Update NTP (Network Time Protocol) wiki article?

I was trying to set up automatic clock synchronization, so I went here https://wiki.archlinux.org/index.php/Ne … e_Protocol to see how I could do that: first thing it says to install ntp, and that's easy, but then the configuration section is very different from the default /etc/ntp.conf coming with the repository package (version 4.2.6.p2-1), so this is the first reason why I think the article should be updated.
After that I started KISS-wondering why I should use a memory/bandwidth/cpu-eating daemon if what I want is just synchronize my clock at boot time, nothing more; in fact, configuring ntp that way is useful only for a ntp server, but I'm pretty confident that the large majority of people visiting that page are just looking for a way to sync their clock, so I think that the NTP part of the page should be split in 2 or even better 3 sub sections: 1) ntp server configuration (with ntpd running); 2) simple ntp clock synchronization (with ntpd running); 3) ntp clock synchronization (at boot time or as a cron event) (without ntpd running).
Subsection 3) should explain how to configure ntp.conf (and maybe /etc/rc.local ? I'm still studying on this) just to be able to have this command
ntpd -qg
automatically executed at boot time: maybe appending it to /etc/rc.local (but I'm afraid it's slightly more complicated than that, I'm still studying on it); it could also be reminded that it's possible to run that command at predefined time intervals by creating a cron event.
Is somebody with more knowledge than me interested in helping?
(Excuse my approximate English...)

Ok, I finally managed to find the time to revise the ntp.conf section, this is my first attempt to it:
===/etc/ntp.conf===
The first thing you define in your ntp.conf is the servers your machine will synchronize to.
NTP servers are classified in a hierarchical system with many levels called "strata": the devices which are considered independent time sources are classified as "stratum 0" sources; the servers directly connected to stratum 0 devices are classified as "stratum 1" sources; servers connected to stratum 1 sources are then classified as "stratum 2" sources and so on. It has to be understood that a server's stratum cannot be taken as an indication of its accuracy or reliability.
Tipically, stratum 2 servers are used for general synchronization purposes: if you don't already know the servers you're going to connect to, you should use the pool.ntp.org servers (http://www.pool.ntp.org/ or http://support.ntp.org/bin/view/Servers/NTPPoolServers) and choose the server pool that is closest to your location.
The following lines are just an example:
server 0.it.pool.ntp.org iburst
server 1.it.pool.ntp.org iburst
server 2.it.pool.ntp.org iburst
server 3.it.pool.ntp.org iburst
The iburst option is recommended, and sends a burst of packets if it cannot obtain a connection with the first attempt. The "burst" option should never be used without explicit permission and will likely result in blacklisting.
If you're setting up a ntp server, you need to add localhost as a server, so that, in case it loses internet access, it won't stop serving time to the network; add localhost as a "stratum 10" server (using the "fudge" command) so that it will never be used unless internet access is lost:
server 127.127.1.0
fudge 127.127.1.0 stratum 10
The next thing you have to do is add the drift file (which keeps track of yours clocks time deviation) and optionally the log file location:
driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp.log
Now all that's left to do is define the rules that will allow clients to connect to your service (localhost is considered a client too) using the "restrict" command; you should already have a line like this in your file:
restrict default nomodify nopeer
This restricts everyone from modifying anything and prevents everyone from querying your time server.
You can also add other options:
restrict default kod nomodify notrap nopeer noquery
In the past, "notrust" option was used too, but its function has changed to mean that authentication with a key is required.
Following this line, you need to tell ntpd what to allow through into your server; the following line is enough if you're not configuring a ntp server:
restrict 127.0.0.1
Otherwise you can add more clients like in this example:
restrict 1.2.3.4 nomodify
restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
This tells ntpd that 1.2.3.4 and all IP addresses from the 192.168.0.0 range will be allowed to synchronize on this server, but they will not be allowed to modify anything. All other IP addresses in the world will still obey the default restrictions (the first line in the ntp.conf).
In the end, the complete file will look like this (almost all original comments have been stripped out for clarity):
# Name of the servers ntpd should sync with (these are for Italy as an example)
server 0.it.pool.ntp.org iburst
server 1.it.pool.ntp.org iburst
server 2.it.pool.ntp.org iburst
server 3.it.pool.ntp.org iburst
driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp.log
restrict default nomodify nopeer
restrict 127.0.0.1
For a more in-depth explanation of the file, especially if you want to configure your machine as a ntp server, the Gentoo Wiki has a more detailed description.
Lastly, never forget man pages:
$ man ntp.conf
is likely to answer most of your remaining doubts.
Last edited by kynikos (2011-02-06 23:15:03)

