[ntp:questions] just joined the pool, a check list

[Cyrille37]

Hello
I've just joined the pool with a server running ntpd 4.2.4p4.
I would like to have done well, so I post here the configuration for
comments if needed.

1/ ntpd is lauched with option -g

2/ here is ntpd.conf :

statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

driftfile /etc/ntp.drift

server ntp.via.ecp.fr iburst dynamic
server ntp.obspm.fr iburst dynamic
server ntp1.belbone.be iburst dynamic
server ntp1.kamino.fr iburst dynamic
server timeserver.ntp.ch iburst dynamic
server canon.inria.fr
server ntp.probe-networks.de

restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

[ntp:questions] Career Guide for all Certifications Exams

[Seema]

Certifications are taken for showcasing your skills in specific
areas.  So it all depends on which area your skills are your current
job profile and your future career plans. There are certification
paths in almost every area.  Here I am presenting career helpline
http://career-helpline.blogspot.com/

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] just joined the pool, a check list

[Dennis Hilberg, Jr.]

Dennis Hilberg, Jr. wrote:
> statsdir /var/log/ntp/
> statistics loopstats peerstats clockstats
> filegen loopstats file loopstats type day enable
> filegen peerstats file peerstats type day enable

Oops, might as well remove the 'clockstats' option:

statsdir /var/log/ntpstats/
statistics loopstats peerstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable

-- 
Dennis Hilberg, Jr.  timekeeper(at)dennishilberg(dot)com
NTP Server Information:  http://saturn.dennishilberg.com/ntp.php

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] just joined the pool, a check list

[Dennis Hilberg, Jr.]

Cyrille37 wrote:
> Hello
> I've just joined the pool with a server running ntpd 4.2.4p4.
> I would like to have done well, so I post here the configuration for
> comments if needed.
> 
> 1/ ntpd is lauched with option -g
> 
> 2/ here is ntpd.conf :
> 
> statsdir /var/log/ntpstats/
> statistics loopstats peerstats clockstats
> filegen loopstats file loopstats type day enable
> filegen peerstats file peerstats type day enable
> filegen clockstats file clockstats type day enable

Since you aren't running a clock driver, clockstats won't generate anything.

> driftfile /etc/ntp.drift

I've been told it's bad practice to allow ntpd to write to /etc .  You 
should use /var/lib/ntp.drift or something similar.

You also don't have a logfile specified.

> server ntp.via.ecp.fr iburst dynamic
> server ntp.obspm.fr iburst dynamic
> server ntp1.belbone.be iburst dynamic
> server ntp1.kamino.fr iburst dynamic
> server timeserver.ntp.ch iburst dynamic
> server canon.inria.fr
> server ntp.probe-networks.de

According to the documentation, the dynamic option isn't supported in the 
current implementation.  You should use iburst on all your servers.

> restrict -4 default kod notrap nomodify nopeer noquery
> restrict -6 default kod notrap nomodify nopeer noquery

You don't specify -4 or -6 with restrict.  And don't use the 'noquery' 
option as that turns off 'ntpq' and 'ntpdc' queries.  A lot of operators 
like to know information about their clients.  Plus, if you set:

restrict default kod notrap nomodify nopeer noquery

You won't be able to query your server from the local machine, unless you 
specify a restriction for it.

Set it up like this:

# Default access restrictions (applies to all clients, local or not)
restrict default kod nopeer nomodify notrap

# Allow localhost unrestricted access
restrict 127.0.0.1


So to summarize, here is a fixed ntp.conf:


# Default access restrictions (applies to all clients)
restrict default kod nopeer nomodify notrap

# Allow localhost unrestricted access
restrict 127.0.0.1

server ntp.via.ecp.fr iburst
server ntp.obspm.fr iburst
server ntp1.belbone.be iburst
server ntp1.kamino.fr iburst
server timeserver.ntp.ch iburst
server canon.inria.fr iburst
server ntp.probe-networks.de iburst

driftfile /var/lib/ntp.drift

logfile /var/log/ntp/ntp.log

statsdir /var/log/ntp/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable


-- 
Dennis Hilberg, Jr.  timekeeper(at)dennishilberg(dot)com
NTP Server Information:  http://saturn.dennishilberg.com/ntp.php

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] help: ntp4 on vxworks

[Harlan Stenn]

>>> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Prathapnirmal) writes:

prathapnirmal> * I see configure.in only in arlib directory. So do I have to
prathapnirmal> update anything in this file?

No.  There will be a top-level configure.ac that might need to be updated
though.

prathapnirmal> * Do I have to rerun autoconf
prathapnirmal> and automake to regenerate the configure script?

Yes.

prathapnirmal> """ The configure.in
prathapnirmal> file
prathapnirmal> needed to be altered to allow for a host-target configuration
prathapnirmal> to take place.

