See ConfiguringNTPDev for discussion of this topic.
6. Configuring NTP
- 6. Configuring NTP
- 6.1. Configuring Refclocks
- 6.2. Orphan mode
- 6.3. Configuring Multicast Servers
- 6.4. Configuring Multicast Clients
- 6.5. ntpd access restrictions
- 6.6. Adding NTP Server Variables
- 6.7. Autokey Configuration for NTP stable releases
- 6.8. Autokey Configuration for NTP 4.2.4 (and earlier)
- 6.9. Locking ntpd in memory
- 6.10. Simple Client Configuration
- 6.11. Important Notes
- 6.12. DHCP Auto-configuration
- 6.13. How dynamic IP addresses affect ntpd
- 6.14. Using the NIST Leap Second File
- 6.15. Third-party HOWTOs and guides
6.10. Simple Client Configuration
This is the minimum configuration for an NTP Client which just needs "good enough" time.driftfile /var/lib/ntp/ntp.drift server 0.pool.ntp.org iburst server 1.pool.ntp.org iburst server 2.pool.ntp.org iburst server 3.pool.ntp.org iburst
- This configuration uses the Global NTP Pool. Please visit the NTP Pool web-site to learn about the Pool Zones which may be used to choose servers in your geographical area
- The drift file must in a directory writeable by the ntp user
6.11. Important Notes
First,ntpd needs a majority of servers to agree on the time before it can sync. If you only have one server, that server WILL be believed. If you have two or three servers and they disagree, no majority will be found.
If you are going to have server or peer lines in ntp.conf I recommend having at least four or five of them, and use iburst for each. See SelectingOffsiteNTPServers for more.
Be very careful with burst as it is only rarely needed and will significantly increase the traffic. Do not use burst unless you have a very good reason for doing so. (I'd like to have a URL to the pages that describe the rare cases where burst is appropriate.)
6.12. DHCP Auto-configuration
6.12.1. ISC dhcp 3
ISC's dhcp is able to automatically configure the servers used byntpd. Here's how to get it working:
- The dhcp server you are using must be configured to provide the
ntp-serversoption - Configure your
dhclientto requestntp-servers(it doesn't by default). To do this addntp-serversto the defaultrequestline in/etc/dhcp3/dhclient.conf - Create an
/etc/ntp.confwith all of the other settings that you wish to use. This file will be used to create/etc/ntp.conf.dhcp, it won't be over written. - Your
ntpdmust be told to use/etc/ntp.conf.dhcpif it exists. This is usually accomplished in the ntp init script (e.g./etc/init.d/ntp).
6.13. How dynamic IP addresses affect ntpd
Currently,ntpd does not rescan the network interfaces after it has started. If you are have a dynamic IP (use DHCP), this means ntpd will no longer be able to communicate with "outside" sources after your IP changes.
The script in 
Bug #51 will not help you unless it's the remote site's IP address that has changed.
6.14. Using the NIST Leap Second File
The U.S. National Institute of Standards and Technology (NIST) is publishing a file which contains a table of past and upcoming leap seconds. This file can be used byntpd to become aware of leap second announcements and thus be able to handle leap seconds gracefully.
Graceful handling of leap seconds implies applying the leap second locally at the appropriate time, rather than having the clock off by one second until the discrepancy witih sources is noticed and corrected at a later time. ntpd will gracefully handle leap seconds which it knows about in advance, via one of two means. If a leap second file is configured in ntp.conf or acquired via autokey, ntpd will inform clients of the pending leap for one day in advance via the leap field of the NTP packet, and it will be applied locally. Lacking a leapfile, ntpd is at the mercy of its sources to inform it of the pending leap second.
In the case of network sources, this means ntpd is at the mercy of the Stratum 1 sources at the top of its synchronization chain either having a current leapfile installed, or using a reference clock driver which provides advance notice of pending leap seconds. While some reference clocks do provide this information, many do not. For example, GPS provides notification to receivers of pending leap second insertions. That does not imply all stratum 1 servers using GPS will receive that notification. The popular NMEA reference clock driver does not, as the NMEA sentences its decodes do not carry advance notification of leap seconds.
Past experience has shown many stratum 1 servers do not advertise pending leap seconds during the day prior to the event. Installing a leapfile on your NTP server ensures it will notify its clients of the pending leap as well as handle the event gracefully. If you operate a stratum 1 server, your downstream clients are depending on your server to notify them, so it is best practice to download and configure the leapfile at least one day in advance of the scheduled insertion or deletion. The only exception is if you know all your reference clocks and their ntpd drivers will provide notification at least one day in advance.
The way to configure ntpd to use this file has changed with version 4.2.6 of ntpd.
The file is available available at ftp://time.nist.gov/pub/ as well as ftp://tycho.usno.navy.mil/pub/ntp/
The file name is: leap-seconds.nnnnnnnnnn where nnnnnnnnnn is a time the file was updated expressed as an NTP timestamp rounded to whole seconds, that is, the number of seconds since the start of the year 1900 (ignoring leap seconds).
As of this writing the name of the current NIST leap seconds file is leap-seconds.3535142400: - ftp://time.nist.gov/pub/leap-seconds.3535142400
- ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.3535142400
6.14.1. NTP Versions 4.2.6 and newer
Copy the leap seconds file onto your system running ntpd and add a line to your ntp.conf:leapfile "/path/to your/leap-file"
You need to restart ntpd to apply your configuration changes.
6.14.2. NTP Versions before 4.2.6
Pre-4.2.6 versions ofntpd evaluates the leap second file only if the autokey feature has been enabled. The autokey feature also provides a mechanism to forward the information from the leap second file to clients which are using autokey authentication of the server, that is, clients which have the autokey keyword on the server directive in ntp.conf.
The leap second file must be copied to the crypto directory configured for ntpd, and inside that directory a link must be created which points to that file. The standard name for the link is ntpkey_leap. However, this can be overridden by a configuration parameter.
So assuming the name of the leap second file as mentioned above, the standard link to the leap second file inside the NTP crypto directory should look like this:
ntpkey_leap -> leap-seconds.3535142400
6.15. Third-party HOWTOs and guides
- Setting up NTP on Windows - includes pointers to using GPS 18x LVC and the Sure Electronics board on both FreeBSD and Windows - DavidTaylor
Topic revision: r37 - 2012-02-17 - 00:00:33 - DaveHart
 |
|
Copyright &© 1999-2012 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback