertA 2004*2b15cb3dSCy Schubertdevice driver specific to each reference clock must be selected and 2005*2b15cb3dSCy Schubertcompiled in the distribution; however, most common radio, satellite 2006*2b15cb3dSCy Schubertand modem clocks are included by default. 2007*2b15cb3dSCy SchubertNote that an attempt to 2008*2b15cb3dSCy Schubertconfigure a reference clock when the driver has not been compiled 2009*2b15cb3dSCy Schubertor the hardware port has not been appropriately configured results 2010*2b15cb3dSCy Schubertin a scalding remark to the system log file, but is otherwise non 2011*2b15cb3dSCy Schuberthazardous. 2012*2b15cb3dSCy Schubert 2013*2b15cb3dSCy Schubert <p>For the purposes of configuration, 2014*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 2015*2b15cb3dSCy Schuberttreats 2016*2b15cb3dSCy Schubertreference clocks in a manner analogous to normal NTP peers as much 2017*2b15cb3dSCy Schubertas possible. 2018*2b15cb3dSCy SchubertReference clocks are identified by a syntactically 2019*2b15cb3dSCy Schubertcorrect but invalid IP address, in order to distinguish them from 2020*2b15cb3dSCy Schubertnormal NTP peers. 2021*2b15cb3dSCy SchubertReference clock addresses are of the form 2022*2b15cb3dSCy Schubert<code>127.127.</code><kbd>t</kbd>.<kbd>u</kbd>, 2023*2b15cb3dSCy Schubertwhere 2024*2b15cb3dSCy Schubert<kbd>t</kbd> 2025*2b15cb3dSCy Schubertis an integer 2026*2b15cb3dSCy Schubertdenoting the clock type and 2027*2b15cb3dSCy Schubert<kbd>u</kbd> 2028*2b15cb3dSCy Schubertindicates the unit 2029*2b15cb3dSCy Schubertnumber in the range 0-3. 2030*2b15cb3dSCy SchubertWhile it may seem overkill, it is in fact 2031*2b15cb3dSCy Schubertsometimes useful to configure multiple reference clocks of the same 2032*2b15cb3dSCy Schuberttype, in which case the unit numbers must be unique. 2033*2b15cb3dSCy Schubert 2034*2b15cb3dSCy Schubert <p>The 2035*2b15cb3dSCy Schubert<code>server</code> 2036*2b15cb3dSCy Schubertcommand is used to configure a reference 2037*2b15cb3dSCy Schubertclock, where the 2038*2b15cb3dSCy Schubert<kbd>address</kbd> 2039*2b15cb3dSCy Schubertargument in that command 2040*2b15cb3dSCy Schubertis the clock address. 2041*2b15cb3dSCy SchubertThe 2042*2b15cb3dSCy Schubert<code>key</code>, 2043*2b15cb3dSCy Schubert<code>version</code> 2044*2b15cb3dSCy Schubertand 2045*2b15cb3dSCy Schubert<code>ttl</code> 2046*2b15cb3dSCy Schubertoptions are not used for reference clock support. 2047*2b15cb3dSCy SchubertThe 2048*2b15cb3dSCy Schubert<code>mode</code> 2049*2b15cb3dSCy Schubertoption is added for reference clock support, as 2050*2b15cb3dSCy Schubertdescribed below. 2051*2b15cb3dSCy SchubertThe 2052*2b15cb3dSCy Schubert<code>prefer</code> 2053*2b15cb3dSCy Schubertoption can be useful to 2054*2b15cb3dSCy Schubertpersuade the server to cherish a reference clock with somewhat more 2055*2b15cb3dSCy Schubertenthusiasm than other reference clocks or peers. 2056*2b15cb3dSCy SchubertFurther 2057*2b15cb3dSCy Schubertinformation on this option can be found in the 2058*2b15cb3dSCy Schubert"Mitigation Rules and the prefer Keyword" 2059*2b15cb3dSCy Schubert(available as part of the HTML documentation 2060*2b15cb3dSCy Schubertprovided in 2061*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>) 2062*2b15cb3dSCy Schubertpage. 2063*2b15cb3dSCy SchubertThe 2064*2b15cb3dSCy Schubert<code>minpoll</code> 2065*2b15cb3dSCy Schubertand 2066*2b15cb3dSCy Schubert<code>maxpoll</code> 2067*2b15cb3dSCy Schubertoptions have 2068*2b15cb3dSCy Schubertmeaning only for selected clock drivers. 2069*2b15cb3dSCy SchubertSee the individual clock 2070*2b15cb3dSCy Schubertdriver document pages for additional information. 2071*2b15cb3dSCy Schubert 2072*2b15cb3dSCy Schubert <p>The 2073*2b15cb3dSCy Schubert<code>fudge</code> 2074*2b15cb3dSCy Schubertcommand is used to provide additional 2075*2b15cb3dSCy Schubertinformation for individual clock drivers and normally follows 2076*2b15cb3dSCy Schubertimmediately after the 2077*2b15cb3dSCy Schubert<code>server</code> 2078*2b15cb3dSCy Schubertcommand. 2079*2b15cb3dSCy SchubertThe 2080*2b15cb3dSCy Schubert<kbd>address</kbd> 2081*2b15cb3dSCy Schubertargument specifies the clock address. 2082*2b15cb3dSCy SchubertThe 2083*2b15cb3dSCy Schubert<code>refid</code> 2084*2b15cb3dSCy Schubertand 2085*2b15cb3dSCy Schubert<code>stratum</code> 2086*2b15cb3dSCy Schubertoptions can be used to 2087*2b15cb3dSCy Schubertoverride the defaults for the device. 2088*2b15cb3dSCy SchubertThere are two optional 2089*2b15cb3dSCy Schubertdevice-dependent time offsets and four flags that can be included 2090*2b15cb3dSCy Schubertin the 2091*2b15cb3dSCy Schubert<code>fudge</code> 2092*2b15cb3dSCy Schubertcommand as well. 2093*2b15cb3dSCy Schubert 2094*2b15cb3dSCy Schubert <p>The stratum number of a reference clock is by default zero. 2095*2b15cb3dSCy SchubertSince the 2096*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 2097*2b15cb3dSCy Schubertdaemon adds one to the stratum of each 2098*2b15cb3dSCy Schubertpeer, a primary server ordinarily displays an external stratum of 2099*2b15cb3dSCy Schubertone. 