Re: [ntp:questions] quirky adjtimex behaviour
Dean, Dean S. Messing wrote: I am seeing strange behaviour on my _x86_64 Fedora 7 desktop workstation with regard to the system-cmos time that `adjtimex' reports. I've not read your whole post; it's clear that you've been wrestling with this problem for a while and have done quite a bit of work already. Can I however suggest that you first try and eliminate CPU frequency scaling as a cause of the symptoms you're seeing: use cpufreq-set -g to select a policy that results in a constant CPU frequency and then check if this changes the behaviour (or renders it more predictable). HTH. Jan ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Seeking net time Response without Active Directory
Glenn, my native language is German, not English, so maybe I have misunderstood your original post. Martin, Danny, and Ryan, thank you for the suggestions. The punchclock software we use is pcEntry by Paychex. Below are some points that my original post overlooked. 1. We do have Windows servers; but our workstations, a combo of (a) Win2000 with no firewall, (b) WinXP with the Windows Firewall and an exception for 'File and Print Sharing,' and (c) a couple Vista boxes, are not receiving a reply to net time. It had been my understanding that to receive a reply to net time required on a domain controller, and we don't have any of them. So your puchclock boxes are all native Windows machines. On Windows 2000 or newer, w32time is installed by default. If your workstations were domain members then they would automatically detect their domain controller as time source, and synchronize to it. Since you don't have a domain, all the machines be configured by default to get their time from time.windows.com in very large intervals only. I'm not sure whether w32time is even started automatically on W2k if that machine is not a domain member. Anyway, using net time to synchronize the clock is obsolete if either w32time or NTP for Windows can be used. What may be causing some misunderstanding here is that net time commands may also be used to configure w32time, e.g. net time /setsntp:.. configures the time source to which w32time should send its (S)NTP queries. As Danny has already mentioned, installing ntpd can solve these problems. The current version also supports an unattended installation which simplifies installation with a predefined configuration on a large number of machines. 2. Our servers get the time from ntp sources, but it's my understanding that being ntp-aware isn't enough to cause a Windows workstation to receive a reply when they issue a net time query. 3. I did not know that if we enable samba on our Linux server we could have our 'net time' requests replied to. I'll try to figure out how to do that. See above, you won't need net time 4. The reason we need to continually synchronize our devices during the day to a reliable time source is because we have devices with internal clocks that drift +/- quite a bit during a workday. The people with the fast clocks wave 'goodbye' to those with the slow clocks as they head out the door; the people with the slow clocks grunt and blame the network administrator. A hundred or so workstations are involved; so various registry tweeks to increase the frequency of the Internet Time' in Control Panel 'Date and Time' would be too much of a headache. This is exactly what NTP tries to fix as good as possible under Windows. 5. If we get net time to work, then all local stations (punchclocks) should the same time, effectively locking down the time used for punches. That would be good because someone was fired here a few years ago for advancing their clock by an hour or so, punching out and leaving. We do not want to offer that temptation. If you run NTP for Windows here then the times should be synchronized to a couple of milliseconds. Of course it's a good idea disable time to be changed by the normal users, as Danny has suggested. Martin -- Martin Burnicki Meinberg Funkuhren Bad Pyrmont Germany ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Leap second bug?
Spoon wrote: Spoon wrote: ntpd kicked my clock forward one second on January 1 at 00:19:38 UTC. [...] I also noticed that, the day before, the STA_INS (insert leap second) had been set and reset several times. [...] Could this be a leap year bug? or did I just lose connectivity at the wrong time and it's just a coincidence? I don't think it's a leap year bug since NTP and the UTC system clock do only deal with seconds after an epoche. The leap year thing comes into effect only when those seconds are converted to human-readable calendar date. Lost connectivity could not be the reason. Ntpd only passes leap second announcement on if it has received such announcement - from an upstream server - from a reference clock - from the NIST leap seconds file Ntpd can not receive a leap second announcement from an upstream server if the upstream server is not reachable. A potential reason could be a bug in ntpd, in which case we had to look at the source code of the exact version of ntpd, which is [EMAIL PROTECTED] according to the ntpq output below. Since the billboard does not display a tai value I assume a NIST leap second file is not involved here. # ntpq -crv assID=0 status=06f4 leap_none, sync_ntp, 15 events, event_peer/strat_chg, version=ntpd [EMAIL PROTECTED] Fri Mar 16 10:45:43 UTC 2007 (1), processor=i686, system=Linux/2.6.22.1-rt9, leap=00, stratum=3, precision=-20, rootdelay=30.293, rootdispersion=50.341, peer=39672, refid=145.238.203.10, reftime=cb262893.e5d244fd Wed, Jan 2 2008 15:13:23.897, poll=8, clock=cb262c3b.dbe5d3de Wed, Jan 2 2008 15:28:59.858, state=4, offset=0.081, frequency=-6.758, jitter=0.525, noise=0.521, stability=0.001 Would someone care to venture their best guess as to what caused ntpd to step the system clock forward in the above scenario? This could also be due to a firmware bug in a GPS receiver. There have been such occasions before (not with Meinberg receivers ;-). Dave, wouldn't it be a good idea to implement a log message indicating by which means a leap second announcement has been received? So this could be traced back to the originally faulty time source. Martin -- Martin Burnicki Meinberg Funkuhren Bad Pyrmont Germany ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Lep seconds
Unruh wrote: [...] You could just set up ntp to add 33 sec to its time, and you would have atomic time. ... until the next leap second occurs. Martin -- Martin Burnicki Meinberg Funkuhren Bad Pyrmont Germany ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Seeking net time Response without Active Directory
