Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 19/11/13 02:45, Brian Inglis wrote: W32tm is an SNTP service intended to synchronize time on workstations in a domain to a domain controller at intervals. w32time WAS such a service, and possibly still is out of the box. However, give or take implementation errors, it can be configured to act as an NTP V3 service. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 19/11/13 06:05, xiaoniao112...@gmail.com wrote: 在 2013年11月19日星期二UTC+8上午10时45分44秒,Brian Inglis写道: On 2013-11-18 01:30, xiaoniao112...@gmail.com wrote: hello : I had recently start a work about ntp service ,my friends and me use windows and linux to sync time in ntp.we could use w32time service to sync linux in ntp.In windows we could I found that in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\ MaxAllowedPhaseOffset may be could set the offset time between the local time and the server that they will be synchronize. If out of range of MaxAllowedPhaseOffset in seconds ,they synchronize,otherwise not. But I have a question that Is there a paremeter in ntp service that control the offset like in registry above in windows. W32tm is an SNTP service intended to synchronize time on workstations in a domain to a domain controller at intervals.NTP service is intended to maintain accurate time on clients and servers across the internet, where the accuracy willdepend on your budget and effort, from 100ms with poolservers to 1us with referenc e clock hardware and kernel PPS support.W32tm service parameters documented at http://technet.microsoft.com/en-us/library/cc773263%28v=ws.10%29.aspx, may be compared to options from NTP docs @ doc.ntp.org:e.g. Configuration Commands and OptionsMiscellaneous Commands tinker - modify sacred system parameters (dangerous) http://doc.ntp.org/4.2.6p5/miscopt.html#tinker for current stable release 4.2.6p5tinker.. panic panic Specifies the panic threshold in seconds with default 1000 s. If set to zero, the panic sanity check is disabled and a clock offset of any value will be accepted step step Specifies the step threshold in seconds. The default without this command is 0.128 s. If set to zero, step adjustments will never occur. Note: The kernel time discipline is disabled if the step threshold is set to zero or greater than 0.5 s stepout stepout Specifies the stepout threshold in seconds. The default without this command is 900 s. If set to zero, popcorn spikes will not be suppre ssed.So tinker step is similar to W32tm MaxAllowedPhaseOffset except for different service levels:The default value for domain members is 300. The default value for stand-alone clients and servers is 1. and the W32tm slew requirement: |CurrentTimeOffset| / (PhaseCorrectRate*UpdateInterval) SystemClockRate / 2 -- -- Take care. Thanks, Brian Inglis ___questions mailing list questi...@lists.ntp.orghttp://lists.ntp.org/listinfo/questions But I have a question,how can I set this value,I just use it in a LAN to Synchonize the time in the LAN.So is that a stand-alone clients and servers.If it is ,which command should I use to change this value in LINUX OS. In /etc/ntpd.conf, or whatever your OS calls that file. Note that ntpd was not really designed for use without a reference clock. If you are careful, you can do so, but it is easy to create configurations that behave badly. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 2013-11-18 23:05, xiaoniao112...@gmail.com wrote: On 2013-11-18 01:30, xiaoniao112...@gmail.com wrote: hello : But I have a question,how can I set this value, I just use it in a LAN to Synchonize the time in the LAN. So is that a stand-alone clients and servers. If it is ,which command should I use to change this value in LINUX OS. I presume you refer to ntpd/tinker step? This parameter alters when the daemon decides the system time offset is too high to be disciplined by slewing the system clock rate, and it has to fall back to step the time by the offset. This will depend on the maximum system clock rate change headroom available on each system, given the inherent frequency drift of each system. You should not need to change this parameter: tinker - modify sacred system parameters (dangerous)! On most systems, a step should only be necessary when you start the ntpd daemon and the ntpd startup option -g --panicgate will allow a single large adjustment to be made when ntpd has made its initial offset estimate from other network time servers or a local hardware reference clock. Before you consider changing this, you need to calibrate the inherent frequency drift of *each* system's hardware clock crystal, to see whether and what values might be feasible on *each* system. To make a decision on whether this could be useful, please find a good translation to your language of Linux man hwclock(8), adjtimex(8), ntpd(8), and the NTP docs (or try Google Translate on the doc.ntp.org web site pages). Someone else asked: what are you trying to do by changing this parameter? The defaults have been set based on running and simulating different control algorithms, settings, and scenarios. Start by using the defaults and setup described in the Quick Start section or set by your distribution in the default ntp.conf provided. If nothing is provided use pool servers with an ntp.conf statement like: pool asia.pool.ntp.org or one of the country pools shown at http://www.pool.ntp.org/zone/asia cn.pool.ntp.org, hk.pool.ntp.org, sg.pool.ntp.org, tw.pool.ntp.org. -- Take care. Thanks, Brian Inglis ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Panic threshold code