2100*2b15cb3dSCy SchubertIn order to provide engineered backups, it is often useful to 2101*2b15cb3dSCy Schubertspecify the reference clock stratum as greater than zero. 2102*2b15cb3dSCy SchubertThe 2103*2b15cb3dSCy Schubert<code>stratum</code> 2104*2b15cb3dSCy Schubertoption is used for this purpose. 2105*2b15cb3dSCy SchubertAlso, in cases 2106*2b15cb3dSCy Schubertinvolving both a reference clock and a pulse-per-second (PPS) 2107*2b15cb3dSCy Schubertdiscipline signal, it is useful to specify the reference clock 2108*2b15cb3dSCy Schubertidentifier as other than the default, depending on the driver. 2109*2b15cb3dSCy SchubertThe 2110*2b15cb3dSCy Schubert<code>refid</code> 2111*2b15cb3dSCy Schubertoption is used for this purpose. 2112*2b15cb3dSCy SchubertExcept where noted, 2113*2b15cb3dSCy Schubertthese options apply to all clock drivers. 2114*2b15cb3dSCy Schubert 2115*2b15cb3dSCy Schubert<h5 class="subsubsection">Reference Clock Commands</h5> 2116*2b15cb3dSCy Schubert 2117*2b15cb3dSCy Schubert <dl> 2118*2b15cb3dSCy Schubert<dt><code>server</code> <code>127.127.</code><kbd>t</kbd>.<kbd>u</kbd> <code>[prefer]</code> <code>[mode </code><kbd>int</kbd><code>]</code> <code>[minpoll </code><kbd>int</kbd><code>]</code> <code>[maxpoll </code><kbd>int</kbd><code>]</code><dd>This command can be used to configure reference clocks in 2119*2b15cb3dSCy Schubertspecial ways. 2120*2b15cb3dSCy SchubertThe options are interpreted as follows: 2121*2b15cb3dSCy Schubert <dl> 2122*2b15cb3dSCy Schubert<dt><code>prefer</code><dd>Marks the reference clock as preferred. 2123*2b15cb3dSCy SchubertAll other things being 2124*2b15cb3dSCy Schubertequal, this host will be chosen for synchronization among a set of 2125*2b15cb3dSCy Schubertcorrectly operating hosts. 2126*2b15cb3dSCy SchubertSee the 2127*2b15cb3dSCy Schubert"Mitigation Rules and the prefer Keyword" 2128*2b15cb3dSCy Schubertpage 2129*2b15cb3dSCy Schubert(available as part of the HTML documentation 2130*2b15cb3dSCy Schubertprovided in 2131*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>) 2132*2b15cb3dSCy Schubertfor further information. 2133*2b15cb3dSCy Schubert<br><dt><code>mode</code> <kbd>int</kbd><dd>Specifies a mode number which is interpreted in a 2134*2b15cb3dSCy Schubertdevice-specific fashion. 2135*2b15cb3dSCy SchubertFor instance, it selects a dialing 2136*2b15cb3dSCy Schubertprotocol in the ACTS driver and a device subtype in the 2137*2b15cb3dSCy Schubertparse 2138*2b15cb3dSCy Schubertdrivers. 2139*2b15cb3dSCy Schubert<br><dt><code>minpoll</code> <kbd>int</kbd><br><dt><code>maxpoll</code> <kbd>int</kbd><dd>These options specify the minimum and maximum polling interval 2140*2b15cb3dSCy Schubertfor reference clock messages, as a power of 2 in seconds 2141*2b15cb3dSCy SchubertFor 2142*2b15cb3dSCy Schubertmost directly connected reference clocks, both 2143*2b15cb3dSCy Schubert<code>minpoll</code> 2144*2b15cb3dSCy Schubertand 2145*2b15cb3dSCy Schubert<code>maxpoll</code> 2146*2b15cb3dSCy Schubertdefault to 6 (64 s). 2147*2b15cb3dSCy SchubertFor modem reference clocks, 2148*2b15cb3dSCy Schubert<code>minpoll</code> 2149*2b15cb3dSCy Schubertdefaults to 10 (17.1 m) and 2150*2b15cb3dSCy Schubert<code>maxpoll</code> 2151*2b15cb3dSCy Schubertdefaults to 14 (4.5 h). 2152*2b15cb3dSCy SchubertThe allowable range is 4 (16 s) to 17 (36.4 h) inclusive. 2153*2b15cb3dSCy Schubert</dl> 2154*2b15cb3dSCy Schubert <br><dt><code>fudge</code> <code>127.127.</code><kbd>t</kbd>.<kbd>u</kbd> <code>[time1 </code><kbd>sec</kbd><code>]</code> <code>[time2 </code><kbd>sec</kbd><code>]</code> <code>[stratum </code><kbd>int</kbd><code>]</code> <code>[refid </code><kbd>string</kbd><code>]</code> <code>[mode </code><kbd>int</kbd><code>]</code> <code>[flag1 0 | 1]</code> <code>[flag2 0 | 1]</code> <code>[flag3 0 | 1]</code> <code>[flag4 0 | 1]</code><dd>This command can be used to configure reference clocks in 2155*2b15cb3dSCy Schubertspecial ways. 2156*2b15cb3dSCy SchubertIt must immediately follow the 2157*2b15cb3dSCy Schubert<code>server</code> 2158*2b15cb3dSCy Schubertcommand which configures the driver. 2159*2b15cb3dSCy SchubertNote that the same capability 2160*2b15cb3dSCy Schubertis possible at run time using the 2161*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 2162*2b15cb3dSCy Schubertprogram. 2163*2b15cb3dSCy SchubertThe options are interpreted as 2164*2b15cb3dSCy Schubertfollows: 2165*2b15cb3dSCy Schubert <dl> 2166*2b15cb3dSCy Schubert<dt><code>time1</code> <kbd>sec</kbd><dd>Specifies a constant to be added to the time offset produced by 2167*2b15cb3dSCy Schubertthe driver, a fixed-point decimal number in seconds. 