17
Apr
Configuring an NTP Server
stored in: Configuring and Managing Network Applications

The /etc/inet/ntp.server file is a template for configuring an NTP server. Copy this file to /etc/inet/ntp.conf, and edit it to meet your network’s requirements. When viewing contents of the /etc/inet/ntp.server file, remember that an NTP server is also an NTP client.

The xntpd daemon is started at system boot if the /etc/inet/ntp.conf file exists and the NTP service is enabled by the SMF. The xntpd daemon starts in either the client or the server mode, depending on the contents of the ntp.conf file.

The table shows the parts of an NTP server’s configuration file and their descriptions.

NTP Configuration File Parts

Part

Description 

server 127.127.1.0 prefer

The IP address of the preferred NTP server. In this case, the loopback network is used, indicating the use of a local clock. The server keyword indicates an IP address of an NTP server from which time will be received.
If the system is a stratum-1 server, then you use X in the 127.127.X.0 syntax to identify a reference clock source. If X is set to 1, the system uses its local clock as the reference clock source.
If the server is a stratum-2 (or higher), this entry is an IP address of another NTP server to contact for time information. The prefer keyword means that if multiple systems of the same strata are used to getting clock information, a preferred server is the one that is always used when performing calculations.

 
fudge 127.127.1.0 stratum 0

The fudge entry is available to change (fudge) the stratum that the server advertises.

 
broadcast 224.0.1.1 ttl 4

The address the server uses to advertise to the network along with the TTL value to use in IP datagrams.

 
enable auth monitor

The configuration entry that enables authentication and the monitoring facility.

 
driftfile /var/ntp/ntp.drift

The location of the drift file.

 
statsdir /var/ntp/ntpstats/

The location of NTP statistics.

 
keys /etc/inet/ntp.keys

The conventional name of the key file used for authentication.

 
trustedkey 0

The encryption identifier. (Refer to RFC 1305 for more information.)

 
controlkey 0

The key identifier. (Refer to RFC 1305 for more information.)

Note: Different types of facilities, such as loopstats or clockstats, can also be enabled (refer to the xntpd man page for more details).

NTP servers can, but should not, use their own undisciplined local clock as an official, reliable time source.

To use an undisciplined local clock, complete the following steps:

  1. Copy the /etc/inet/ntp.server file to the /etc/inet/ntp.conf file. 
    # cp /etc/inet/ntp.server /etc/inet/ntp.conf
#
  2. Open the /etc/inet/ntp.conf file for editing, and change the server IP address to 127.127.1.0, where the number 1 represents the undisciplined local clock. Comment out the fudge keyword because special configuration is not needed for the local reference clock. 
    # vi /etc/inet/ntp.conf

    Change:

    server 127.127.XType.0
fudge 127.127.XType.0 stratum 0

    to:

    server 127.127.1.0 prefer
# fudge 127.127.XType.0 stratum 0
    Note: Choices for XType are listed in the comments of the /etc/inet/ntp.server file.
  3. Create a drift file as specified by the driftfile /var/ntp/ntp.drift entry in the /etc/inet/ntp.conf file. 
    # touch /var/ntp/ntp.drift
#
    Note: The xntpd daemon creates the contents of the drift file dynamically.
  4. Verify that the file exists. 
    # ls -al /var/ntp/ntp.drift
-rw-r–r–   1 root     root            0 Aug 16 11:06 /var/ntp/ntp.drift
#
  5. Start the NTP daemon by using the svcadm command. 
    # svcadm -v enable svc:/network/ntp
network/ntp enabled.
#
  6. Verify that the NTP daemon is running. 
    # pgrep -lf ntp
 1585 /usr/lib/inet/xntpd
#
  7. Use the snoop utility to view NTP server multicast advertisements. 
    # snoop | grep -i ntp
Using device /dev/hme (promiscuous mode)
       sys11 -> 224.0.1.1    NTP  broadcast [st=1] (2004-08-16 11:11:52.98017)
       sys11 -> 224.0.1.1    NTP  broadcast [st=1] (2004-08-16 11:12:56.98017)
       sys11 -> 224.0.1.1    NTP  broadcast [st=1] (2004-08-16 11:14:00.98016)
       sys11 -> 224.0.1.1    NTP  broadcast [st=1] (2004-08-16 11:15:04.98016)
    Note: Notice the 64-second interval between NTP advertisements sent out. This is due to the NTP polling value of 6; 26 is 64. The polling value can be seen by using the snoop -v command.

    Configure the Stratum

    You can configure the stratum of an NTP server manually by editing the fudge entry in the /etc/inet/ntp.conf file. This is useful when you do not have access to an external NTP server and you have to synchronize with another system manually.

    When a local clock is configured to act as an accurate source of time, NTP detects this. Systems that use their own clock as a time source advertise themselves as a stratum-4 server by default. However, the fudge keyword can be used to alter this behavior. The fudge configuration entry can use the stratum option to override the stratum level sent out with the NTP server’s time advertisements.