On Wed, 02 Jan 2008 20:02:05 -0800, gcatlin wrote: We use a pc punchclock that relies on the net time command. We are a netware/linux shop and use an ntp time source, however, we do not use Active Directory. So far have been unable to make the punchclock work. Is there any way we can respond with the time when the punchclock requests net time? Any assistance would be appreciated. Glenn in NJ What version of Winblows is it? Does net help time mention /setsntp? If it does: net time /setsntp:192.168.0.1 192.168.0.2 192.168.0.3 Choice of appropriate ntp servers is left as an exercise for the OP. -- 2008/01/04:11:56:36UTC Slackware Linux 2.4.32 up 32 days, 2:29, 6 users, load average: 2.43, 2.45, 2.30 ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] NTP Dictionary
Rod, Don't get me started. If you are really ancient, you can cite the naughty color code bad boys... and if from dinosaur era you know the significance of the swinging-choke song Dance with me Henry. Gawd, does anybody even know what a swinging choke is? As I said, con't get me started... Dave Rod Dorman wrote: In article [EMAIL PROTECTED], David L. Mills [EMAIL PROTECTED] wrote: Same time I changed in step with common electrical engineering practice from capacitator to capacitor, yea from megacycle to megahertz. Yeah but a megahertz crossing the wheatstone bridge just isn't as funny. ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Leap second bug?
Martin Burnicki wrote: Spoon wrote: ntpd kicked my clock forward one second on January 1 at 00:19:38 UTC. [...] I also noticed that, the day before, the STA_INS (insert leap second) had been set and reset several times. [...] Could this be a leap year bug? or did I just lose connectivity at the wrong time and it's just a coincidence? I don't think it's a leap year bug since NTP and the UTC system clock do only deal with seconds after an epoche. The leap year thing comes into effect only when those seconds are converted to human-readable calendar date. Doh! I meant to write leap second, not leap year. ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Lep seconds
Mark, Details on how leapseconds are handled are in the NTP leapseconds executive summary on the NTP Project Page linked from www.ntp.org. The return code from ntp-gettime() reveals when a leap second is or is not in progress. In the intended model, ctime or equivalant should notice this an map 0 to 60 for the second second. At the end of this second the ASCII seconds number will resume from 0. So far as I know, nobody has ever implemented that. Dave Mark Newman wrote: Unruh - thanks for responding. You are the only one who did. I certainly did not mean to disparage NTP time. I have spec'ed that it be used on our system. Where I run into problems is when a leap second occurs. According to everything I've read when NTP signals the operating system that the second is occurring it also outputs time. It uses the POSIX standard method - duplicate a second (or in some cases stretch the last second). This causes confusion when a time sample is taken before the leap second and one during the leap second. The UTC standard (which only addresses ascii time representations) actually counts the second 0..60 rather than 0..59. At this point I am obligated to use UTC and NTP. Tht missing second is causing me to get a lot of heat. Does anyone know of a way to get NTP to count the leap second rather than to delete it? Or am I missing the point. I don't want to step on anyones toes but I am getting a lot of heat over using a POSIX compliant ntp re leap seconds. The 1 second error inserted can cause a lot of trouble. Exactly what heat are you getting and what trouble is it causing you? Perhaps if you tell us the problem rather than your solution, we could come up with a solution. I now that the Olsen mod changes most Unix/Linux time processing to handle the leap second in a theoretically correct manner rather than being POSIX I have no idea what a theoretically correct manner is. The Posix IS a theoretically correct manner. compliant. Is there a similar mod for NTP. I am hoping that there is a mod that will cause NTP to supply theoretical UTC (even if it is not ascci). NTP DOES supply both theoretical and practical UTC. I think what you are worried about is that you want your system to provide something like TIA-- Atomic time-- which has no leap seconds. I believe the Olsen mods have your system clock run on atomic time and then use the leapsecond file and the zoneinfo file for your region to translate that to your local time. You could just set up ntp to add 33 sec to its time, and you would have atomic time. Mark ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] time delta between clients
[EMAIL PROTECTED] (Kevin Oberman) writes: [...] Netperf is not really the best way to go. The appropriate tool for one-way latency is OWAMP. http://e2epi.internet2.edu/owamp/ I think you missed the point: AFAIK, Rick is the author of netperf ;-) [...] Ulrich ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Lep seconds
Martin, In the current development code when the kernel does not implement a leap function, the clock is stepped near the leap epoch. Here, near means within one second early or late and yes, this can be considered pinball behavior. This should probably be an option. Dave Martin Burnicki wrote: Mark, Mark Newman wrote: Unruh - thanks for responding. You are the only one who did. I certainly did not mean to disparage NTP time. I have spec'ed that it be used on our system. Where I run into problems is when a leap second occurs. According to everything I've read when NTP signals the operating system that the second is occurring it also outputs time. It uses the POSIX standard method - duplicate a second (or in some cases stretch the last second). This causes confusion when a time sample is taken before the leap second and one during the leap second. The UTC standard (which only addresses ascii time representations) actually counts the second 0..60 rather than 0..59. If you normalize the time with second 60 then you see there _is_ a duplicate time stamp. This is because a leap second _is_ a inconsistency of time. At this point I am obligated to use UTC and NTP. On most Unix-like kernels NTP just passes a leap second announcement to the OS kernel, and the kernel handles the leap second in the way it is implemented in the kernel. For details, please see http://www.meinberg.de/english/info/leap-second.htm Martin ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Leap second bug?