2168*2b15cb3dSCy SchubertThis is used 2169*2b15cb3dSCy Schubertas a calibration constant to adjust the nominal time offset of a 2170*2b15cb3dSCy Schubertparticular clock to agree with an external standard, such as a 2171*2b15cb3dSCy Schubertprecision PPS signal. 2172*2b15cb3dSCy SchubertIt also provides a way to correct a 2173*2b15cb3dSCy Schubertsystematic error or bias due to serial port or operating system 2174*2b15cb3dSCy Schubertlatencies, different cable lengths or receiver internal delay. 2175*2b15cb3dSCy SchubertThe 2176*2b15cb3dSCy Schubertspecified offset is in addition to the propagation delay provided 2177*2b15cb3dSCy Schubertby other means, such as internal DIPswitches. 2178*2b15cb3dSCy SchubertWhere a calibration 2179*2b15cb3dSCy Schubertfor an individual system and driver is available, an approximate 2180*2b15cb3dSCy Schubertcorrection is noted in the driver documentation pages. 2181*2b15cb3dSCy SchubertNote: in order to facilitate calibration when more than one 2182*2b15cb3dSCy Schubertradio clock or PPS signal is supported, a special calibration 2183*2b15cb3dSCy Schubertfeature is available. 2184*2b15cb3dSCy SchubertIt takes the form of an argument to the 2185*2b15cb3dSCy Schubert<code>enable</code> 2186*2b15cb3dSCy Schubertcommand described in 2187*2b15cb3dSCy Schubert<a href="#Miscellaneous-Options">Miscellaneous Options</a> 2188*2b15cb3dSCy Schubertpage and operates as described in the 2189*2b15cb3dSCy Schubert"Reference Clock Drivers" 2190*2b15cb3dSCy Schubertpage 2191*2b15cb3dSCy Schubert(available as part of the HTML documentation 2192*2b15cb3dSCy Schubertprovided in 2193*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 2194*2b15cb3dSCy Schubert<br><dt><code>time2</code> <kbd>secs</kbd><dd>Specifies a fixed-point decimal number in seconds, which is 2195*2b15cb3dSCy Schubertinterpreted in a driver-dependent way. 2196*2b15cb3dSCy SchubertSee the descriptions of 2197*2b15cb3dSCy Schubertspecific drivers in the 2198*2b15cb3dSCy Schubert"Reference Clock Drivers" 2199*2b15cb3dSCy Schubertpage 2200*2b15cb3dSCy Schubert(available as part of the HTML documentation 2201*2b15cb3dSCy Schubertprovided in 2202*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>). 2203*2b15cb3dSCy Schubert<br><dt><code>stratum</code> <kbd>int</kbd><dd>Specifies the stratum number assigned to the driver, an integer 2204*2b15cb3dSCy Schubertbetween 0 and 15. 2205*2b15cb3dSCy SchubertThis number overrides the default stratum number 2206*2b15cb3dSCy Schubertordinarily assigned by the driver itself, usually zero. 2207*2b15cb3dSCy Schubert<br><dt><code>refid</code> <kbd>string</kbd><dd>Specifies an ASCII string of from one to four characters which 2208*2b15cb3dSCy Schubertdefines the reference identifier used by the driver. 2209*2b15cb3dSCy SchubertThis string 2210*2b15cb3dSCy Schubertoverrides the default identifier ordinarily assigned by the driver 2211*2b15cb3dSCy Schubertitself. 2212*2b15cb3dSCy Schubert<br><dt><code>mode</code> <kbd>int</kbd><dd>Specifies a mode number which is interpreted in a 2213*2b15cb3dSCy Schubertdevice-specific fashion. 2214*2b15cb3dSCy SchubertFor instance, it selects a dialing 2215*2b15cb3dSCy Schubertprotocol in the ACTS driver and a device subtype in the 2216*2b15cb3dSCy Schubertparse 2217*2b15cb3dSCy Schubertdrivers. 2218*2b15cb3dSCy Schubert<br><dt><code>flag1</code> <code>0</code> <code>|</code> <code>1</code><br><dt><code>flag2</code> <code>0</code> <code>|</code> <code>1</code><br><dt><code>flag3</code> <code>0</code> <code>|</code> <code>1</code><br><dt><code>flag4</code> <code>0</code> <code>|</code> <code>1</code><dd>These four flags are used for customizing the clock driver. 2219*2b15cb3dSCy SchubertThe 2220*2b15cb3dSCy Schubertinterpretation of these values, and whether they are used at all, 2221*2b15cb3dSCy Schubertis a function of the particular clock driver. 2222*2b15cb3dSCy SchubertHowever, by 2223*2b15cb3dSCy Schubertconvention 2224*2b15cb3dSCy Schubert<code>flag4</code> 2225*2b15cb3dSCy Schubertis used to enable recording monitoring 2226*2b15cb3dSCy Schubertdata to the 2227*2b15cb3dSCy Schubert<code>clockstats</code> 2228*2b15cb3dSCy Schubertfile configured with the 2229*2b15cb3dSCy Schubert<code>filegen</code> 2230*2b15cb3dSCy Schubertcommand. 2231*2b15cb3dSCy SchubertFurther information on the 2232*2b15cb3dSCy Schubert<code>filegen</code> 2233*2b15cb3dSCy Schubertcommand can be found in 2234*2b15cb3dSCy Schubert<a href="#Monitoring-Options">Monitoring Options</a>. 2235*2b15cb3dSCy Schubert</dl> 2236*2b15cb3dSCy Schubert </dl> 2237*2b15cb3dSCy Schubert<div class="node"> 2238*2b15cb3dSCy Schubert<p><hr> 2239*2b15cb3dSCy Schubert<a name="Miscellaneous-Options"></a> 2240*2b15cb3dSCy Schubert<br> 2241*2b15cb3dSCy Schubert</div> 2242*2b15cb3dSCy Schubert 2243*2b15cb3dSCy Schubert<h4 class="subsection">Miscellaneous Options</h4> 2244*2b15cb3dSCy Schubert 2245*2b15cb3dSCy Schubert <dl> 2246*2b15cb3dSCy Schubert<dt><code>broadcastdelay</code> <kbd>seconds</kbd><dd>The broadcast and multicast modes require a special calibration 2247*2b15cb3dSCy Schubertto determine the network delay between the local and remote 2248*2b15cb3dSCy Schubertservers. 