Similar Messages

  • NTP(Network Time Protocol) Error whil installing Oracle 11gR2 RAC

    Dear Friends,
    I have installed oracle 11gr2 clusterware software in two node RAC. While i run the CLUVFY.SH, It shows error in NTP configuration.
    1)I add "-x" parameter in "/etc/sysconfig/ntp" configuration file. and start the ntpd service and run the cluvfy.sh . then i got the below error.
    Check: CTSS state
    Node Name State
    rac2 Observer
    rac1 Observer
    CTSS is in Observer state. Switching over to clock synchronization checks using NTP
    Starting Clock synchronization checks using Network Time Protocol(NTP)...
    NTP Configuration file check started...
    The NTP configuration file "/etc/ntp.conf" is available on all nodes
    NTP Configuration file check passed
    Checking daemon liveness...
    Check: Liveness for "ntpd"
    Node Name Running?
    rac2 no
    rac1 no
    Result: Liveness check failed for "ntpd"
    PRVF-5415 : Check to see if NTP daemon is running failed
    Result: Clock synchronization check using Network Time Protocol(NTP) failed
    PRVF-9652 : Cluster Time Synchronization Services check failed
    Post-check for cluster services setup was unsuccessful on all the nodes.
    =============================================================================================
    2)Down the ntpd service in both nodes and run the CLUVFY.SH.
    Check: CTSS state
    Node Name State
    rac2 Observer
    rac1 Observer
    CTSS is in Observer state. Switching over to clock synchronization checks using NTP
    Starting Clock synchronization checks using Network Time Protocol(NTP)...
    NTP Configuration file check started...
    The NTP configuration file "/etc/ntp.conf" is available on all nodes
    NTP Configuration file check passed
    Checking daemon liveness...
    Check: Liveness for "ntpd"
    Node Name Running?
    rac2 no
    rac1 yes
    Result: Liveness check failed for "ntpd"
    PRVF-5415 : Check to see if NTP daemon is running failed
    Result: Clock synchronization check using Network Time Protocol(NTP) failed
    PRVF-9652 : Cluster Time Synchronization Services check failed
    Post-check for cluster services setup was unsuccessful on all the nodes.
    ==========================================================================
    3)Based on some website advice, I down the ntpd service and move the "/etc/ntpd.conf" to another location.Then i got the below error.
    Result: Query of CTSS for time offset passed
    Check CTSS state started...
    Check: CTSS state
    Node Name State
    rac2 Observer
    CTSS is in Observer state. Switching over to clock synchronization checks using NTP
    Starting Clock synchronization checks using Network Time Protocol(NTP)...
    NTP Configuration file check started...
    ERROR:
    PRVF-5402 : Warning: Could not find NTP configuration file "/etc/ntp.conf" on node "rac2"
    PRVF-5405 : The NTP configuration file "/etc/ntp.conf" does not exist on all nodes
    rac2
    PRVF-5414 : Check of NTP Config file failed on all nodes. Cannot proceed further for the NTP tests
    Result: Clock synchronization check using Network Time Protocol(NTP) failed
    PRVF-9652 : Cluster Time Synchronization Services check failed
    =============================================================
    What should i do to solve this issue?? Please help me ...