That path looks wrong to me, but that's not important.

This should already be done.

prathapnirmal>- The define SYS_VXWORKS was added to the compilation
prathapnirmal> flags.  - Little endianess is set if the target is of type
prathapnirmal> iX86.  - The size of char, integer, long values are all
prathapnirmal> set. If Wind River ever changes these values they will need
prathapnirmal> to be updated.  - clock_settime() is defined to be used for
prathapnirmal> setting the clock.  - The Linking flags have -r added to
prathapnirmal> allow for relinking into the vxWorks kernel

prathapnirmal> Unfortunately I have had to make use of the ntp_machine.h
prathapnirmal> 
file
prathapnirmal> to add in the checks that would have been checked at linking
prathapnirmal> stage by autoconf, a better method should be devised.

configure should do that already - it should detect you are building for
vxworks and set -DSYS_VXWORKS.  Then, in ntp_machine.h the values will be
chosen.

What's the problem?  This should be working as intended.

prathapnirmal>- There is now a NO_MAIN_ALLOWED define that simulates
prathapnirmal> command line args, this allows the use of the normal startup
prathapnirmal> sysntax.  - POSIX timers have been added.  - Structures
prathapnirmal> normally found in netdb.h have been added with, the
prathapnirmal> corresponding code is in machines.c
prathapnirmal> . 
Where
prathapnirmal> possible the defines for these have been kept non-vxWorks
prathapnirmal> specific.

prathapnirmal> Unfortunately there are still quite a few SYS_VXWORKS type
prathapnirmal> defines in the source, but I have eliminated as many as
prathapnirmal> possible. You have the choice of using the usrtime.a library
prathapnirmal> avaliable from the vxworks archives or forgoing adjtime() and
prathapnirmal> using the clock_[get|set]time().The ntp_machine.h
prathapnirmal> 
file
prathapnirmal> clearly marks how to do this.  """

Are you saying you have patches to make it work for you now?

H

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] NTP and NAT

[Harlan Stenn]

>>> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Daniel Guerrero) writes:

Daniel> Hello, I'm a newbie on NTP, and i would like to know if there is any
Daniel> problem in configuring more than one machine with the same NTP
Daniel> server on a LAN that connects to the internet through a NAT (with
Daniel> the same outgoing IP for everyone).

They won't be able to sync to you, but you will be able to sync to them.

H

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] Reference clock all messed up?

[Harlan Stenn]

>>> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Adam Bolte) writes:

Adam> --- /etc/ntp.conf on 192.168.2.1 --- # /etc/ntp.conf

Adam> server 192.168.1.1

iburst is your friend.  See http://support.ntp.org/Support .

Adam> Using a client on one of the subnets I control, I run: $ sudo ntpdate
Adam> 192.168.2.1 5 Nov 18:39:36 ntpdate[21310]: no server suitable for
Adam> synchronization found

>From that (or any other machine), try:

 ntpq -p 192.168.2.1

and see what that says.

Adam> I believe "leap 11" is key, possibly indicating that there is a time
Adam> difference too great between the server and client.

11 means the remote clock is not sync'd.

H

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

[ntp:questions] help: ntp4 on vxworks

[Prathapnirmal]

Hi ntp-ians/Danny/Harlan,
  I am trying to compile ntp4 on vxworks5.5 and I was going through the
hints document provided with the source. I understood most of the part but I
had few questions at the end. It will be great if you can provide me your
valuable inputs related to the following section.

The document that I am looking at is
http://www.cis.udel.edu/~mills/ntp/html/build/hints/vxworks.html


* I see configure.in only in arlib directory. So do I have to update
anything in this file?
* Do I have to rerun autoconf and automake to regenerate the configure
script?

"""
The configure.in file
needed to be altered to allow for a host-target configuration to take place.


   - The define SYS_VXWORKS was added to the compilation flags.
   - Little endianess is set if the target is of type iX86.
   - The size of char, integer, long values are all set. If Wind River
   ever changes these values they will need to be updated.
   - clock_settime() is defined to be used for setting the clock.
   - The Linking flags have -r added to allow for relinking into the
   vxWorks kernel

Unfortunately I have had to make use of the ntp_machine.h
file to add
in the checks that would have been checked at linking stage by autoconf, a
better method should be devised.

   - There is now a NO_MAIN_ALLOWED define that simulates command line
   args, this allows the use of the normal startup sysntax.
   - POSIX timers have been added.
   - Structures normally found in netdb.h have been added with, the
   corresponding code is in machines.c
   . Where
   possible the defines for these have been kept non-vxWorks specific.