Spoon wrote: Spoon wrote: ntpd kicked my clock forward one second on January 1 at 00:19:38 UTC. (My ntp.conf lists 12 servers. Delays range from 28 to 48 ms.) Dec 31 23:25:39 offset 0.000329 sec freq -6.715 ppm error 0.000333 poll 8 Dec 31 23:28:39 offset 0.000329 sec freq -6.715 ppm error 0.000340 poll 8 Dec 31 23:31:39 offset 0.000329 sec freq -6.715 ppm error 0.000424 poll 8 Dec 31 23:34:39 offset 0.000403 sec freq -6.714 ppm error 0.000493 poll 8 Dec 31 23:37:39 offset 0.000270 sec freq -6.714 ppm error 0.000348 poll 8 Dec 31 23:40:39 offset 0.000270 sec freq -6.714 ppm error 0.000337 poll 8 Dec 31 23:43:39 offset 0.000268 sec freq -6.714 ppm error 0.000327 poll 8 Dec 31 23:46:39 offset 0.000268 sec freq -6.714 ppm error 0.000381 poll 8 Dec 31 23:49:39 offset 0.000268 sec freq -6.714 ppm error 0.000446 poll 8 Dec 31 23:52:39 offset 0.000268 sec freq -6.714 ppm error 0.000446 poll 8 Dec 31 23:55:39 offset 0.000268 sec freq -6.714 ppm error 0.000334 poll 8 Dec 31 23:58:39 offset 0.000268 sec freq -6.714 ppm error 0.000317 poll 8 Jan 1 00:01:38 offset 0.000268 sec freq -6.714 ppm error 0.000318 poll 8 Jan 1 00:04:38 offset 0.000268 sec freq -6.714 ppm error 0.447285 poll 8 Jan 1 00:06:47 synchronized to A, stratum 2 Jan 1 00:07:38 offset -0.001068 sec freq -6.720 ppm error 0.632509 poll 8 Jan 1 00:10:38 offset -0.001068 sec freq -6.720 ppm error 0.632509 poll 8 Jan 1 00:13:38 offset -0.001068 sec freq -6.720 ppm error 0.774695 poll 8 Jan 1 00:15:39 synchronized to H, stratum 1 Jan 1 00:16:38 offset -0.001068 sec freq -6.720 ppm error 0.632382 poll 8 + Jan 1 00:19:38 time reset +0.999402 s + Jan 1 00:19:38 system event 'event_clock_reset' (0x05) status 'sync_alarm, sync_unspec, 15 events, event_peer/strat_chg' (0xc0f4) Jan 1 00:19:38 system event 'event_peer/strat_chg' (0x04) status 'sync_alarm, sync_unspec, 15 events, event_clock_reset' (0xc0f5) Jan 1 00:19:39 offset 0.00 sec freq -6.720 ppm error 0.447203 poll 4 Jan 1 00:19:54 peer A event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:19:55 peer B event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:19:59 peer C event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:04 peer D event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:07 peer E event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:08 peer F event 'event_reach' (0x84) status 'unreach, conf, 4 events, event_reach' (0x8044) Jan 1 00:20:14 peer G event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:18 peer H event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:24 peer I event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:26 peer J event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:28 peer K event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:39 peer L event 'event_reach' (0x84) status 'unreach, conf, 4 events, event_reach' (0x8044) Jan 1 00:20:55 synchronized to A, stratum 2 Jan 1 00:20:55 system event 'event_sync_chg' (0x03) status 'leap_none, sync_ntp, 15 events, event_peer/strat_chg' (0x6f4) Jan 1 00:20:55 system event 'event_peer/strat_chg' (0x04) status 'leap_none, sync_ntp, 15 events, event_sync_chg' (0x6f3) Jan 1 00:21:22 synchronized to H, stratum 1 I also noticed that, the day before, the STA_INS (insert leap second) had been set and reset several times. Dec 31 00:14:30 kernel time sync status change 0011 Dec 31 00:27:21 kernel time sync status change 0001 Dec 31 03:19:46 kernel time sync status change 0011 Dec 31 03:52:30 kernel time sync status change 0001 Dec 31 04:09:33 kernel time sync status change 0011 Dec 31 04:35:11 kernel time sync status change 0001 Dec 31 07:26:03 kernel time sync status change 0011 Dec 31 07:47:28 kernel time sync status change 0001 Dec 31 10:00:51 kernel time sync status change 0011 Dec 31 10:17:01 kernel time sync status change 0001 (Apparently, the bit was not set when 2007 ended.) Could this be a leap year bug? or did I just lose connectivity at the wrong time and it's just a coincidence? # ntpq -crv assID=0 status=06f4 leap_none, sync_ntp, 15 events, event_peer/strat_chg, version=ntpd [EMAIL PROTECTED] Fri Mar 16 10:45:43 UTC 2007 (1), processor=i686, system=Linux/2.6.22.1-rt9, leap=00, stratum=3, precision=-20, rootdelay=30.293, rootdispersion=50.341, peer=39672, refid=145.238.203.10, reftime=cb262893.e5d244fd Wed, Jan 2 2008 15:13:23.897, poll=8, clock=cb262c3b.dbe5d3de Wed, Jan 2 2008 15:28:59.858, state=4, offset=0.081, frequency=-6.758, jitter=0.525, noise=0.521, stability=0.001
Re: [ntp:questions] Leap second bug?