2249*2b15cb3dSCy SchubertOrdinarily, this is done automatically by the initial 2250*2b15cb3dSCy Schubertprotocol exchanges between the client and server. 2251*2b15cb3dSCy SchubertIn some cases, 2252*2b15cb3dSCy Schubertthe calibration procedure may fail due to network or server access 2253*2b15cb3dSCy Schubertcontrols, for example. 2254*2b15cb3dSCy SchubertThis command specifies the default delay to 2255*2b15cb3dSCy Schubertbe used under these circumstances. 2256*2b15cb3dSCy SchubertTypically (for Ethernet), a 2257*2b15cb3dSCy Schubertnumber between 0.003 and 0.007 seconds is appropriate. 2258*2b15cb3dSCy SchubertThe default 2259*2b15cb3dSCy Schubertwhen this command is not used is 0.004 seconds. 2260*2b15cb3dSCy Schubert<br><dt><code>calldelay</code> <kbd>delay</kbd><dd>This option controls the delay in seconds between the first and second 2261*2b15cb3dSCy Schubertpackets sent in burst or iburst mode to allow additional time for a modem 2262*2b15cb3dSCy Schubertor ISDN call to complete. 2263*2b15cb3dSCy Schubert<br><dt><code>driftfile</code> <kbd>driftfile</kbd><dd>This command specifies the complete path and name of the file used to 2264*2b15cb3dSCy Schubertrecord the frequency of the local clock oscillator. 2265*2b15cb3dSCy SchubertThis is the same 2266*2b15cb3dSCy Schubertoperation as the 2267*2b15cb3dSCy Schubert<code>-f</code> 2268*2b15cb3dSCy Schubertcommand line option. 2269*2b15cb3dSCy SchubertIf the file exists, it is read at 2270*2b15cb3dSCy Schubertstartup in order to set the initial frequency and then updated once per 2271*2b15cb3dSCy Schuberthour with the current frequency computed by the daemon. 2272*2b15cb3dSCy SchubertIf the file name is 2273*2b15cb3dSCy Schubertspecified, but the file itself does not exist, the starts with an initial 2274*2b15cb3dSCy Schubertfrequency of zero and creates the file when writing it for the first time. 2275*2b15cb3dSCy SchubertIf this command is not given, the daemon will always start with an initial 2276*2b15cb3dSCy Schubertfrequency of zero. 2277*2b15cb3dSCy Schubert 2278*2b15cb3dSCy Schubert <p>The file format consists of a single line containing a single 2279*2b15cb3dSCy Schubertfloating point number, which records the frequency offset measured 2280*2b15cb3dSCy Schubertin parts-per-million (PPM). 2281*2b15cb3dSCy SchubertThe file is updated by first writing 2282*2b15cb3dSCy Schubertthe current drift value into a temporary file and then renaming 2283*2b15cb3dSCy Schubertthis file to replace the old version. 2284*2b15cb3dSCy SchubertThis implies that 2285*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 2286*2b15cb3dSCy Schubertmust have write permission for the directory the 2287*2b15cb3dSCy Schubertdrift file is located in, and that file system links, symbolic or 2288*2b15cb3dSCy Schubertotherwise, should be avoided. 2289*2b15cb3dSCy Schubert<br><dt><code>enable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</code><br><dt><code>disable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</code><dd>Provides a way to enable or disable various server options. 2290*2b15cb3dSCy SchubertFlags not mentioned are unaffected. 2291*2b15cb3dSCy SchubertNote that all of these flags 2292*2b15cb3dSCy Schubertcan be controlled remotely using the 2293*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 2294*2b15cb3dSCy Schubertutility program. 2295*2b15cb3dSCy Schubert <dl> 2296*2b15cb3dSCy Schubert<dt><code>auth</code><dd>Enables the server to synchronize with unconfigured peers only if the 2297*2b15cb3dSCy Schubertpeer has been correctly authenticated using either public key or 2298*2b15cb3dSCy Schubertprivate key cryptography. 2299*2b15cb3dSCy SchubertThe default for this flag is 2300*2b15cb3dSCy Schubert<code>enable</code>. 2301*2b15cb3dSCy Schubert<br><dt><code>bclient</code><dd>Enables the server to listen for a message from a broadcast or 2302*2b15cb3dSCy Schubertmulticast server, as in the 2303*2b15cb3dSCy Schubert<code>multicastclient</code> 2304*2b15cb3dSCy Schubertcommand with default 2305*2b15cb3dSCy Schubertaddress. 2306*2b15cb3dSCy SchubertThe default for this flag is 2307*2b15cb3dSCy Schubert<code>disable</code>. 2308*2b15cb3dSCy Schubert<br><dt><code>calibrate</code><dd>Enables the calibrate feature for reference clocks. 2309*2b15cb3dSCy SchubertThe default for 2310*2b15cb3dSCy Schubertthis flag is 2311*2b15cb3dSCy Schubert<code>disable</code>. 2312*2b15cb3dSCy Schubert<br><dt><code>kernel</code><dd>Enables the kernel time discipline, if available. 2313*2b15cb3dSCy SchubertThe default for this 2314*2b15cb3dSCy Schubertflag is 2315*2b15cb3dSCy Schubert<code>enable</code> 2316*2b15cb3dSCy Schubertif support is available, otherwise 2317*2b15cb3dSCy Schubert<code>disable</code>. 