Unfortunately there are still quite a few SYS_VXWORKS type defines in the
source, but I have eliminated as many as possible. You have the choice of
using the usrtime.a library avaliable from the vxworks archives or forgoing
adjtime() and using the clock_[get|set]time().The ntp_machine.h
file
clearly marks how to do this.
"""

thanks

-- 
Prathap
mobile: +91 99465 56643
Pivot Systems
http://www.pivotsys.com
___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

[ntp:questions] Reference clock all messed up?

[Adam Bolte]

Howdy all,

I've got a problem that has been driving me nuts. Hopefully, somebody can
give me a clue.

I've been requested to configure an NTP server (192.168.2.1) for the local
subnets that I'm responsible for. Unfortunately, firewall rules prevent me
from accessing 123/UDP on the Internet, however there is a machine that
appears to be running NTP on 192.168.1.1 (outside subnets I administer but
internal to the company and accessible) which I would like to sync my server to.

On 192.168.2.1 I'm running FreeBSD 5.4-STABLE with ntpd "4.2.0-a Thu Jan 19
11:02:17 EST 2006". According to nmap, 192.168.1.1 might be FreeBSD 6.1 (86%
sure).

Note that we don't want all client NTP machines to access 192.168.1.1 -
otherwise, things would have been much easier.

--- /etc/ntp.conf on 192.168.2.1 ---
# /etc/ntp.conf

server 192.168.1.1

driftfile /var/db/ntpd.drift

# by default ignore all ntp packets
restrict default ignore

# allow localhost
restrict 127.0.0.1 mask 255.255.255.255

# accept packets from...
restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.3.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.4.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.5.0 mask 255.255.255.0 nomodify notrap
--- end /etc/ntp.conf on 192.168.2.1 ---

So I run the daemon:
$ /usr/sbin/ntpd -p /var/run/ntpd.pid -c /etc/ntp.conf

Using a client on one of the subnets I control, I run:
$ sudo ntpdate 192.168.2.1
 5 Nov 18:39:36 ntpdate[21310]: no server suitable for synchronization found

Seems odd, so I try:

$ sudo ntpdate -d 192.168.2.1
 5 Nov 18:41:24 ntpdate[21447]: ntpdate [EMAIL PROTECTED] Thu Oct  4 22:22:32
UTC 2007 (1)
transmit(192.168.2.1)
receive(192.168.2.1)
transmit(192.168.2.1)
receive(192.168.2.1)
transmit(192.168.2.1)
receive(192.168.2.1)
transmit(192.168.2.1)
receive(192.168.2.1)
transmit(192.168.2.1)
192.168.2.1: Server dropped: strata too high
server 192.168.2.1, port 123
stratum 16, precision -19, leap 11, trust 000
refid [192.168.2.1], delay 0.02597, dispersion 0.0
transmitted 4, in filter 4
reference time:.  Thu, Feb  7 2036 17:28:16.000
originate timestamp: cad947a4.ebce9575  Mon, Nov  5 2007 18:41:24.921
transmit timestamp:  cad947a4.f189ce4a  Mon, Nov  5 2007 18:41:24.943
filter delay:  0.02609  0.02597  0.02600  0.02600
 0.0  0.0  0.0  0.0
filter offset: -0.02255 -0.02258 -0.02260 -0.02260
 0.00 0.00 0.00 0.00
delay 0.02597, dispersion 0.0
offset -0.022588

 5 Nov 18:41:24 ntpdate[21447]: no server suitable for synchronization found


I believe "leap 11" is key, possibly indicating that there is a time
difference too great between the server and client. That certainly looks to
be the case. Waiting almost an hour for 192.168.2.1 to sync to 192.168.1.1
made no difference - the year stayed at 2036.

Next up, I decided to verify that 192.168.1.1 is accurate. I don't have the
ability to administer this box as it is outside my control, but I have no
choice but to use it as a reference clock for 192.168.2.1.

Again on an NTP client box:
$ sudo ntpdate -d 192.168.1.1
 5 Nov 18:28:39 ntpdate[20392]: ntpdate [EMAIL PROTECTED] Thu Oct  4 22:22:32
UTC 2007 (1)
transmit(192.168.1.1)
receive(192.168.1.1)
transmit(192.168.1.1)
receive(192.168.1.1)
transmit(192.168.1.1)
receive(192.168.1.1)
transmit(192.168.1.1)
receive(192.168.1.1)
transmit(192.168.1.1)
server 192.168.1.1, port 123
stratum 4, precision -19, leap 00, trust 000
refid [192.168.1.1], delay 0.03151, dispersion 0.00143
transmitted 4, in filter 4
reference time:cad94300.b36a1529  Mon, Nov  5 2007 18:21:36.700
originate timestamp: cad944a7.538d4049  Mon, Nov  5 2007 18:28:39.326
transmit timestamp:  cad944a7.60bbc2b9  Mon, Nov  5 2007 18:28:39.377
filter delay:  0.03151  0.03615  0.03386  0.03632
 0.0  0.0  0.0  0.0
filter offset: -0.05936 -0.05702 -0.05825 -0.05692
 0.00 0.00 0.00 0.00
delay 0.03151, dispersion 0.00143
offset -0.059360

 5 Nov 18:28:39 ntpdate[20392]: Debug mode --not changing the system date
 5 Nov 18:28:39 ntpdate[20392]: adjust time server 192.168.1.1 offset
-0.059360 sec
[EMAIL PROTECTED]:~$

It looks okay, however the time is still around 7 minutes out. I believe
192.168.2.1 to be more accurate.