    Hi,
    I start the ntpd start the service in both node and done the CLUVFY.SH.
    The output is below,
    Checking if CTSS Resource is running on all nodes...
    Check: CTSS Resource running on all nodes
    Node Name Status
    rac2 passed
    rac1 passed
    Result: CTSS resource check passed
    Querying CTSS for time offset on all nodes...
    Result: Query of CTSS for time offset passed
    Check CTSS state started...
    Check: CTSS state
    Node Name State
    rac2 Observer
    rac1 Observer
    CTSS is in Observer state. Switching over to clock synchronization checks using NTP
    Starting Clock synchronization checks using Network Time Protocol(NTP)...
    NTP Configuration file check started...
    The NTP configuration file "/etc/ntp.conf" is available on all nodes
    NTP Configuration file check passed
    Checking daemon liveness...
    Check: Liveness for "ntpd"
    Node Name Running?
    rac2 yes
    rac1 yes
    Result: Liveness check passed for "ntpd"
    Checking NTP daemon command line for slewing option "-x"
    Check: NTP daemon command line
    Node Name Slewing Option Set?
    rac2 yes
    rac1 yes
    Result:
    NTP daemon slewing option check passed
    Checking NTP daemon's boot time configuration, in file "/etc/sysconfig/ntpd", for slewing option "-x"
    Check: NTP daemon's boot time configuration
    Node Name Slewing Option Set?
    rac2 yes
    rac1 yes
    Result:
    NTP daemon's boot time configuration check for slewing option passed
    NTP common Time Server Check started...
    PRVF-5410 : Check of common NTP Time Server failed
    PRVF-5416 : Query of NTP daemon failed on all nodes
    Result: Clock synchronization check using Network Time Protocol(NTP) passed
    Oracle Cluster Time Synchronization Services check passed
    ========================================================================================
    [oracle@rac1 ~]$ /u01/app/grid/oracle/product/10.2.0/db_1/bin/cluvfy comp clocksync
    Verifying Clock Synchronization across the cluster nodes
    Checking if Clusterware is installed on all nodes...
    Check of Clusterware install passed
    Checking if CTSS Resource is running on all nodes...
    CTSS resource check passed
    Querying CTSS for time offset on all nodes...
    Query of CTSS for time offset passed
    Check CTSS state started...
    CTSS is in Observer state. Switching over to clock synchronization checks using NTP
    Starting Clock synchronization checks using Network Time Protocol(NTP)...
    NTP Configuration file check started...
    NTP Configuration file check passed
    Checking daemon liveness...
    Liveness check passed for "ntpd"
    NTP daemon slewing option check passed
    NTP daemon's boot time configuration check for slewing option passed
    NTP common Time Server Check started...
    PRVF-5410 : Check of common NTP Time Server failed
    PRVF-5416 : Query of NTP daemon failed on all nodes
    Clock synchronization check using Network Time Protocol(NTP) passed
    Oracle Cluster Time Synchronization Services check passed
    Verification of Clock Synchronization across the cluster nodes was successful.
    [oracle@rac1 ~]$
    ================================================================================
    I hope the problem solved. Am i correct??

  • Firewall blocks Apple's Network Time Protocol

    Hi,
    I admit to not fully understanding everything about the Firewall on OS X server 10.4.11 and I'm hoping someone can help with a little(?) problem.
    On the WAN side, my "gateway" server is connected directly to my SpeedTouch 780 modem with a fixed IP address. On the LAN side are a couple of switches and then an Airport Extreme base station (192.168.2.249). This broadcasts wirelessly to a more distant Airport Express (192.168.2.247). Both WiFi devices are configured to obtain the time from Apple's European servers.
    After completing a Carbon Copy Cloner of my OS partition and rebooting on my usual volume I noticed the following denials in my Firewall log:
    Dec 28 12:50:16 nl1 ipfw: 65534 Deny UDP 17.72.255.12:123 192.168.2.249:3987 in via en0
    Dec 28 12:40:25 nl1 ipfw: 65534 Deny UDP 17.72.255.12:123 192.168.2.247:3814 in via en0
    In SA --> Firewall --> Settings --> Services --> Edit Services for: 192.168.1-net (en0/modem connection)
    I have the "Allow only traffic for: 192.168.1-net on these ports" checked and
    NTP - Network Time Protocol UDP/TCP is also checked.
    Under, Edit Services for: any
    I have the "Allow only traffic for: any" checked and
    NTP - Network Time Protocol UDP/TCP is also checked.
    Under, Edit Services for: 192.168.2-net (en1/LAN)
    I have the "Allow all traffic for: 192.168.2-net" checked.
    1) Why is this traffic being blocked?
    2) Why does the port number seem to get changed in transit? (I've got NAT running and Open Directory).
    3) Does the configuration under, "Allow only traffic for: any" overrule all other Firewall settings? So if for example a port under, "Allow only traffic for: 192.168.1-net on these ports" wasn't checked but was under, "Allow only traffic for: any", would the traffic be allowed through?
    Thanks and happy new year!
    Michael Franks