Spoon, Assuming your incident was the beginnin of this year, no leap was schedule nor should have been advertisec by any of your servers. The current code, which you might not be using, takes a vote of the leap indicators in all servers and requires a clear majority before scheduling a leap. Maybe some of your friends lied. The intended behavior if the servers do correctly signal a leap and the kernel is unaware of that, is that the step interval will be exceeded for about 15 minutes and then the time will be stepped. During that interval your clock will appear one second slow relative to the server that has correctly inserted a second. There will be no slew, onlly the step. The fact that your time showed otherwise suggests either the step has been disabled or something else comes unstuck. Our clocks here showed no such behavior as yours. Dave Spoon wrote: Spoon wrote: ntpd kicked my clock forward one second on January 1 at 00:19:38 UTC. (My ntp.conf lists 12 servers. Delays range from 28 to 48 ms.) Dec 31 23:25:39 offset 0.000329 sec freq -6.715 ppm error 0.000333 poll 8 Dec 31 23:28:39 offset 0.000329 sec freq -6.715 ppm error 0.000340 poll 8 Dec 31 23:31:39 offset 0.000329 sec freq -6.715 ppm error 0.000424 poll 8 Dec 31 23:34:39 offset 0.000403 sec freq -6.714 ppm error 0.000493 poll 8 Dec 31 23:37:39 offset 0.000270 sec freq -6.714 ppm error 0.000348 poll 8 Dec 31 23:40:39 offset 0.000270 sec freq -6.714 ppm error 0.000337 poll 8 Dec 31 23:43:39 offset 0.000268 sec freq -6.714 ppm error 0.000327 poll 8 Dec 31 23:46:39 offset 0.000268 sec freq -6.714 ppm error 0.000381 poll 8 Dec 31 23:49:39 offset 0.000268 sec freq -6.714 ppm error 0.000446 poll 8 Dec 31 23:52:39 offset 0.000268 sec freq -6.714 ppm error 0.000446 poll 8 Dec 31 23:55:39 offset 0.000268 sec freq -6.714 ppm error 0.000334 poll 8 Dec 31 23:58:39 offset 0.000268 sec freq -6.714 ppm error 0.000317 poll 8 Jan 1 00:01:38 offset 0.000268 sec freq -6.714 ppm error 0.000318 poll 8 Jan 1 00:04:38 offset 0.000268 sec freq -6.714 ppm error 0.447285 poll 8 Jan 1 00:06:47 synchronized to A, stratum 2 Jan 1 00:07:38 offset -0.001068 sec freq -6.720 ppm error 0.632509 poll 8 Jan 1 00:10:38 offset -0.001068 sec freq -6.720 ppm error 0.632509 poll 8 Jan 1 00:13:38 offset -0.001068 sec freq -6.720 ppm error 0.774695 poll 8 Jan 1 00:15:39 synchronized to H, stratum 1 Jan 1 00:16:38 offset -0.001068 sec freq -6.720 ppm error 0.632382 poll 8 + Jan 1 00:19:38 time reset +0.999402 s + Jan 1 00:19:38 system event 'event_clock_reset' (0x05) status 'sync_alarm, sync_unspec, 15 events, event_peer/strat_chg' (0xc0f4) Jan 1 00:19:38 system event 'event_peer/strat_chg' (0x04) status 'sync_alarm, sync_unspec, 15 events, event_clock_reset' (0xc0f5) Jan 1 00:19:39 offset 0.00 sec freq -6.720 ppm error 0.447203 poll 4 Jan 1 00:19:54 peer A event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:19:55 peer B event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:19:59 peer C event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:04 peer D event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:07 peer E event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:08 peer F event 'event_reach' (0x84) status 'unreach, conf, 4 events, event_reach' (0x8044) Jan 1 00:20:14 peer G event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:18 peer H event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:24 peer I event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:26 peer J event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:28 peer K event 'event_reach' (0x84) status 'unreach, conf, 2 events, event_reach' (0x8024) Jan 1 00:20:39 peer L event 'event_reach' (0x84) status 'unreach, conf, 4 events, event_reach' (0x8044) Jan 1 00:20:55 synchronized to A, stratum 2 Jan 1 00:20:55 system event 'event_sync_chg' (0x03) status 'leap_none, sync_ntp, 15 events, event_peer/strat_chg' (0x6f4) Jan 1 00:20:55 system event 'event_peer/strat_chg' (0x04) status 'leap_none, sync_ntp, 15 events, event_sync_chg' (0x6f3) Jan 1 00:21:22 synchronized to H, stratum 1 I also noticed that, the day before, the STA_INS (insert leap second) had been set and reset several times. Dec 31 00:14:30 kernel time sync status change 0011 Dec 31 00:27:21 kernel time sync status change 0001 Dec 31 03:19:46 kernel time sync status change 0011 Dec 31 03:52:30 kernel time sync status change 0001 Dec 31 04:09:33 kernel time sync status change 0011 Dec 31 04:35:11 kernel time sync status change 0001 Dec 31 07:26:03 kernel time sync
Re: [ntp:questions] Autokey Certificate Update
Danny, Good point; I agree. For experiment I parked the public group key for pogo.udel.edu in the lists of public time servers. Next step is to figure how to do that with the pool scheme. Dave Danny Mayer wrote: Steve Kostecke wrote: IFF Group Keys may also be distributed via a web-form. My implementation of one is at http://support.ntp.org/crypto.php; it distributes IFF keys for that system. IF YOU ARE USING THE CURRENT NTP-DEV ... It is no longer necessary to provide the client password when exporting the IFF Group Key. This means that the IFF Group Key may be treated like a PGP/GPG Public Key and made available for download, or distributed, via insecure channels. In that case it makes a good candidate to add to the DHCP options to distribute this key. Danny ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Autokey Certificate Update
On 2008-01-04, David L. Mills [EMAIL PROTECTED] wrote: Good point; I agree. For experiment I parked the public group key for pogo.udel.edu in the lists of public time servers. Next step is to figure how to do that with the pool scheme. Another potential use for 123/TCP ? -- Steve Kostecke [EMAIL PROTECTED] NTP Public Services Project - http://support.ntp.org/ ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] time delta between clients