On a client, I run:
$ ntpdate 192.168.1.1
 5 Nov 18:46:47 ntpdate[21910]: adjust time server 192.168.1.1 offset
-0.014893 sec

It made such a small adjustment to the clock... if it really needed to catch
up some 7 minutes, I would have expected a bigger adjustment.

After running the "ntpdate -d" command a few times against 192.168.1.1, I
noticed that the time didn't seem stable. I wrote a basic script to put it
to the test, with the intention of running it from 192.168.2.1.

--- timemonitor.sh ---
#!/usr/local/bin/bash

# On a remote machine, run:

# while [ 1 ] ; do #
#   nc -l -p 5000 -e /bin/date #
# done #

[ntp:questions] question on reference time in ntptrace

[Kling, Bruce]

This NTPTRACE shows a reference time in September - but good timestamps.
I have not seen a reference time like this before - what does it mean?

 

ntptrace -v 10.96.36.19
server 10.96.36.19, port 123
stratum 1, precision -19, leap 00
refid 'GPS' delay 0.13051, dispersion 0.0 offset -0.004415
rootdelay 0.0, rootdispersion 2.03979, synch dist 2.03979
reference time:  ca9b834c.  Wed, Sep 19 2007 11:15:24.000
originate timestamp: cad9c332.fab47c73  Mon, Nov  5 2007 16:28:34.979
transmit timestamp:  cad9c332.eaf7  Mon, Nov  5 2007 16:28:34.917

 

Thank you.

 

Bruce Kling

Brix Networks, Inc

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] Reference clock all messed up?

[Hal Murray]

>server 192.168.1.1

># by default ignore all ntp packets
>restrict default ignore
>
># allow localhost
>restrict 127.0.0.1 mask 255.255.255.255
>
># accept packets from...
>restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap
>restrict 192.168.3.0 mask 255.255.255.0 nomodify notrap
>restrict 192.168.4.0 mask 255.255.255.0 nomodify notrap
>restrict 192.168.5.0 mask 255.255.255.0 nomodify notrap

I don't see a restrict line that lets the answers
from 192.168.1.1 in so the "default ignore" line
will drop them.


-- 
These are my opinions, not necessarily my employer's.  I hate spam.

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] false cru .libs/libopts.a libopts_la-libopts.o

[Martin Burnicki]

Szallár Zsolt wrote:
>>> false cru .libs/libopts.a  libopts_la-libopts.o
>>> 
>>
>> I can't duplicate this here under Sparc/Solaris 9, either.
>>
>> In my opinion the build environment on the target machine may not be set
>> up properly. See also:
>>
http://www.google.com/search?q=solaris+%22convenience+libraries%22+%22false+cru%22
>>   
> tnx for all.
> the problem is resolved. the $PATH didn't include the /usr/ccs/bin, so
> the configure script couldn't find the ar.

Thanks for letting us know what turned out to be the reason for this
problem.

Martin
-- 
Martin Burnicki

Meinberg Funkuhren
Bad Pyrmont
Germany

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

[ntp:questions] NTP and NAT

[Daniel Guerrero]

Hello,

 

I'm a newbie on NTP, and i would like to know if there is any problem in
configuring more than one machine with the same NTP server on a LAN that
connects to the internet through a NAT (with the same outgoing IP for
everyone).

 

Thank you very much.

 

Daniel Guerrero Serrano

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions

Re: [ntp:questions] false cru .libs/libopts.a libopts_la-libopts.o

[Szallár Zsolt]

>> false cru .libs/libopts.a  libopts_la-libopts.o
>> 
>
> I can't duplicate this here under Sparc/Solaris 9, either.
>
> In my opinion the build environment on the target machine may not be set up
> properly. See also:
> http://www.google.com/search?q=solaris+%22convenience+libraries%22+%22false+cru%22
>   
tnx for all.
the problem is resolved. the $PATH didn't include the /usr/ccs/bin, so 
the configure script couldn't find the ar.

___
questions mailing list
questions@lists.ntp.org
https://lists.ntp.org/mailman/listinfo/questions