    Do you have NTP activated? Does it work? If it doesn't and you have the firewall activated, then open the required port. If it is working then don't worry about it.

  • Use network time protocol on ciro to get timestamp?

    I would like to grab a timestamp from a network time protocol server like NIST on a cRIO device connected to the internet. How can I do this? There has to be someone in our labview community that has done this before or knows how to do it. Code examples appreciated
    [will work for kudos]
    Solved!
    Go to Solution.

    The network time protocol functionality of the crio synchronizes the crio's internal time to that of a Network Time Protocol server once per minute. This insures the crio's time is always accurate within a few milliseconds (I forget the exact specs).
    Using the article linked earlier i modified the ni-rt.ini file with the code given there and used the ip of one of the NIST Automic Clock NTP servers in Boulder, Colorado, which I found here: http://tf.nist.gov/tf-cgi/servers.cgi
    I have tested and confirmed this works quite well for my application.
    From my understanding, you are trying to use the crio's NTP functionality to synchronize the crio to the clock on your computer. Considering the fact that the crio's clock is much more accurate than the one on your pc, this seems a little backwards. What I would suggest you do is find a program that synchronizes your computer's clock to an external NTP server and choose the same NTP server that you have configured the crio to synchronize to. I recommend one of the NIST servers I told you about. I do know that windows has the ability to synchronize your clock to an NTP server of your choosing and you may not need to get any external software at all, you and your crio would just need an internet connection
    You did not specify what kind of accuracy in your synchronization you were hoping to achieve, but be sure to look at the specs of both the crio sync and the program on your pc to see what kind of accuracy you will be getting. 
    If this is not an option, there is another way to 'synchronize'. If you are using a crio-pc architecture where the pc is triggering an acquisition on the crio you can simply record the pc's time when the trigger is sent and send that timestamp over shared variable to the crio to be recorded along with your data as the time when the acquisition started. Then the dt between data points will remain constant so you can extrapolate timestamps from there.
    I hope I helped. Let me know what you think.
    [will work for kudos]

  • How to get SNTP (Simple Network Time Protocol) time from any time Servers?

    Hi All,
    I am trying to get the date and time from any internet time servers (http://tf.nist.gov/service/time-servers.html). How do I get that within the java program.
    ex: InetAddress address = InetAddress.getByName("time-nw.nist.gov");
    then a variable holds the current date and time (optional any specific time zone)
    Thanks in advance!
    Gajen

    Hi there,
    As an update, AtomicDate ([atomicdate.sourceforge.net|http://atomicdate.sourceforge.net] ) is a clean and flexible Java implementation of the NTP/SNTP protocol. It's main features are integration with the Spring Framework and a network time enabled version of java.util.Date. Cheers!
    AP

  • Network Time Protocol

    Hello,
    In the Date and Time settings box there is a checkbox to have your server set it's time automatically and it is by default set to receive its time from time.apple.com.
    I read that you need to open port 123 on your firewall to have a client recive updated time from a time server that is off site. Is this true for 10.4 servers? Or did apple set it up so you don't have to mess with your firewall?
    Robert

    Do you have NTP activated? Does it work? If it doesn't and you have the firewall activated, then open the required port. If it is working then don't worry about it.