Ulrich Windl [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] (Kevin Oberman) writes: [...] Netperf is not really the best way to go. The appropriate tool for one-way latency is OWAMP. http://e2epi.internet2.edu/owamp/ I think you missed the point: AFAIK, Rick is the author of netperf ;-) S! It's a secret!-) rick jones about to hit-up management for aproval to buy a GPS-18 for some experiments, unless someone knows of a better device... -- The glass is neither half-empty nor half-full. The glass has a leak. The real question is Can it be patched? these opinions are mine, all mine; HP might not want them anyway... :) feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH... ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Lep seconds
Martin Burnicki [EMAIL PROTECTED] writes: Mark, Mark Newman wrote: Unruh - thanks for responding. You are the only one who did. I certainly did not mean to disparage NTP time. I have spec'ed that it be used on our system. Where I run into problems is when a leap second occurs. According to everything I've read when NTP signals the operating system that the second is occurring it also outputs time. It uses the POSIX standard method - duplicate a second (or in some cases stretch the last second). This causes confusion when a time sample is taken before the leap second and one during the leap second. The UTC standard (which only addresses ascii time representations) actually counts the second 0..60 rather than 0..59. If you normalize the time with second 60 then you see there _is_ a duplicate time stamp. This is because a leap second _is_ a inconsistency of time. No there is not. Just like a leap year is not an inconsistancy of time. It is not inconsistant to add a leap second. It may be a pain for some purposes (eg if you are an astronomer), but then so areleap years, and I do not hear for a great push that we go onto say lunar time, for which each year is exactly the same. At this point I am obligated to use UTC and NTP. On most Unix-like kernels NTP just passes a leap second announcement to the OS kernel, and the kernel handles the leap second in the way it is implemented in the kernel. For details, please see http://www.meinberg.de/english/info/leap-second.htm ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
[ntp:questions] precision in a driver
Hi, The precision-field set by a driver, what should one set there? If a clock gives ms values, -10? Or is it the real quality of the time-source? Like: maybe that on average the source has a quality of 10ms. Folkert van Heusden -- Multitail est un outil permettant la visualisation de fichiers de journalisation et/ou le suivi de l'exécution de commandes. Filtrage, mise en couleur de mot-clé, fusions, visualisation de différences (diff-view), etc. http://www.vanheusden.com/multitail/ -- Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Autokey Certificate Update
On 2008-01-04, Danny Mayer [EMAIL PROTECTED] wrote: Steve Kostecke wrote: On 2008-01-04, David L. Mills [EMAIL PROTECTED] wrote: Good point; I agree. For experiment I parked the public group key for pogo.udel.edu in the lists of public time servers. Next step is to figure how to do that with the pool scheme. Another potential use for 123/TCP ? How large is the key file? The largest one I see locally is 511 bytes. -- Steve Kostecke [EMAIL PROTECTED] NTP Public Services Project - http://support.ntp.org/ ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] precision in a driver
Folkert van Heusden wrote: Hi, The precision-field set by a driver, what should one set there? If a clock gives ms values, -10? Or is it the real quality of the time-source? Like: maybe that on average the source has a quality of 10ms. Folkert van Heusden The precision is the smallest possible difference between two consecutive requests for the time! It's specified as a negative power of two. ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] The smallest possible ntpd, unoptimized
Pierre, You might have better luck using the normal -O flags and figuring out which math routines are needed, and then seeing if you can find some .s files that will implement them. Also, configure CCFLAGS='-O whatever' may be useful. -- Harlan Stenn [EMAIL PROTECTED] http://ntpforum.isc.org - be a member! ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Autokey Certificate Update