A C writes: If I'm reading the code correctly (for 4.2.7p270 at the moment), in ntp_loopfilter.c at line 245 (or nearby for newer versions) I see: if (fabs(fp_offset) clock_panic clock_panic 0 !allow_panic) { snprintf(tbuf, sizeof(tbuf), %+.0f s; set clock manually within %.0f s., fp_offset, clock_panic); report_event(EVNT_SYSFAULT, NULL, tbuf); return (-1); } I am assuming this is the segment of code that will cause ntpd to abort entirely if the panic threshold (default 1000 s) is exceeded? Yes. And the value can be changed (0 means don't exit if the offset is huge) and one can start ntpd with -g to wiggle allow_panic to let the first adjustment happen regardless of how big it is. -- Harlan Stenn st...@ntp.org http://networktimefoundation.org - be a member! ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 2013-11-19 00:57, David Woolley wrote: On 19/11/13 02:45, Brian Inglis wrote: W32tm is an SNTP service intended to synchronize time on workstations in a domain to a domain controller at intervals. w32time WAS such a service, and possibly still is out of the box. However, give or take implementation errors, it can be configured to act as an NTP V3 service. With about the same accuracy as a drift compensation TSR and the NIST ACTS dial up service used from Windows 3 95 on a dial up link! A number of the parameters have a resolution of seconds! Given the NTP and w32tm rate control settings, we know w32tm will be unable to slew and have to step adjust the offsets on some systems, not just those with broken hardware clocks. -- Take care. Thanks, Brian Inglis ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 2013-11-19 00:55, David Woolley wrote: On 19/11/13 06:05, xiaoniao112...@gmail.com wrote: But I have a question,how can I set this value,I just use it in a LAN to Synchonize the time in the LAN.So is that a stand-alone clients and servers.If it is ,which command should I use to change this value in LINUX OS. In /etc/ntpd.conf, or whatever your OS calls that file. Note that ntpd was not really designed for use without a reference clock. ...at the top of the network time hierarchy: stratum 1. It was designed for use with local and remote network time servers at all lower stratum levels; evident in the default control settings. If you are careful, you can do so, but it is easy to create configurations that behave badly. ...and hard to create good configurations without reading and understanding the docs, sometimes the code, and possibly also the book. -- Take care. Thanks, Brian Inglis ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
在 2013年11月19日星期二UTC+8下午5时06分42秒,Brian Inglis写道: On 2013-11-19 00:55, David Woolley wrote: On 19/11/13 06:05, xiaoniao112...@gmail.com wrote: But I have a question,how can I set this value,I just use it in a LAN to Synchonize the time in the LAN.So is that a stand-alone clients and servers.If it is ,which command should I use to change this value in LINUX OS.In /etc/ntpd.conf, or whatever your OS calls that file. Note that ntpd was not really designed for use without a reference clock. ...at the top of the network time hierarchy: stratum 1. It was designed for use with local and remote network time servers at all lower stratum levels; evident in the default control settings. If you are careful, you can do so, but it is easy to create configurations that behave badly. ...and hard to create good configurations without reading and understanding the docs, sometimes the code, and possibly also the book. -- Take care. Thanks, Brian Inglis Thanks a lot for your suggestion. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
Just as a point of interest, one of the most heated debates I have ever been involved in internally here at Oracle was concerning whether getaddrinfo (as defined by POSIX) should or should not return IPv6 addresses if the system only has IPv4 interfaces and/or only the loopback IPv6 address. The getaddrinfo call was designed to work efficiently on both dual stack and single stack systems, but the wording in the standard is slightly ambiguous especially considering the case that the host you are looking up might actually belong to the system you are on. On 11/18/13 16:01, Danny Mayer wrote: On 11/18/2013 2:44 PM, A C wrote: On 11/18/2013 11:18, Majdi S. Abbas wrote: The fact that it's even trying means you didn't start ntpd with -4, and the host has at least one IPv6 interface (this might be as simple as v6 enabled on the loopback.) So, either ensure that v6 is fully disabled on the host, or add -4 to your ntpd startup parameters. lo0 did indeed have a v6 address configured (hadn't noticed) though my eth0 does not. I would not have expected ntpd to use v6 if any one interface did not have it. Up until this point it never returned a v6 address on lookup so that's probably why I never noticed that v6 had been enabled again (recent upgrade of OS). I've disabled all v6 now and added -4 for good measure. ntpd will use whatever addresses it gets back from DNS. If you don't specify that you only want IPv4 addresses and it gets an IPv6 address it will attempt to use it. This is a DNS and configuration issue not an ntp issue. This is true of all applications (whether client or server) these days. Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions -- blu Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. - Martin Golding ---| Brian Utterback - Solaris RPE, Oracle Corporation. Ph:603-262-3916, Em:brian.utterb...@oracle.com ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
That must have been a short discussion. getaddrinfo() has nothing to do with the IP stack. getaddrinfo()'s job is to get information from the nameservers you specify in resolv.conf or wherever else the OS has that information. Its job is NOT to make decisions about what it should ask for. That's the programmer's job when setting up the API call as to what addresses to ask for. Would you like dig, nslookup, host, etc. to not give you all the information when you are analyzing a problem? (the BIND versions use their own internal versions of getaddrinfo, I am using these as an example). Applications and Servers can make their own decisions about what data to fetch and use, not getaddrinfo's. Danny On 11/19/2013 9:02 AM, Brian Utterback wrote: Just as a point of interest, one of the most heated debates I have ever been involved in internally here at Oracle was concerning whether getaddrinfo (as defined by POSIX) should or should not return IPv6 addresses if the system only has IPv4 interfaces and/or only the loopback IPv6 address. The getaddrinfo call was designed to work efficiently on both dual stack and single stack systems, but the wording in the standard is slightly ambiguous especially considering the case that the host you are looking up might actually belong to the system you are on. On 11/18/13 16:01, Danny Mayer wrote: On 11/18/2013 2:44 PM, A C wrote: On 11/18/2013 11:18, Majdi S. Abbas wrote: The fact that it's even trying means you didn't start ntpd with -4, and the host has at least one IPv6 interface (this might be as simple as v6 enabled on the loopback.) So, either ensure that v6 is fully disabled on the host, or add -4 to your ntpd startup parameters. lo0 did indeed have a v6 address configured (hadn't noticed) though my eth0 does not. I would not have expected ntpd to use v6 if any one interface did not have it. Up until this point it never returned a v6 address on lookup so that's probably why I never noticed that v6 had been enabled again (recent upgrade of OS). I've disabled all v6 now and added -4 for good measure. ntpd will use whatever addresses it gets back from DNS. If you don't specify that you only want IPv4 addresses and it gets an IPv6 address it will attempt to use it. This is a DNS and configuration issue not an ntp issue. This is true of all applications (whether client or server) these days. Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
Harlan Stenn st...@ntp.org wrote: You might want: interface ignore all interface listen 127.0.0.1 # if you want localhost ntpq to work interface listen a.b.c.d # enumerate the IPs you want to use Thanks. I take it then that wildcard charaters in matching on interface names aren't a go :) My further complication is these systems get their IPs via DHCP (I should have listed that in the first place, sorry) and some are bonded and some are not bonded, but the component names of the interfaces in the bond(s) are the same namespace as when they are not bonded. For example I may have systems with a bond0 using eth2 and eth3 and some systems just using eth2. I *may* though be able to split the config files between such systems - that remains to be determined and if not is, arguably a failing at my end. Wildcard - that is listening on INADDR_ANY basically? thanks, rick -- It is not a question of half full or empty - the glass has a leak. The real question is Can it be patched? these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH... ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
Danny Mayer ma...@ntp.org wrote: That must have been a short discussion. getaddrinfo() has nothing to do with the IP stack. getaddrinfo()'s job is to get information from the nameservers you specify in resolv.conf or wherever else the OS has that information. Its job is NOT to make decisions about what it should ask for. That's the programmer's job when setting up the API call as to what addresses to ask for. I suspect it all boils down to the behaviour when one sets AI_ADDRCONFIG in the getaddrinfo() call. When that is set, ostensibly getaddrinfo() is supposed to filter-out any reponses that are of a type that cannot be used by the application. The decision made was if there were no non-loopback-interface IPv6 addresses configured, records would not be returned from the getaddrinfo() call. Similarly for A recorecords if there were no IPv4 addresses configured on the system. Later, when interfaces started getting auto-configured, local scope IPv6 addresses, there was a call to change that to be don't return IPv6 addresses unless there is a better-than-local-scope IPv6 address assigned. Started causing me all manner of pain in netperf :( Not sure where that stands now in the Linux world. rick jones -- oxymoron n, Hummer H2 with California Save Our Coasts and Oceans plates these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH... ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