    Note: The snoop utility output includes the stratum level of the server. NTP servers and clients that are in the process of synchronization have a stratum level of 0 (zero) initially, until they establish their correct stratum level.

Determine which NTP servers are reachable by your NTP server. Refer to http://www.eecis.udel.edu/~mills/ntp/servers.html for links to lists of public NTP servers. You must notify the NTP server’s administrators of your intention to use their NTP server as a reference server so that the administrator can properly size NTP servers for the additional NTP load.

To use external NTP reference servers, complete the following steps:

  1. Copy the /etc/inet/ntp.server file to the /etc/inet/ntp.conf file. 
    # cp /etc/inet/ntp.server /etc/inet/ntp.conf
#
  2. Open the /etc/inet/ntp.conf file for editing, and change the server entry. Comment out the fudge keyword because special configuration is not needed for an external reference clock. 
    # vi /etc/inet/ntp.conf

    Change:

    server 127.127.XType.0
fudge 127.127.XType.0 stratum 0

    to:

    server external-time-server-a
server external-time-server-b
server external-time-server-c
# fudge 127.127.XType.0 stratum 0
  3. Create a drift file as specified by the driftfile /var/ntp/ntp.drift entry in the /etc/inet/ntp.conf file. 
    # touch /var/ntp/ntp.drift
#
  4. Verify that the file exists. 
    # ls -al /var/ntp/ntp.drift
-rw-r–r–   1 root     root           0 Aug 16 14:41 /var/ntp/ntp.drift
#
  5. Start the NTP daemon by using the svcadm command. 
    # svcadm -v svc:/enable network/ntp
network/ntp enabled.
  6. Check to see if the NTP daemon is running. 
    # pgrep -lf ntp
 1595 /usr/lib/inet/xntpd
#
    Note: NTP servers and client that are synchronizing with specific servers defined in the /etc/inet/ntp.conf file use a 64-second polling interval initially. When time synchronization is established, the polling interval increases to 17 minutes and 4 seconds (that is, 1024 seconds, or 210 seconds).

By default, all NTP messages are sent to the syslog facility.

To view the logged information in pseudo real-time, use the tail command with the follow (-f) option. For example:

# tail -f /var/adm/messages
Aug 16 14:25:37 sys11 xntpd[1614]: [ID 450285 daemon.error] 0 makes a poor control keyid

You can query or configure a running xntpd daemon by using the xntpdc utility, which was introduced in the Solaris 8 OS. The xntpdc command provides an extensive view of the state of the xntpd daemon. You can view statistical information interactively or on the command-line. Use the ? command to view a list of commands available inside xntpdc.

# xntpdc
xntpdc> ?
Commands available:
addpeer      addrefclock  addserver    addtrap      authinfo
broadcast    clkbug       clockstat    clrtrap      controlkey
ctlstats     debug        delay        delrestrict  disable
dmpeers      enable       exit         fudge        help
host         hostnames    iostats      kerninfo     keyid
keytype      leapinfo     listpeers    loopinfo     memstats
monlist      passwd       peers        preset       pstats
quit         readkeys     requestkey   reset        reslist
restrict     showpeer     sysinfo      sysstats     timeout
timerstats   traps        trustedkey   unconfig     unrestrict
untrustedkey version
xntpdc>

The commands can be used to display and configure the NTP setup. For example, the sysinfo command displays information about the current configuration:

xntpdc> sysinfo
system peer:          instructor
system peer mode:     client
leap indicator:       00
stratum:              2
precision:            -14
root distance:        0.00081 s
root dispersion:      0.31441 s
reference ID:         [192.168.30.30]
reference time:       c4cc99b1.2ce5f000  Tue, Aug 17 2004 15:50:25.175
system flags:         auth monitor pll stats kernel_sync 
frequency:            -16.000 ppm
stability:            38.345 ppm
broadcastdelay:       0.003906 s
authdelay:            0.000122 s
xntpdc> quit
#

The NTP service is started automatically at boot time if the /etc/inet/ntp.conf file exists and the NTP service was enabled by SMF. You can stop the service manually by using the svcadm command.

To stop the daemon, perform the command:

# svcadm -v disable svc:/network/ntp
network/ntp disabled.
#

To start the daemon, perform the command:

# svcadm -v enable svc:/network/ntp
network/ntp enabled.
#

The ntpq utility is the standard NTP query program. Use the ntpq utility to identify NTP peers on the network. For example:

# ntpq
ntpq> peers
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
*instructor      .LCL.            1 u   29   64  377     0.69    0.000    0.06
 224.0.1.1       0.0.0.0         16 -    -   64    0     0.00    0.000 16000.0
ntpq> exit
#

Related Posts:

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word