Steve, You are correct; the new certificate is not used until after restarting the daemon. When restarted the next upstratum a client automatically restart the protocol (not the daemon). They all get well shortly after sending the next poll. As this happens the client finds a more recent certificate and replaces the old one. However, the next upstratum clients after that doesn't see this, since the certificate cache is still valid, even if it contains an old certificate and the just regenerated self-signed nontrusted certificate is not on the trail. It is still best practices to refresh the certificates sometime during the hear, but it is also best practices to restart the machine at that time. Right in the development version I have just put in a gimmick that remobilizes each client association once per week. If cetificates are refreshed maybe once every month or two, the changes should trickle upstratum at that rate, so only the machine with regenerated certificate needs to be restarted.. Dave Steve wrote: Hi, The advice on the Autokey configuration page, http://support.ntp.org/bin/view/Support/ConfiguringAutokey is to update the server and client key/certificate monthly since the cert is only good for 1 year. When I run the cert update commands provided on the link above, a new cert and link is generated and Autokey NTP continues to run fine. However, it does not appear that NTP actually uses the new cert until it is restarted. I determined this by examining the output of the ntpq -c rv 0 cert command also provided in the link above. I want to know if the new cert is used only after a restart because otherwise we might think the certs are being updated only to find NTP Autokey broken 1 year later when the cert in use expires. So is the real procedure to update the cert then restart NTP on a periodic basis? Any way to tell NTP to pickup the new cert without restarting the daemon? In a separate (hopefully) issue, I only can get Autokey to work when the password I use in ntp.conf and the ntp-keygen commands are identical for the client and server; however the link above implies there are (or can be) 2 distinct password, namely the clientpassword and serverpassword. I am using IFF and use ntp-keygen -T -I -p serverpassword on the server and use ntp-keygen -H -p clientpassword on the client. I ftp the IFF parameters file from the server to the client and install it as indicated in the link above. I suspect my issue might be with the following statement from the link: You must export an IFF Group Key for each client using that client's password. I am not sure what is meant by this and did not do this step...I just ftped the IFF file to the client. I really appreciate the help...and sorry for the double question. Steve ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] precision in a driver
Richard B. Gilbert [EMAIL PROTECTED] writes: Folkert van Heusden wrote: Hi, The precision-field set by a driver, what should one set there? If a clock gives ms values, -10? Or is it the real quality of the time-source? Like: maybe that on average the source has a quality of 10ms. Folkert van Heusden The precision is the smallest possible difference between two consecutive requests for the time! It's specified as a negative power of two. On most systems now adays it is of the order of microseconds (-19 or -20) ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] ntp documentation
Unruh wrote: Where is there ntp documentation? For example I wanted to have ntp write out the statistics on its peers etc. I looked everywhere-- man page of ntp, ntp.conf, etc, and finally discovered by looking at the source that there seem to be a huge bunch of undocumented options. Or are they documented somewhere in that filing cabinette down some broken steps in a flooded basement, behind a door labeled Beware of Tigers You can find links to the official NTP documentation along with other information here: http://www.ntp.org/documentation.html The official NTP docs are in html format only. -- Dennis Hilberg, Jr. timekeeper(at)dennishilberg(dot)com NTP Server Information: http://saturn.dennishilberg.com/ntp.php ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] ntp documentation
Unruh wrote: Where is there ntp documentation? For example I wanted to have ntp write out the statistics on its peers etc. I looked everywhere-- man page of ntp, ntp.conf, etc, and finally discovered by looking at the source that there seem to be a huge bunch of undocumented options. Or are they documented somewhere in that filing cabinette down some broken steps in a flooded basement, behind a door labeled Beware of Tigers You'll find the secret staircase at ntp.org. The humidity may be a little high in the basement but it's not actually wet. ;-) This snippet from my ntp.conf might help: logfile /var/ntp/ntp.log statsdir /var/ntp/ntpstats/ statistics peerstats clockstats filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] ntp documentation
On 2008-01-04, Unruh [EMAIL PROTECTED] wrote: Where is there ntp documentation? For example I wanted to have ntp write out the statistics on its peers etc. I looked everywhere-- man page of ntp, ntp.conf, etc, and finally discovered by looking at the source that there seem to be a huge bunch of undocumented options. Or are they documented somewhere in that filing cabinette down some broken The Distribution Documentation for the current development version of the NTP Reference Implementation is at http://www.eecis.udel.edu/~mills/ntp/html/index.html. This documentation is regularly updated to reflect the feature set in the current development version and may not be correct for older, or stable, versions of NTP. Links to this documentation are at: * http://www.ntp.org/documentation.html * http://support.ntp.org/docs