2318*2b15cb3dSCy Schubert<br><dt><code>mode7</code><dd>Enables processing of NTP mode 7 implementation-specific requests 2319*2b15cb3dSCy Schubertwhich are used by the deprecated 2320*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 2321*2b15cb3dSCy Schubertprogram. 2322*2b15cb3dSCy SchubertThe default for this flag is disable. 2323*2b15cb3dSCy SchubertThis flag is excluded from runtime configuration using 2324*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code>. 2325*2b15cb3dSCy SchubertThe 2326*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 2327*2b15cb3dSCy Schubertprogram provides the same capabilities as 2328*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 2329*2b15cb3dSCy Schubertusing standard mode 6 requests. 2330*2b15cb3dSCy Schubert<br><dt><code>monitor</code><dd>Enables the monitoring facility. 2331*2b15cb3dSCy SchubertSee the 2332*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code> 2333*2b15cb3dSCy Schubertprogram 2334*2b15cb3dSCy Schubertand the 2335*2b15cb3dSCy Schubert<code>monlist</code> 2336*2b15cb3dSCy Schubertcommand or further information. 2337*2b15cb3dSCy SchubertThe 2338*2b15cb3dSCy Schubertdefault for this flag is 2339*2b15cb3dSCy Schubert<code>enable</code>. 2340*2b15cb3dSCy Schubert<br><dt><code>ntp</code><dd>Enables time and frequency discipline. 2341*2b15cb3dSCy SchubertIn effect, this switch opens and 2342*2b15cb3dSCy Schubertcloses the feedback loop, which is useful for testing. 2343*2b15cb3dSCy SchubertThe default for 2344*2b15cb3dSCy Schubertthis flag is 2345*2b15cb3dSCy Schubert<code>enable</code>. 2346*2b15cb3dSCy Schubert<br><dt><code>stats</code><dd>Enables the statistics facility. 2347*2b15cb3dSCy SchubertSee the 2348*2b15cb3dSCy Schubert<a href="#Monitoring-Options">Monitoring Options</a> 2349*2b15cb3dSCy Schubertsection for further information. 2350*2b15cb3dSCy SchubertThe default for this flag is 2351*2b15cb3dSCy Schubert<code>disable</code>. 2352*2b15cb3dSCy Schubert</dl> 2353*2b15cb3dSCy Schubert <br><dt><code>includefile</code> <kbd>includefile</kbd><dd>This command allows additional configuration commands 2354*2b15cb3dSCy Schubertto be included from a separate file. 2355*2b15cb3dSCy SchubertInclude files may 2356*2b15cb3dSCy Schubertbe nested to a depth of five; upon reaching the end of any 2357*2b15cb3dSCy Schubertinclude file, command processing resumes in the previous 2358*2b15cb3dSCy Schubertconfiguration file. 2359*2b15cb3dSCy SchubertThis option is useful for sites that run 2360*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 2361*2b15cb3dSCy Schuberton multiple hosts, with (mostly) common options (e.g., a 2362*2b15cb3dSCy Schubertrestriction list). 2363*2b15cb3dSCy Schubert<br><dt><code>logconfig</code> <kbd>configkeyword</kbd><dd>This command controls the amount and type of output written to 2364*2b15cb3dSCy Schubertthe system 2365*2b15cb3dSCy Schubert<code>syslog(3)</code> 2366*2b15cb3dSCy Schubertfacility or the alternate 2367*2b15cb3dSCy Schubert<code>logfile</code> 2368*2b15cb3dSCy Schubertlog file. 2369*2b15cb3dSCy SchubertBy default, all output is turned on. 2370*2b15cb3dSCy SchubertAll 2371*2b15cb3dSCy Schubert<kbd>configkeyword</kbd> 2372*2b15cb3dSCy Schubertkeywords can be prefixed with 2373*2b15cb3dSCy Schubert=, 2374*2b15cb3dSCy Schubert+ 2375*2b15cb3dSCy Schubertand 2376*2b15cb3dSCy Schubert-, 2377*2b15cb3dSCy Schubertwhere 2378*2b15cb3dSCy Schubert= 2379*2b15cb3dSCy Schubertsets the 2380*2b15cb3dSCy Schubert<code>syslog(3)</code> 2381*2b15cb3dSCy Schubertpriority mask, 2382*2b15cb3dSCy Schubert+ 2383*2b15cb3dSCy Schubertadds and 2384*2b15cb3dSCy Schubert- 2385*2b15cb3dSCy Schubertremoves 2386*2b15cb3dSCy Schubertmessages. 2387*2b15cb3dSCy Schubert<code>syslog(3)</code> 2388*2b15cb3dSCy Schubertmessages can be controlled in four 2389*2b15cb3dSCy Schubertclasses 2390*2b15cb3dSCy Schubert(<code>clock</code>, <code>peer</code>, <code>sys</code> and <code>sync</code>). 2391*2b15cb3dSCy SchubertWithin these classes four types of messages can be 2392*2b15cb3dSCy Schubertcontrolled: informational messages 2393*2b15cb3dSCy Schubert(<code>info</code>), 2394*2b15cb3dSCy Schubertevent messages 2395*2b15cb3dSCy Schubert(<code>events</code>), 2396*2b15cb3dSCy Schubertstatistics messages 2397*2b15cb3dSCy Schubert(<code>statistics</code>) 2398*2b15cb3dSCy Schubertand 2399*2b15cb3dSCy Schubertstatus messages 2400*2b15cb3dSCy Schubert(<code>status</code>). 2401*2b15cb3dSCy Schubert 2402*2b15cb3dSCy Schubert <p>Configuration keywords are formed by concatenating the message class with 2403*2b15cb3dSCy Schubertthe event class. 2404*2b15cb3dSCy SchubertThe 2405*2b15cb3dSCy Schubert<code>all</code> 2406*2b15cb3dSCy Schubertprefix can be used instead of a message class. 