On 11/19/2013 12:33 PM, Rick Jones wrote: Danny Mayer ma...@ntp.org wrote: That must have been a short discussion. getaddrinfo() has nothing to do with the IP stack. getaddrinfo()'s job is to get information from the nameservers you specify in resolv.conf or wherever else the OS has that information. Its job is NOT to make decisions about what it should ask for. That's the programmer's job when setting up the API call as to what addresses to ask for. I suspect it all boils down to the behaviour when one sets AI_ADDRCONFIG in the getaddrinfo() call. When that is set, ostensibly getaddrinfo() is supposed to filter-out any reponses that are of a type that cannot be used by the application. The decision made was if there were no non-loopback-interface IPv6 addresses configured, records would not be returned from the getaddrinfo() call. Similarly for A recorecords if there were no IPv4 addresses configured on the system. Later, when interfaces started getting auto-configured, local scope IPv6 addresses, there was a call to change that to be don't return IPv6 addresses unless there is a better-than-local-scope IPv6 address assigned. Started causing me all manner of pain in netperf :( Not sure where that stands now in the Linux world. rick jones Yes, that was the issue. Further complicating it was what do you return if you have no IPv6 interfaces and you set AI_ADDRCONFIG and you pass in a literal IPv6 address. The problem is that getaddrinfo replaces both gethostbyname and inet_aton, each of which you might expect to have different results in that case. We had people citing two RFC's and the ipng working group mailing list. Great fun. Brian utterback Brian Utterback ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
On 11/19/2013 12:33 PM, Rick Jones wrote: Danny Mayer ma...@ntp.org wrote: That must have been a short discussion. getaddrinfo() has nothing to do with the IP stack. getaddrinfo()'s job is to get information from the nameservers you specify in resolv.conf or wherever else the OS has that information. Its job is NOT to make decisions about what it should ask for. That's the programmer's job when setting up the API call as to what addresses to ask for. I suspect it all boils down to the behaviour when one sets AI_ADDRCONFIG in the getaddrinfo() call. When that is set, ostensibly getaddrinfo() is supposed to filter-out any reponses that are of a type that cannot be used by the application. The decision made was if there were no non-loopback-interface IPv6 addresses configured, records would not be returned from the getaddrinfo() call. Similarly for A recorecords if there were no IPv4 addresses configured on the system. That's not the what you need to do if you only want IPv4. You need to set ai_family to AF_INET in the hints structure before making the call. IF you specify -4 on the ntpd command line, that's what we do when fetching IP addresses from the name server. There's no magic here, it just works. Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
On 11/19/2013 1:01 PM, Brian Utterback wrote: On 11/19/2013 12:33 PM, Rick Jones wrote: Danny Mayer ma...@ntp.org wrote: That must have been a short discussion. getaddrinfo() has nothing to do with the IP stack. getaddrinfo()'s job is to get information from the nameservers you specify in resolv.conf or wherever else the OS has that information. Its job is NOT to make decisions about what it should ask for. That's the programmer's job when setting up the API call as to what addresses to ask for. I suspect it all boils down to the behaviour when one sets AI_ADDRCONFIG in the getaddrinfo() call. When that is set, ostensibly getaddrinfo() is supposed to filter-out any reponses that are of a type that cannot be used by the application. The decision made was if there were no non-loopback-interface IPv6 addresses configured, records would not be returned from the getaddrinfo() call. Similarly for A recorecords if there were no IPv4 addresses configured on the system. Later, when interfaces started getting auto-configured, local scope IPv6 addresses, there was a call to change that to be don't return IPv6 addresses unless there is a better-than-local-scope IPv6 address assigned. Started causing me all manner of pain in netperf :( Not sure where that stands now in the Linux world. rick jones Yes, that was the issue. Further complicating it was what do you return if you have no IPv6 interfaces and you set AI_ADDRCONFIG and you pass in a literal IPv6 address. The problem is that getaddrinfo replaces both gethostbyname and inet_aton, each of which you might expect to have different results in that case. We had people citing two RFC's and the ipng working group mailing list. Great fun. I think you mean inet_ntoa. As I already said you should be setting the ai_family in the hints structure and you want to have it only a particular type of address. If you want to pass an IP address you should be setting AI_NUMERICHOST in ai_flags of the hint structure. Note that inet_ntoa does not perform a lookup. It's just a formatter. Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