Please refer to those URLs for links to other NTP-related documentation. The Distribution Documentation snap-shot for any release of the NTP Reference Implementataion will be found in the html directory in the source tree. The NTP FAQ is available at http://www.ntp.org/ntpfaq/NTP-a-faq.htm Community Supported Documentation for the NTP Reference Implementation may be found at http://support.ntp.org/support Your OS may include man pages for NTP. Please keep in mind that these man pages are a third-party conversion from the Distribution Documentation and may not be correct or up-to-date. Your OS may have installed NTP documentation in /usr/doc or /usr/share/doc or some similar location. -- Steve Kostecke [EMAIL PROTECTED] NTP Public Services Project - http://support.ntp.org/ ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] precision in a driver
Unruh wrote: Richard B. Gilbert [EMAIL PROTECTED] writes: Folkert van Heusden wrote: Hi, The precision-field set by a driver, what should one set there? If a clock gives ms values, -10? Or is it the real quality of the time-source? Like: maybe that on average the source has a quality of 10ms. Folkert van Heusden The precision is the smallest possible difference between two consecutive requests for the time! It's specified as a negative power of two. On most systems now adays it is of the order of microseconds (-19 or -20) My Sun Solaris boxes report -21. Measure with micrometer, mark with chalk, cut with axe! ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] The smallest possible ntpd, unoptimized
Replying to message [EMAIL PROTECTED] Date: Fri, 04 Jan 2008 20:32:50 + From: Harlan Stenn [EMAIL PROTECTED] Newsgroups: comp.protocols.time.ntp Subject: Re: The smallest possible ntpd, unoptimized Pierre, You might have better luck using the normal -O flags and figuring out which math routines are needed, and then seeing if you can find some .s files that will implement them. Also, configure CCFLAGS='-O whatever' may be useful. Thanks for the advice, Harlan. It's working fine now. For reference, I used the following command: ./configure --disable-all-clocks --disable-debug CFLAGS='-O0' The resulting ntpd was 351897 bytes, which suits me fine. It seems -O0 is needed, at least for building the daemon, on NetBSD-i386 on a 486SX. Case closed for me. -- Pierre Dubuc [EMAIL PROTECTED] ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] ntp documentation
Richard B. Gilbert [EMAIL PROTECTED] writes: Unruh wrote: Where is there ntp documentation? For example I wanted to have ntp write out the statistics on its peers etc. I looked everywhere-- man page of ntp, ntp.conf, etc, and finally discovered by looking at the source that there seem to be a huge bunch of undocumented options. Or are they documented somewhere in that filing cabinette down some broken steps in a flooded basement, behind a door labeled Beware of Tigers You'll find the secret staircase at ntp.org. The humidity may be a little high in the basement but it's not actually wet. ;-) This snippet from my ntp.conf might help: logfile /var/ntp/ntp.log statsdir /var/ntp/ntpstats/ statistics peerstats clockstats filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable But where did you find those options? for example I finally did statistics peerstats and the system set up a daily and total couple of files in /var/log/ntp ( my statsdir) What does filegen do and mean? Do I need it? I should have some docs where I can easily find that. Does it exist? ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] NTP Dictionary
Rod, Well, I reveal the dirty secret to my students on the condition they never reveal it came from me. As for the swinging choke, I explain the magnetic principles of its operation and I get a dumb stare. Dave Rod Dorman wrote: In article [EMAIL PROTECTED], David L. Mills [EMAIL PROTECTED] wrote: Don't get me started. If you are really ancient, you can cite the naughty color code bad boys... and if from dinosaur era you know the significance of the swinging-choke song Dance with me Henry. You can tag me as really ancient then :-) Is that no longer being taught? What took its place? ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] ntp documentation
Unruh wrote: Richard B. Gilbert [EMAIL PROTECTED] writes: Unruh wrote: Where is there ntp documentation? For example I wanted to have ntp write out the statistics on its peers etc. I looked everywhere-- man page of ntp, ntp.conf, etc, and finally discovered by looking at the source that there seem to be a huge bunch of undocumented options. Or are they documented somewhere in that filing cabinette down some broken steps in a flooded basement, behind a door labeled Beware of Tigers You'll find the secret staircase at ntp.org. The humidity may be a little high in the basement but it's not actually wet. ;-) This snippet from my ntp.conf might help: logfile /var/ntp/ntp.log statsdir /var/ntp/ntpstats/ statistics peerstats clockstats filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable But where did you find those options? for example I finally did statistics peerstats and the system set up a daily and total couple of files in /var/log/ntp ( my statsdir) What does filegen do and mean? Do I need it? I should have some docs where I can easily find that. Does it exist? filegen creates a new file daily or weekly or monthly. . . . These files can eat many megabytes of disk space if you let them. If you're not prepared to analyze and summarize all the data, do yourself a favor and skip creating the files. The tools to do so are included in the ntpd distribution but you do have to find them, and use them and then clean up the obsolete files. . . . ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] time delta between clients
