# # NTP.Commands.txt # ----------------- # # # # Original Version # ---------------- # http://www.Linux-Consulting.com/NTP # # -- ntp server config # -- ntp client config # -- ntp commands # # # Sync the clock # -------------- # ntpdate clock.isc.org # # # 02-Nov-02 amo General Cleanup of Docs # 22-Apr-04 amo Added chown ntp /etc/ntp # 03-Dec-04 amo Moved, Merged, Cleanup # 26-Nov-05 amo Added ntp.org # 15-Mar-07 amo Added zdump # # # # UTC Universal Time Coordinated # GMT Greenwich Mean Time # NTP Network Time Protocol RFC 1305 # SNTP Simple Network Time Protocol RFC 2030 # # # # # List of NTP servers # ------------------- # http://www.ntp.org # http://www.eecis.udel.edu/~mills/ntp/servers.html # # http://alumni.media.mit.edu/~nelson/research/ntp-survey99/ 175K ntp servers in 1999 # # # RFCs # ---- # RFC- ntp port 123 # RFC868 rdate ( aka time protocol on port 37 ) # RFC1305 chrony ntp # # # ntp Sources # ----------- # http://www.ntp.org/ was http://www.eecis.udel.edu/~ntp # http://ntp.isc.org/bin/view/Main/SoftwareDownloads # http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/snapshots/ntp-stable/2005/08/ntp-stable-4.2.0a-20050816.tar.gz # # # xntp - version 3.x or older # ntp - version 4.x or newer # # # stratum 1 belongs to the class of best NTP servers available, because it has a reference clock # # # xntp docs # ---------- # http://www.ntp.org/ntpfaq # http://www.ntp.org/ntpfaq/NTP-s-config.htm - minimum config # # # http://www.eecis.udel.edu/~ntp/ # http://www.eecis.udel.edu/~ntp/ntpfaq/NTP-a-faq.htm NTP FAQ # http://www.eecis.udel.edu/~ntp/documentation.html NTP documentation # # http://www.clock.org/ntp/config.html # http://www.clock.org/ntp/notes.html # http://www.clock.org/ntp/debug.html # http://www.clock.org/ntp/hints.html # # /usr/doc/xntp3-5.93/notes.html # /usr/doc/ntp-4.1.2 # # http://tycho.usno.navy.mil/NTP/Version4/notes.htm # http://www.ccd.bnl.gov/xntp/author-notes.html # # http://toi.iriti.cnr.it/xntpdoc/debug.html - Debugging # # http://www.ccd.bnl.gov/xntp/author-notes.html - peers, restrict, authenticate # http://www.ccd.bnl.gov/xntp/ # # # Newsgroups # ---------- # comp.protocols.time.ntp # # # Other time daemons/apps : # ----------------------- # requires(??) time to be enabled in inetd.conf for rdate to work # # /usr/bin/rdate -s cerf.net ucsd.edu mit.edu Run from cron # ntpdate rdate replacement for boot time seeting and sloppy time keeing # ntptime # netdate # tickadj adjust kernel variables # # adjtimex --print query # # # xntpdc query program ( sometimes called ntpdc ) # # # # # shows a better list of peers # # # xntpdc>peers # echo peers | xntpdc # # # # tickadj # crony # ntp-simple http://packages.debian.org/stable/net/ntp-simple.html # ntpclient http://doolittle.faludi.com/ntpclient/ # # # Permissions # ----------- # chown ntp /etc/ntp # chown ntp /etc/ntp/drift # # # NTP Testing ( uses /etc/ntp.conf) # ----------- # ntptrace -dv ntp # # # TimeZone checking ( look for new timezone info, Mar 11, 2007 ) # ----------------- # zdump -v US/Pacific | grep 2007 # # # Testing # ------- # telnet ntp daytime # requires daytime enabled in inetd.conf # # ntpdate -udb time.apple.com # ntpdate -v ntp1 ntp2 ntp3 # ntpdate -q localhost # # ntpdate time.nist.gov # ntpdate ntp.alaska.edu # ntpdate Tick.gpsclock.com and Tock.gpsclock.com # # # to Save the time to the bios # ntpdate ; hwclock --systohc # # ntpd -g to update the clock instead of ntpdate # # # ntpdc -c peers -- see all the ntpservers you can see # ntpdc -l # ntpdc -c loopinfo # ntpdc -c kerninfo # # # ntpq -c peer -c as -c rl # # ntpq -p [ localhost ] # # properly synchronized: # - delay and offset should be non-zero # - jitter should be <= 100 # # # cannot synchronize: # - delay and offset is zero # - jitter is 4000 # # # jitter should NOT be 4000 # # # echo rv | ntpq # echo pe | ntpq # # echo pn | ntpq # echo as | ntpq # # # ntpd -d # # hwclock --adjust --utc --debug # # http://lists.suse.com/archive/suse-linux-e/2003-Jul/0356.html # 3 Jul 15:15:30 xntpd[18042]: time reset -0.595681 s # 3 Jul 15:15:30 xntpd[18042]: synchronisation lost # # It just means that your clock has drifted from the source more than (I think) 128ms # # adjtimex --print # # /usr/doc/xntp-*/scripts/lots-of-testing-scripts # # # # # precision # # # ntpq -c rl # # # Check if its Syncing properly # ----------------------------- # cat /var/log/xntpd # cat /var/log/ntpstats/peerstats # # check that you have the "ntp" user defined if ntpd doesnt run properly # # ntpq -p # delay and offset should be non-zero # "jitter" should be <= 100 # # # Versions # -------- # server mimsy.mil version 1 # server running ntpd version 1 # server apple.com version 2 # server running ntpd version 2 # # # # Set the BIOS clock # ------------------ # hwclock --set --date="9/22/96 16:45:05" # # hwclock --systohc # To set the BIOS clock from the system clock # # # BootTime # --------- # ntpdate -b server1 [server2 ...] # hwclock --systohc # # Cron # ---- # daily at 1:23am # 1 23 * * * ntpdate -v server1 [server2 ... # # # Firewall Requirements # -------------------- # ipchains -A input -p udp -j ACCEPT -d $YOURIP 123 # # ipchains -A input -j ACCEPT -p tcp -s 123.45.67.8 123 -d 192.168.1.1 # ipchains -A input -j ACCEPT -p udp -s 123.45.67.8 123 -d 192.168.1.1 # # # # ALLOW NTP time calls from our local subnets: # # # ipchains -A input -j ACCEPT -p tcp -s 192.168.1.0/24 -d 192.168.1.1 123 # ipchains -A input -j ACCEPT -p udp -s 192.168.2.0/25 -d 192.168.1.1 123 # # # ipchains -A input -j ACCEPT -p tcp -s 192.168.1.0/24 -d 192.168.1.1 123 # ipchains -A input -j ACCEPT -p udp -s 192.168.2.0/25 -d 192.168.1.1 123 # # ------- # # iptables -A INPUT -p udp --dport ntp -j ACCEPT # iptables -A INPUT -p udp --sport ntp -j ACCEPT # iptables -A OUTPUT -p udp --dport ntp -j ACCEPT # iptables -A OUTPUT -p udp --sport ntp -j ACCEPT # # ------- # # http://www.linuxmanagers.org/pipermail/linuxmanagers/2002-March/000329.html # # # Howto # ----- # http://www.linuxhomenetworking.com/linux-hn/ntp.htm ( #3 ) # == # == NOTE: noquery vs notrust # == # for ntp clients: restrict 192.168.1.0 mask 255.255.255.0 noquery nomodify notrap # for ntp servers: restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap # # # Example NTP conf # ---------------- # http://www.Linux-Consulting.com/NTP/NTP.Commands.txt # # http://wss.yale.edu/fom/cache/40.html NTP Server # http://wss.yale.edu/fom/cache/41.html NTP Client # http://www.umich.edu/~rsug/services/ntp.html NTP server and Client # # http://www.ccd.bnl.gov/xntp/ # # # http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/rel_6_1/conf/ntp.htm # http://userpages.umbc.edu/~banz/old/ucsdocs/timeservice.html # http://sunsite.net.edu.cn/tutorials/NetworkingGuide/BOOKCHAPTER-16.html - pics of stratum1, 2, 3 # http://sunsite.net.edu.cn/tutorials/NetworkingGuide/ntpD.conf_statements.html - ntp config options # http://uw7doc.sco.com/NET_tcpip/ntpC.complete_scenarios.html - pics of stratum1, 2, 3 etc # http://jon.novatek.co.nz/config/gateway-time.html # http://www.immt.pwr.wroc.pl/faq/msg00118.html # http://www.lo0.com/xntp/ # http://www.ccd.bnl.gov/xntp/author-notes.html # http://www.zdv.uni-mainz.de/extern/DU/HTML/APS2SCTE/DOCU_004.HTM#ntp_chap # # http://rgrjr.dyndns.org/linux/ntp.html#ntpdate ntpdate # http://bb.aphroland.org/bb/html/redhat.aphroland.org.ntpd.html # http://www.boulder.nist.gov/timefreq/service/its.htm # # http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ntp.html # # # # To disallow outside connections # # restrict default ignore # # # # To Allow local clients, but not peer or change the ntp server # # restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # # http://linuxreviews.org/howtos/ntp/ # - ntp client and ntp server # # http://www.akadia.com/services/ntp_synchronize.html # - client w/ debug tips # # http://www.siliconvalleyccie.com/linux-hn/ntp.htm # http://www.linuxhomenetworking.com/linux-hn/ntp.htm # # http://gentoo-wiki.com/HOWTO_NTP # # # More Docs # --------- # http://www.digipro.com/Papers/xntpd.shtml - firewall rules # http://vixen.physics.louisville.edu/ntp/notes.htm - authentication, keys # # ftp://elsie.nci.nih.gov # # # # # # Newsgroups stuff ( comp.protocols.time.ntp ) # # # http://www.febo.com/time-freq/ntp/faq/faq2Earn.htm # # # Cisco Router as NTP server # ------------------------- # www.siliconvalleyccie.com/linux-hn/ntp.htm # ciscorouter> enable # password: ********* # ciscorouter# config t # ciscorouter(config)# ntp update-calendar # ciscorouter(config)# ntp server 192.168.1.100 # ciscorouter(config)# ntp server 192.168.1.201 # ciscorouter(config)# exit # ciscorouter# wr mem # # # # Online Testing # --------------- # http://www.gpsclock.com/check.html # # # Reference clock # --------------- # 127.127.clock-type.UnitNumber # # # # Other Time Stuff # ---------------- # http://www.time.gov/ # http://tycho.usno.navy.mil/frtime.html # http://tycho.usno.navy.mil/cgi-bin/timer.pl # # http://www.rrbcurnow.freeuk.com/chrony # http://go.to/chrony # # http://www.boulder.nist.gov/timefreq/general/softwarelist.htm # # # end of file