  • Installation of Network Time Protocol Security Fix

    Hi....
    Per App Store, I installed the fix with no issues clicking "install now."  But, Mom's Mac did the automatic install. She saw the message window saying a security update was installed.  But, in the Application Store Upgrade section, this security upgrade is not listed.  Previous software updates are listed. For "fun of it" I downloaded the pkg with the update and "re-installed" it on my Mac,  It installed.
    Questions:
    1. Did I mess up my Mac by doing the install twice?
    2. If not, can I do the same on Mom's Mac to be sure the update is installed?
    3. Why wouldn't the automatic install (on Mom's machine) not show up on the list of updates?  Is this the usual state for automatic updates?
    4. What could I look at to see if the update was installed besides the lupdate list where it doesn't show up.
    Thanks!

    John, many thanks!  Took me a bit to find the install.log, but yes, the entry was there.  For my "self install" on the package, log said, "Installed "NTPUpdateYosemite-2"
    BTW: I checked the fingerprint of the package I downloaded, and it did not match the fingerprint in this Apple article at How to verify the authenticity of manually downloaded Apple Software Updates - Apple Support     But, the fingerprint of the package I downloaded did match the fingerprint of the package for the "Digital Camera RAW Compatibility 6.02" package that came out Dec 15th.  So, I think that the package I used was legit.  Make sense?
    ALSO...I did find this info on Apple website posted today.  About OS X NTP Security Update - Apple Support   It has terminal command for seeing if your NTP is updated.  [Just saw you edited your reply to include this]
    And, finally....Thanks so much for helping a relative newbie to software "stuff"

  • IPod update trying to download for days, "network time out"

    I just keep getting the network timeout error again and again. My hubby's iTunes downloaded and installed the update the first time in tried, using the same network connection.
    Is there anyway to download the update on a another computer and copy it to mine???

    Use the information in this article to locate the ipsw files, and move them from one machine to the other.
    (30207)

  • I have turned firewall off but my iphone will still not update. it still says 'network time out' i am using a dell laptop

    i have turned firewall off but my iphone will still not update. it still says 'network time out' i am using a dell laptop and i want to update my iphone4 to iOS 5.

    Things in this thread might be helpful too.
    https://discussions.apple.com/thread/3382814?start=0&tstart=0

  • 8g touch updated 4.2.1, problems synching apps and music. gives multiple errors; device times out, internal device errors, network times out, duplicate file, too many files open. itunes diagnostics ok. what to do?

    have an 8g ipod touch which has had problems trying to play games and downloading update 4.2.1. went to the apple store who kindly downloaded the software update but now can't synch and generates multiple error messages; device times out, internal device error, network times out, duplicate file and too many files open etc etc. have latest i tunes download and diagnostic test ok. what can i do?

    Does the ext directory have the php_oci8.dll? In the original steps the PHP dir is renamed. In the given php.in the extension_dir looks like it has been updated correctly. Since PHP distributes php_oci8.dll by default I reckon there would be a very good chance that the problem was somewhere else. Since this is an old thread I don't think we'll get much value from speculation.
    -- cj

  • "This task could not be updated at this time" Error in Outlook 2010 on Workflow Form

    Hi,
    I have setup a workflow to send task notifications to users and am getting an error when attempting to act on the InfoPath based workflow task form that appears in Outlook 2010 when clicking on the "Edit this task" button.  After clicking Approve, the
    form disappears, but after a few seconds a dialog box appears that says:
    "This task could not be updated at this time"
    The funny thing is that the task actually does get updated, but there is often a delay in doing so.  Does this warning appear because the server has a backup of workflow items to deal with?  I saw that in 2007 it meant something wasn't properly
    installed with InfoPath, but I am not sure if that is the case here or not.  Any guidance would be appreciated.
    I am using Office 2010 and SharePoint Server 2010.