2407*2b15cb3dSCy SchubertA 2408*2b15cb3dSCy Schubertmessage class may also be followed by the 2409*2b15cb3dSCy Schubert<code>all</code> 2410*2b15cb3dSCy Schubertkeyword to enable/disable all 2411*2b15cb3dSCy Schubertmessages of the respective message class.Thus, a minimal log configuration 2412*2b15cb3dSCy Schubertcould look like this: 2413*2b15cb3dSCy Schubert<pre class="verbatim"> 2414*2b15cb3dSCy Schubert logconfig =syncstatus +sysevents 2415*2b15cb3dSCy Schubert</pre> 2416*2b15cb3dSCy Schubert 2417*2b15cb3dSCy Schubert <p>This would just list the synchronizations state of 2418*2b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code> 2419*2b15cb3dSCy Schubertand the major system events. 2420*2b15cb3dSCy SchubertFor a simple reference server, the 2421*2b15cb3dSCy Schubertfollowing minimum message configuration could be useful: 2422*2b15cb3dSCy Schubert<pre class="verbatim"> 2423*2b15cb3dSCy Schubert logconfig =syncall +clockall 2424*2b15cb3dSCy Schubert</pre> 2425*2b15cb3dSCy Schubert 2426*2b15cb3dSCy Schubert <p>This configuration will list all clock information and 2427*2b15cb3dSCy Schubertsynchronization information. 2428*2b15cb3dSCy SchubertAll other events and messages about 2429*2b15cb3dSCy Schubertpeers, system events and so on is suppressed. 2430*2b15cb3dSCy Schubert<br><dt><code>logfile</code> <kbd>logfile</kbd><dd>This command specifies the location of an alternate log file to 2431*2b15cb3dSCy Schubertbe used instead of the default system 2432*2b15cb3dSCy Schubert<code>syslog(3)</code> 2433*2b15cb3dSCy Schubertfacility. 2434*2b15cb3dSCy SchubertThis is the same operation as the -l command line option. 2435*2b15cb3dSCy Schubert<br><dt><code>setvar</code> <kbd>variable</kbd> <code>[default]</code><dd>This command adds an additional system variable. 2436*2b15cb3dSCy SchubertThese 2437*2b15cb3dSCy Schubertvariables can be used to distribute additional information such as 2438*2b15cb3dSCy Schubertthe access policy. 2439*2b15cb3dSCy SchubertIf the variable of the form 2440*2b15cb3dSCy Schubert<code>name</code><code>=</code><kbd>value</kbd> 2441*2b15cb3dSCy Schubertis followed by the 2442*2b15cb3dSCy Schubert<code>default</code> 2443*2b15cb3dSCy Schubertkeyword, the 2444*2b15cb3dSCy Schubertvariable will be listed as part of the default system variables 2445*2b15cb3dSCy Schubert(<code>rv</code> command)). 2446*2b15cb3dSCy SchubertThese additional variables serve 2447*2b15cb3dSCy Schubertinformational purposes only. 2448*2b15cb3dSCy SchubertThey are not related to the protocol 2449*2b15cb3dSCy Schubertother that they can be listed. 2450*2b15cb3dSCy SchubertThe known protocol variables will 2451*2b15cb3dSCy Schubertalways override any variables defined via the 2452*2b15cb3dSCy Schubert<code>setvar</code> 2453*2b15cb3dSCy Schubertmechanism. 2454*2b15cb3dSCy SchubertThere are three special variables that contain the names 2455*2b15cb3dSCy Schubertof all variable of the same group. 2456*2b15cb3dSCy SchubertThe 2457*2b15cb3dSCy Schubert<code>sys_var_list</code> 2458*2b15cb3dSCy Schubertholds 2459*2b15cb3dSCy Schubertthe names of all system variables. 2460*2b15cb3dSCy SchubertThe 2461*2b15cb3dSCy Schubert<code>peer_var_list</code> 2462*2b15cb3dSCy Schubertholds 2463*2b15cb3dSCy Schubertthe names of all peer variables and the 2464*2b15cb3dSCy Schubert<code>clock_var_list</code> 2465*2b15cb3dSCy Schubertholds the names of the reference clock variables. 2466*2b15cb3dSCy Schubert<br><dt><code>tinker</code> <code>[allan </code><kbd>allan</kbd><code> | dispersion </code><kbd>dispersion</kbd><code> | freq </code><kbd>freq</kbd><code> | huffpuff </code><kbd>huffpuff</kbd><code> | panic </code><kbd>panic</kbd><code> | step </code><kbd>srep</kbd><code> | stepout </code><kbd>stepout</kbd><code>]</code><dd>This command can be used to alter several system variables in 2467*2b15cb3dSCy Schubertvery exceptional circumstances. 2468*2b15cb3dSCy SchubertIt should occur in the 2469*2b15cb3dSCy Schubertconfiguration file before any other configuration options. 2470*2b15cb3dSCy SchubertThe 2471*2b15cb3dSCy Schubertdefault values of these variables have been carefully optimized for 2472*2b15cb3dSCy Schuberta wide range of network speeds and reliability expectations. 2473*2b15cb3dSCy SchubertIn 2474*2b15cb3dSCy Schubertgeneral, they interact in intricate ways that are hard to predict 2475*2b15cb3dSCy Schubertand some combinations can result in some very nasty behavior. 2476*2b15cb3dSCy SchubertVery 2477*2b15cb3dSCy Schubertrarely is it necessary to change the default values; but, some 2478*2b15cb3dSCy Schubertfolks cannot resist twisting the knobs anyway and this command is 2479*2b15cb3dSCy Schubertfor them. 2480*2b15cb3dSCy SchubertEmphasis added: twisters are on their own and can expect 2481*2b15cb3dSCy Schubertno help from the support group. 2482*2b15cb3dSCy Schubert 2483*2b15cb3dSCy Schubert <p>The variables operate as follows: 2484*2b15cb3dSCy Schubert <dl> 2485*2b15cb3dSCy Schubert<dt><code>allan</code> <kbd>allan</kbd><dd>The argument becomes the new value for the minimum Allan 2486*2b15cb3dSCy Schubertintercept, which is a parameter of the PLL/FLL clock discipline 2487*2b15cb3dSCy Schubertalgorithm. 