Rick, Apparently, OWAMP uses NTP timestamps, but the article assumes there is a difference between NTP time and system time. Statistically, NTP time is an unbiased estimator of UTC and system time is a lowpass version of it. The offsets you might consider NTP time represent statistical uncertanty of that estimate and should not be used as system time. Now for one-way delay calculations, which I can't find in the article. In cases of severe one-way congestion, which might be the objective, see the NTP huff-n'-puff filter, which is designed to prize this out. As for swish and sway due to congestion, Chapter 6 of das Buch has a really interesting example of a path from here to East Asia with awesome one-way congestion. Huff-n'-puff sliced through it like butter. It could be that the statistical methods used by huff-n'-puff be useful if exported to other applications. Theoretically, you can't measure one-way propagation times unless you have some other measure such as bit rate. The first experiments to measure this was done 30 years ago using the ARPAnet and had some success. The code measures the data rate by launching packets of varying size and measuring the differential delays. I recently tried the same thing in my earlier experiments using the NTP daemon ntpd, but wasn't thrilled with the results. For the experiment to work right the network should satisfy what is called the Kleinrock Assumption, and my dinkly ISDN line to campus fails that assumption. Nevertheless, the code is in the ntp-dev version, but currently disabled. Dave Rick Jones wrote: Ulrich Windl [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] (Kevin Oberman) writes: [...] Netperf is not really the best way to go. The appropriate tool for one-way latency is OWAMP. http://e2epi.internet2.edu/owamp/ I think you missed the point: AFAIK, Rick is the author of netperf ;-) S! It's a secret!-) rick jones about to hit-up management for aproval to buy a GPS-18 for some experiments, unless someone knows of a better device... ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] Autokey Certificate Update
Danny, 400-600 octest for most files, 7500 octets for the MV trustaed agent file, but that contains parameters for 15 keys. Dave Danny Mayer wrote: Steve Kostecke wrote: On 2008-01-04, David L. Mills [EMAIL PROTECTED] wrote: Good point; I agree. For experiment I parked the public group key for pogo.udel.edu in the lists of public time servers. Next step is to figure how to do that with the pool scheme. Another potential use for 123/TCP ? How large is the key file? Danny ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions
Re: [ntp:questions] quirky adjtimex behaviour
Hi Jan, all. Jan Ceuleers wrote: Dean S. Messing wrote: I am seeing strange behaviour on my _x86_64 Fedora 7 desktop workstation with regard to the system-cmos time that `adjtimex' reports. I've not read your whole post; it's clear that you've been wrestling with this problem for a while and have done quite a bit of work already. Well, I've done what I can but I'm really no expert on this stuff. That's why I wrote to this list, which seems to be populated by _many_ very knowledgeable people. Can I however suggest that you first try and eliminate CPU frequency scaling as a cause of the symptoms you're seeing: use cpufreq-set -g to select a policy that results in a constant CPU frequency and then check if this changes the behaviour (or renders it more predictable). I installed the cpufreq-utils package. The result of `cpufreq-info' is: [EMAIL PROTECTED] ~]# cpufreq-info cpufrequtils 002: cpufreq-info (C) Dominik Brodowski 2004-2006 Report errors and bugs to [EMAIL PROTECTED], please. analyzing CPU 0: no or unknown cpufreq driver is active on this CPU analyzing CPU 1: no or unknown cpufreq driver is active on this CPU analyzing CPU 2: no or unknown cpufreq driver is active on this CPU analyzing CPU 3: no or unknown cpufreq driver is active on this CPU Also /sys/devices/system/cpu/cpu{0,1,2,3}/cpufreq/ does not exist on this system. I don't know much about cpufreq adjustments. Should I be looking elsewhere? Note that this is a desktop workstation. Will the cpufreq (actually there are four CPUs in two dual-core units) change on such a machine? If you or others wouldn't mind reading my whole original post (it's not _that_ long :-) maybe some other ideas might occur. Thanks. ___ questions mailing list questions@lists.ntp.org https://lists.ntp.org/mailman/listinfo/questions