    I have the same issue. If I had to guess it's because the workflow in question goes stale and has to recompile, thus it times out on the client even thou it gets submitted to the server so it eventually processes.
    Now either they need a longer time out fix, or we need some way to keep the workflow actively in memory somehow on our end for it to not do it. Preferably the longer timeout method would be best to save on ram, but I bet in bigger environments or workflows
    that get used often this won't be the issue.
    You can pretty much reproduce this if you have 2 tasks from the same workflow, the first one will give the error. then after that if you wait a minute for the workflow to get going, then close your 2nd task, it will be instant. So it's something with the
    way it's getting garbage collected and having to recompile that's causing this delay with the client and a timeout just needs extended or something to give the server a chance to finish loading up the workflow.
    Also there is a good article explaining reasons and solutions:
    http://social.technet.microsoft.com/wiki/contents/articles/2271.aspx
    Best Regards,
    Megren|Blog 

  • Networked Time Machine Backup in Yosemite (10.10.1)

    Hello Everyone!
    I am having issue using a networked Time Machine volume with my Debian Box. Prior to 10.10.1 Yosemite update Time Machine was working just fine. Even issuing the command sudo tmutil setdestination "afp://<Remote Server Address>/Time\ Machine/<sparsebundle>" and defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1, Nothing seems to work. Time Machine doesn't recognize the drive. I am able to connect to the drive by going to Go, but Time Machine still doesn't see the drive. My Debian Box is using Nettalk in conjunction with AFP. I followed this link as a guide. If anyone know a work around that would be greaaaaat.
    Thanks!

    A "Netatalk" server is unsuitable for use with Time Machine, especially if it's your only backup. I know this isn't the answer you want. I know Time Machine accepts the server as a backup destination. I know that the developer says the server will work with Time Machine, and I also know that it usually seems to work. Except when you try to restore, and find that you can't.
    Apple has published a specification for network devices that work with Time Machine. The incomplete, obsolete Netatalk implementation of Apple Filing Protocol doesn't meet that specification.
    If you want network backup, use as the destination either an Apple Time Capsule or an external storage device connected to another Mac or to an 802.11ac AirPort base station. Only the 802.11ac base stations support Time Machine, not any older model.
    Otherwise, don't use Time Machine at all. There are other ways to back up, though none of them is anywhere near as efficient or as well integrated with OS X. I don't have a specific recommendation.

  • For the last year, I have to refresh my browser to load certain normal pages...IE opens them, but not Firefox. I also have extreme difficulties loading video from sites including YouTube, Yahoo, etc. I open them in IE just fine. I update all the time.

    For the last year, I have to refresh my browser to load certain normal pages...IE opens them, but not Firefox. I also have extreme difficulties loading video from sites including YouTube, Yahoo, etc. I open them in IE just fine. I update all the time.

    "Clear the Cache": Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"<br />
    "Remove the Cookies" from sites that cause problems: Tools > Options > Privacy > Cookies: "Show Cookies"<br />
    Start Firefox in [[Safe Mode]] to check if one of your add-ons is causing your problem (switch to the DEFAULT theme: Tools > Add-ons > Themes).
    See [[Troubleshooting extensions and themes]] and [[Troubleshooting plugins]]
    Your plugins list shows outdated plugin(s) with known security and stability risks.
    *Java Plug-in 1.6.0_07 for Netscape Navigator (DLL Helper)
    Update the [[Java]] plugin to the latest version.
    *http://java.sun.com/javase/downloads/index.jsp (Java Platform: Download JRE)

  • How can i set the network time on my appleTV?

    Since the last update I have been unable to use my Appletv.  It says it can't get the network time.  I've restarted my router and unplugged the appleTV numerous times.  I've heard others have this problem too.  What is the solution?

    Log into your iCloud account on your computer, then click your user name in the right top then click on the time zone in the popup window. 

  • Network time will not set how can this be corrected

    Issues with network time how can a reset this so I can utilize my apple tv

    Dish will need to update their viewer. Contact Dish about their plans to update for compatibility to current Firefox versions. According to this, they only support through Firefox 6 --> http://www.dishnetwork.com/supportsection/sling-viewing-device
    '''If this reply solves your problem, please click "Solved It" next to this reply when <u>signed-in</u> to the forum.'''

Maybe you are looking for