2488*2b15cb3dSCy SchubertThe value in log2 seconds defaults to 7 (1024 s), which is also the lower 2489*2b15cb3dSCy Schubertlimit. 2490*2b15cb3dSCy Schubert<br><dt><code>dispersion</code> <kbd>dispersion</kbd><dd>The argument becomes the new value for the dispersion increase rate, 2491*2b15cb3dSCy Schubertnormally .000015 s/s. 2492*2b15cb3dSCy Schubert<br><dt><code>freq</code> <kbd>freq</kbd><dd>The argument becomes the initial value of the frequency offset in 2493*2b15cb3dSCy Schubertparts-per-million. 2494*2b15cb3dSCy SchubertThis overrides the value in the frequency file, if 2495*2b15cb3dSCy Schubertpresent, and avoids the initial training state if it is not. 2496*2b15cb3dSCy Schubert<br><dt><code>huffpuff</code> <kbd>huffpuff</kbd><dd>The argument becomes the new value for the experimental 2497*2b15cb3dSCy Schuberthuff-n'-puff filter span, which determines the most recent interval 2498*2b15cb3dSCy Schubertthe algorithm will search for a minimum delay. 2499*2b15cb3dSCy SchubertThe lower limit is 2500*2b15cb3dSCy Schubert900 s (15 m), but a more reasonable value is 7200 (2 hours). 2501*2b15cb3dSCy SchubertThere 2502*2b15cb3dSCy Schubertis no default, since the filter is not enabled unless this command 2503*2b15cb3dSCy Schubertis given. 2504*2b15cb3dSCy Schubert<br><dt><code>panic</code> <kbd>panic</kbd><dd>The argument is the panic threshold, normally 1000 s. 2505*2b15cb3dSCy SchubertIf set to zero, 2506*2b15cb3dSCy Schubertthe panic sanity check is disabled and a clock offset of any value will 2507*2b15cb3dSCy Schubertbe accepted. 2508*2b15cb3dSCy Schubert<br><dt><code>step</code> <kbd>step</kbd><dd>The argument is the step threshold, which by default is 0.128 s. 2509*2b15cb3dSCy SchubertIt can 2510*2b15cb3dSCy Schubertbe set to any positive number in seconds. 2511*2b15cb3dSCy SchubertIf set to zero, step 2512*2b15cb3dSCy Schubertadjustments will never occur. 2513*2b15cb3dSCy SchubertNote: The kernel time discipline is 2514*2b15cb3dSCy Schubertdisabled if the step threshold is set to zero or greater than the 2515*2b15cb3dSCy Schubertdefault. 2516*2b15cb3dSCy Schubert<br><dt><code>stepout</code> <kbd>stepout</kbd><dd>The argument is the stepout timeout, which by default is 900 s. 2517*2b15cb3dSCy SchubertIt can 2518*2b15cb3dSCy Schubertbe set to any positive number in seconds. 2519*2b15cb3dSCy SchubertIf set to zero, the stepout 2520*2b15cb3dSCy Schubertpulses will not be suppressed. 2521*2b15cb3dSCy Schubert</dl> 2522*2b15cb3dSCy Schubert <br><dt><code>rlimit</code> <code>[memlock </code><kbd>Nmegabytes</kbd><code> | stacksize </code><kbd>N4kPages</kbd><code> filenum </code><kbd>Nfiledescriptors</kbd><code>]</code><dd> 2523*2b15cb3dSCy Schubert <dl> 2524*2b15cb3dSCy Schubert<dt><code>memlock</code> <kbd>Nmegabytes</kbd><dd>Specify the number of megabytes of memory that can be allocated. 2525*2b15cb3dSCy SchubertProbably only available under Linux, this option is useful 2526*2b15cb3dSCy Schubertwhen dropping root (the 2527*2b15cb3dSCy Schubert<code>-i</code> 2528*2b15cb3dSCy Schubertoption). 2529*2b15cb3dSCy SchubertThe default is 32 megabytes. Setting this to zero will prevent any attemp to lock memory. 2530*2b15cb3dSCy Schubert<br><dt><code>stacksize</code> <kbd>N4kPages</kbd><dd>Specifies the maximum size of the process stack on systems with the 2531*2b15cb3dSCy Schubert<br><dt><code>filenum</code> <kbd>Nfiledescriptors</kbd><dd>Specifies the maximum number of file descriptors ntpd may have open at once. Defaults to the system default. 2532*2b15cb3dSCy Schubert<code>mlockall()</code> 2533*2b15cb3dSCy Schubertfunction. 2534*2b15cb3dSCy SchubertDefaults to 50 4k pages (200 4k pages in OpenBSD). 2535*2b15cb3dSCy Schubert</dl> 2536*2b15cb3dSCy Schubert <br><dt><code>trap</code> <kbd>host_address</kbd> <code>[port </code><kbd>port_number</kbd><code>]</code> <code>[interface </code><kbd>interface_address</kbd><code>]</code><dd>This command configures a trap receiver at the given host 2537*2b15cb3dSCy Schubertaddress and port number for sending messages with the specified 2538*2b15cb3dSCy Schubertlocal interface address. 2539*2b15cb3dSCy SchubertIf the port number is unspecified, a value 2540*2b15cb3dSCy Schubertof 18447 is used. 2541*2b15cb3dSCy SchubertIf the interface address is not specified, the 2542*2b15cb3dSCy Schubertmessage is sent with a source address of the local interface the 2543*2b15cb3dSCy Schubertmessage is sent through. 2544*2b15cb3dSCy SchubertNote that on a multihomed host the 2545*2b15cb3dSCy Schubertinterface used may vary from time to time with routing changes. 