On 11/19/2013 11:36 AM, Rick Jones wrote: Harlan Stenn st...@ntp.org wrote: You might want: interface ignore all interface listen 127.0.0.1 # if you want localhost ntpq to work interface listen a.b.c.d # enumerate the IPs you want to use Thanks. I take it then that wildcard charaters in matching on interface names aren't a go :) My further complication is these systems get their IPs via DHCP (I should have listed that in the first place, sorry) and some are bonded and some are not bonded, but the component names of the interfaces in the bond(s) are the same namespace as when they are not bonded. For example I may have systems with a bond0 using eth2 and eth3 and some systems just using eth2. I *may* though be able to split the config files between such systems - that remains to be determined and if not is, arguably a failing at my end. You can specify 14.15.16.0/24 for example to specify an address on a particular subnet. Does that help? Wildcard - that is listening on INADDR_ANY basically? Yes. But it should be used with caution and only if necessary. Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
On 11/19/2013 1:50 PM, Danny Mayer wrote: On 11/19/2013 11:36 AM, Rick Jones wrote: Harlan Stenn st...@ntp.org wrote: You might want: interface ignore all interface listen 127.0.0.1 # if you want localhost ntpq to work interface listen a.b.c.d # enumerate the IPs you want to use Thanks. I take it then that wildcard charaters in matching on interface names aren't a go :) My further complication is these systems get their IPs via DHCP (I should have listed that in the first place, sorry) and some are bonded and some are not bonded, but the component names of the interfaces in the bond(s) are the same namespace as when they are not bonded. For example I may have systems with a bond0 using eth2 and eth3 and some systems just using eth2. I *may* though be able to split the config files between such systems - that remains to be determined and if not is, arguably a failing at my end. You can specify 14.15.16.0/24 for example to specify an address on a particular subnet. Does that help? I didn't answer your original question. Try here: https://support.ntp.org/bin/view/Dev/ListenOn Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
Danny Mayer ma...@ntp.org wrote: That's not the what you need to do if you only want IPv4. You need to set ai_family to AF_INET in the hints structure before making the call. IF you specify -4 on the ntpd command line, that's what we do when fetching IP addresses from the name server. There's no magic here, it just works. Probably drifting even farther, but that wasn't the issue so much behind getaddrinfo()'s altered behaviour. It was that applications, which were ambidextrous (could do either v4 or v6), started getting IPv6 addresses, but for which there was not actual IPv6 connectivity. Getting the global IPv6 address(es) for mumble.fadTLD when all one had were link-scope IPv6 addresses and no through connectivity. If those happened to be earlier in the list, the application could end-up waiting for the connection timeout before proceeding to the next ones. It wasn't that the application didn't want an IPv6 address so much as it wanted only addresses there was a (perceived to be) reasonable chance of success reaching. People waiting on the application(s) were impatient, and so pushed (perhaps transitively through the applciation developers) to have getaddrinfo() AI_ADDRCONFIG only return IPv6 addresses when there was something other than link-scope IPv6 addresses assigned to the system. While IPv6 is supposed to (?) eliminate NAT, I suspect there are still cases with link-scope addresses that go through NAT, which means that heuristic/expedient of don't give IPv6 unless there is better-than-link-scope configured may not really be such a good one. Where it all stands today wrt the various getaddrinfo() implementations, I'm not entirely sure. rick jones -- The glass is neither half-empty nor half-full. The glass has a leak. The real question is Can it be patched? these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH... ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