2546*2b15cb3dSCy Schubert 2547*2b15cb3dSCy Schubert <p>The trap receiver will generally log event messages and other 2548*2b15cb3dSCy Schubertinformation from the server in a log file. 2549*2b15cb3dSCy SchubertWhile such monitor 2550*2b15cb3dSCy Schubertprograms may also request their own trap dynamically, configuring a 2551*2b15cb3dSCy Schuberttrap receiver will ensure that no messages are lost when the server 2552*2b15cb3dSCy Schubertis started. 2553*2b15cb3dSCy Schubert<br><dt><code>hop</code> <kbd>...</kbd><dd>This command specifies a list of TTL values in increasing order, up to 8 2554*2b15cb3dSCy Schubertvalues can be specified. 2555*2b15cb3dSCy SchubertIn manycast mode these values are used in turn in 2556*2b15cb3dSCy Schubertan expanding-ring search. 2557*2b15cb3dSCy SchubertThe default is eight multiples of 32 starting at 2558*2b15cb3dSCy Schubert31. 2559*2b15cb3dSCy Schubert</dl> 2560*2b15cb3dSCy Schubert 2561*2b15cb3dSCy Schubert <p>This section was generated by <strong>AutoGen</strong>, 2562*2b15cb3dSCy Schubertusing the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.conf</code> program. 2563*2b15cb3dSCy SchubertThis software is released under the NTP license, <http://ntp.org/license>. 2564*2b15cb3dSCy Schubert 2565*2b15cb3dSCy Schubert<ul class="menu"> 2566*2b15cb3dSCy Schubert<li><a accesskey="1" href="#ntp_002econf-Files">ntp.conf Files</a>: Files 2567*2b15cb3dSCy Schubert<li><a accesskey="2" href="#ntp_002econf-See-Also">ntp.conf See Also</a>: See Also 2568*2b15cb3dSCy Schubert<li><a accesskey="3" href="#ntp_002econf-Bugs">ntp.conf Bugs</a>: Bugs 2569*2b15cb3dSCy Schubert<li><a accesskey="4" href="#ntp_002econf-Notes">ntp.conf Notes</a>: Notes 2570*2b15cb3dSCy Schubert</ul> 2571*2b15cb3dSCy Schubert 2572*2b15cb3dSCy Schubert<div class="node"> 2573*2b15cb3dSCy Schubert<p><hr> 2574*2b15cb3dSCy Schubert<a name="ntp_002econf-Files"></a> 2575*2b15cb3dSCy Schubert<br> 2576*2b15cb3dSCy Schubert</div> 2577*2b15cb3dSCy Schubert 2578*2b15cb3dSCy Schubert<h4 class="subsection">ntp.conf Files</h4> 2579*2b15cb3dSCy Schubert 2580*2b15cb3dSCy Schubert <dl> 2581*2b15cb3dSCy Schubert<dt><span class="file">/etc/ntp.conf</span><dd>the default name of the configuration file 2582*2b15cb3dSCy Schubert<br><dt><span class="file">ntp.keys</span><dd>private MD5 keys 2583*2b15cb3dSCy Schubert<br><dt><span class="file">ntpkey</span><dd>RSA private key 2584*2b15cb3dSCy Schubert<br><dt><span class="file">ntpkey_</span><kbd>host</kbd><dd>RSA public key 2585*2b15cb3dSCy Schubert<br><dt><span class="file">ntp_dh</span><dd>Diffie-Hellman agreement parameters 2586*2b15cb3dSCy Schubert</dl> 2587*2b15cb3dSCy Schubert<div class="node"> 2588*2b15cb3dSCy Schubert<p><hr> 2589*2b15cb3dSCy Schubert<a name="ntp_002econf-See-Also"></a> 2590*2b15cb3dSCy Schubert<br> 2591*2b15cb3dSCy Schubert</div> 2592*2b15cb3dSCy Schubert 2593*2b15cb3dSCy Schubert<h4 class="subsection">ntp.conf See Also</h4> 2594*2b15cb3dSCy Schubert 2595*2b15cb3dSCy Schubert<p><code>ntpd(1ntpdmdoc)</code>, 2596*2b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code>, 2597*2b15cb3dSCy Schubert<code>ntpq(1ntpqmdoc)</code> 2598*2b15cb3dSCy Schubert 2599*2b15cb3dSCy Schubert <p>In addition to the manual pages provided, 2600*2b15cb3dSCy Schubertcomprehensive documentation is available on the world wide web 2601*2b15cb3dSCy Schubertat 2602*2b15cb3dSCy Schubert<code>http://www.ntp.org/</code>. 2603*2b15cb3dSCy SchubertA snapshot of this documentation is available in HTML format in 2604*2b15cb3dSCy Schubert<span class="file">/usr/share/doc/ntp</span>. 2605*2b15cb3dSCy Schubert<br> 2606*2b15cb3dSCy Schubert 2607*2b15cb3dSCy Schubert <p><br> 2608*2b15cb3dSCy SchubertDavid L. Mills, <em>Network Time Protocol (Version 4)</em>, RFC5905 2609*2b15cb3dSCy Schubert<div class="node"> 2610*2b15cb3dSCy Schubert<p><hr> 2611*2b15cb3dSCy Schubert<a name="ntp_002econf-Bugs"></a> 2612*2b15cb3dSCy Schubert<br> 2613*2b15cb3dSCy Schubert</div> 2614*2b15cb3dSCy Schubert 2615*2b15cb3dSCy Schubert<h4 class="subsection">ntp.conf Bugs</h4> 2616*2b15cb3dSCy Schubert 2617*2b15cb3dSCy Schubert<p>The syntax checking is not picky; some combinations of 2618*2b15cb3dSCy Schubertridiculous and even hilarious options and modes may not be 2619*2b15cb3dSCy Schubertdetected. 2620*2b15cb3dSCy Schubert 2621*2b15cb3dSCy Schubert <p>The 2622*2b15cb3dSCy Schubert<span class="file">ntpkey_</span><kbd>host</kbd> 2623*2b15cb3dSCy Schubertfiles are really digital 2624*2b15cb3dSCy Schubertcertificates. 2625*2b15cb3dSCy SchubertThese should be obtained via secure directory 2626*2b15cb3dSCy Schubertservices when they become universally available. 2627*2b15cb3dSCy Schubert<div class="node"> 2628*2b15cb3dSCy Schubert<p><hr> 2629*2b15cb3dSCy Schubert<a name="ntp_002econf-Notes"></a> 2630*2b15cb3dSCy Schubert<br> 2631*2b15cb3dSCy Schubert</div> 2632*2b15cb3dSCy Schubert 2633*2b15cb3dSCy Schubert<h4 class="subsection">ntp.conf Notes</h4> 2634*2b15cb3dSCy Schubert 2635*2b15cb3dSCy Schubert<p>This document was derived from FreeBSD. 2636*2b15cb3dSCy Schubert 2637*2b15cb3dSCy Schubert</body></html> 2638*2b15cb3dSCy Schubert 2639