Brian Utterback brian.utterb...@oracle.com wrote: On 11/19/2013 12:33 PM, Rick Jones wrote: Later, when interfaces started getting auto-configured, local scope IPv6 addresses, there was a call to change that to be don't return IPv6 addresses unless there is a better-than-local-scope IPv6 address assigned. Started causing me all manner of pain in netperf :( Not sure where that stands now in the Linux world. rick jones Yes, that was the issue. Further complicating it was what do you return if you have no IPv6 interfaces and you set AI_ADDRCONFIG and you pass in a literal IPv6 address. The problem is that getaddrinfo replaces both gethostbyname and inet_aton, each of which you might expect to have different results in that case. We had people citing two RFC's and the ipng working group mailing list. Great fun. That passing-in a literal IPv6 address is precisely where I first started noticing problems with netperf. For ages (in Internet Time at least) it just worked even when all I had were local-scope (link-scope?) IPv6 addresses configured. Then someone made a libc change and life became Quite Unpleasant (tm). rick jones -- I don't interest myself in why. I think more often in terms of when, sometimes where; always how much. - Joubert these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH... ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
Danny Mayer ma...@pdmconsulting.net wrote: You can specify 14.15.16.0/24 for example to specify an address on a particular subnet. Does that help? It might. I'll speak with some of the operations people and ask them. I didn't answer your original question. Try here: https://support.ntp.org/bin/view/Dev/ListenOn Thanks. For what it is worth, Firefox (25.0 via Ubuntu) seems to be displeased with the certificate(s) there. Under Technical Details it gives: support.ntp.org uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer) I went ahead and added an exception, but thought I'd pass that along. rick jones -- the road to hell is paved with business decisions... these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH... ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
On 11/19/2013 2:47 PM, Rick Jones wrote: Brian Utterback brian.utterb...@oracle.com wrote: On 11/19/2013 12:33 PM, Rick Jones wrote: Later, when interfaces started getting auto-configured, local scope IPv6 addresses, there was a call to change that to be don't return IPv6 addresses unless there is a better-than-local-scope IPv6 address assigned. Started causing me all manner of pain in netperf :( Not sure where that stands now in the Linux world. rick jones Yes, that was the issue. Further complicating it was what do you return if you have no IPv6 interfaces and you set AI_ADDRCONFIG and you pass in a literal IPv6 address. The problem is that getaddrinfo replaces both gethostbyname and inet_aton, each of which you might expect to have different results in that case. We had people citing two RFC's and the ipng working group mailing list. Great fun. That passing-in a literal IPv6 address is precisely where I first started noticing problems with netperf. For ages (in Internet Time at least) it just worked even when all I had were local-scope (link-scope?) IPv6 addresses configured. Then someone made a libc change and life became Quite Unpleasant (tm). You should not be using literal IP addresses of either flavor without also setting the AI_NUMERICHOST flag otherwise it tries to do a DNS lookup. That's poorly written code otherwise. Danny ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
Danny Mayer ma...@ntp.org wrote: On 11/19/2013 2:47 PM, Rick Jones wrote: That passing-in a literal IPv6 address is precisely where I first started noticing problems with netperf. For ages (in Internet Time at least) it just worked even when all I had were local-scope (link-scope?) IPv6 addresses configured. Then someone made a libc change and life became Quite Unpleasant (tm). You should not be using literal IP addresses of either flavor without also setting the AI_NUMERICHOST flag otherwise it tries to do a DNS lookup. That's poorly written code otherwise. I guess I was spoiled by gethostbyname()? I'll not contest whether netperf contains poorly written code - it has plenty :) but I'll point-out that looking at the Linux manpage for getaddrinfo() I get the impression it is a suggestion rather than a requirement: node specifies either a numerical network address (for IPv4, numbers-and-dots notation as supported by inet_aton(3); for IPv6, hexadecimal string format as supported by inet_pton(3)), or a network hostname, whose network addresses are looked up and resolved. If hints.ai_flags contains the AI_NUMERICHOST flag then node must be a numerical network address. The AI_NUMERICHOST flag suppresses any potentially lengthy network host address lookups. I parse that as If AI_NUMEICHOST then must be addr rather than If addr, must be AI_NUMERICHOST. rick -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 19/11/13 09:06, Brian Inglis wrote: On 2013-11-19 00:55, David Woolley wrote: On 19/11/13 06:05, xiaoniao112...@gmail.com wrote: But I have a question,how can I set this value,I just use it in a LAN to Synchonize the time in the LAN.So is that a stand-alone clients and servers.If it is ,which command should I use to change this value in LINUX OS. In /etc/ntpd.conf, or whatever your OS calls that file. Note that ntpd was not really designed for use without a reference clock. ...at the top of the network time hierarchy: stratum 1. It was designed for use with local and remote network time servers at all lower stratum levels; evident in the default control settings. It was designed for use with local secondary servers (and physically local reference clock driven ones). As I understand it, though, the local clock driver was first introduced as a mechanism for distributing time introduced from a stratum 0 source but bypassing ntpd and going direct to the OS. Use as a don't invalidate the downstream time hack, I think, came later. The most important thing, though, is there should be only one ultimate source of time for any ntpd network. Having two free running candidates is a recipe for disaster. If you are careful, you can do so, but it is easy to create configurations that behave badly. ...and hard to create good configurations without reading and understanding the docs, sometimes the code, and possibly also the book. But no-one does; they just use the cookbook solutions in the packages. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] how did ntp service set the maxallowphaseoffset
On 19/11/13 08:41, Brian Inglis wrote: Someone else asked: what are you trying to do by changing this parameter? The defaults have been set based on running and simulating different control algorithms, settings, and scenarios. This is important. Most people who try to change these settings really have a problem that needs solving outside of ntpd and should be asking how to solve that problem. zhe jian shi hen zhongyao. Da bufen zheme zuo de ren you yi ge mei you guanxi de NTP de wenti. tamen yinggai wen zenme xiu hao ta zhengshi de wenti. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
Rick Jones writes: Harlan Stenn st...@ntp.org wrote: You might want: interface ignore all interface listen 127.0.0.1 # if you want localhost ntpq to work interface listen a.b.c.d # enumerate the IPs you want to use Thanks. I take it then that wildcard charaters in matching on interface names aren't a go :) Not yet, as best as I can recall. My further complication is these systems get their IPs via DHCP (I should have listed that in the first place, sorry) and some are bonded and some are not bonded, but the component names of the interfaces in the bond(s) are the same namespace as when they are not bonded. For example I may have systems with a bond0 using eth2 and eth3 and some systems just using eth2. I *may* though be able to split the config files between such systems - that remains to be determined and if not is, arguably a failing at my end. How much info that NTP would care about would come from DHCP? Wildcard - that is listening on INADDR_ANY basically? I'll give that a qualified yes, because I haven't looked at the code in a long time and this may be a place where there is an exception. H ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
Danny Mayer writes: I didn't answer your original question. Try here: https://support.ntp.org/bin/view/Dev/ListenOn I don't believe listen-on is implemented that way - we're using the interface directive instead, and we haven't implemented query-on yet. H ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
Rick Jones writes: Thanks. For what it is worth, Firefox (25.0 via Ubuntu) seems to be displeased with the certificate(s) there. Under Technical Details it gives: support.ntp.org uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer) I went ahead and added an exception, but thought I'd pass that along. We use certificates generated and signed by CAcert.org . Their class 1 and class 3 certificates are not included by default in many places yet. You probably just need to install these certificates: https://www.cacert.org/index.php?id=3 I thought there was a note to this effect on the website but I'm not finding that now. H ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Pool returns IPv6 address to IPv4 query
On 11/19/2013 3:40 PM, Danny Mayer wrote: You should not be using literal IP addresses of either flavor without also setting the AI_NUMERICHOST flag otherwise it tries to do a DNS lookup. That's poorly written code otherwise. Danny Not so. The getaddrinfo function will recognize literal addresses and merely convert them. The point is that for something like ssh or any other network utility, the user is supposed to give a hostname, but in virtually all cases you can give a literal address and the application does not have to treat it differently. If you read the ipng mailing list, you will see that they were trying to make the whole process of writing a network application simpler, with getaddrinfo doing the heavy lifting for all of the major cases. At the same time they were trying to allow applications to work on either IPv4 or IPv6 systems without changing them, or dual stack or any combination. But no matter what they did there were edge cases that needed to work differently. Brian Utterback ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
Re: [ntp:questions] Is there something with greater detail on interface besides the manpage?
Harlan Stenn wrote: How much info that NTP would care about would come from DHCP? option 42 ntp-servers ntp.conf.dhcp ? -- E-Mail Sent to this address blackl...@anitech-systems.com will be added to the BlackLists. ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions