Update the mdoc NTP documentation transcribed from the HTML documentation
for ntp-4.1.0. Unfortunately, David Mills insists on managing the documentation in such a way as to make it impossible for me to make things easy on our translators, without printing out the documentation and reading through it side-by-side with a finger on each page.
This commit is contained in:
parent
9df3f33935
commit
f3277e826c
|
@ -0,0 +1,206 @@
|
|||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd August 2, 2001
|
||||
.Dt NTP_GENKEYS 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm ntp-genkeys
|
||||
.Nd generate public and private keys
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl dfhlnt
|
||||
.Op Fl c Ar conffile
|
||||
.Op Fl g Ar target
|
||||
.Op Fl k Ar keyfile
|
||||
.Sh DESCRIPTION
|
||||
This program generates random keys used by either or both the
|
||||
NTPv3/NTPv4 symmetric key or the NTPv4 public key (Autokey)
|
||||
cryptographic authentication schemes.
|
||||
.Pp
|
||||
The following options are available:
|
||||
.Bl -tag -width indent
|
||||
.It Fl c Ar conffile
|
||||
Location of
|
||||
.Xr ntp.conf 8
|
||||
file.
|
||||
.It Fl d
|
||||
enable debug messages (can be used multiple times)
|
||||
.It Fl f
|
||||
force installation of generated keys.
|
||||
.It Fl g target
|
||||
Generate file or files indicated by the characters in the
|
||||
.Ar target
|
||||
string:
|
||||
.Bl -tag -width X
|
||||
.It Li d
|
||||
Generate D-H parameter file.
|
||||
.It Li m
|
||||
Generate MD5 key file.
|
||||
.It Li r
|
||||
Generate RSA keys.
|
||||
.El
|
||||
.It Fl h
|
||||
Build keys here (current directory).
|
||||
Implies
|
||||
.Fl l .
|
||||
.It Fl k Ar keyfile
|
||||
Location of key file.
|
||||
.It Fl l
|
||||
Do not make the symlinks.
|
||||
.It Fl n
|
||||
Do not actually do anything, just say what would be done.
|
||||
.It Fl t
|
||||
Trash the (old) files at the end of symlink.
|
||||
.El
|
||||
.Pp
|
||||
By default the program
|
||||
generates the
|
||||
.Xr ntp.keys 5
|
||||
file containing 16 random symmetric
|
||||
keys.
|
||||
In addition, if the
|
||||
rsaref20
|
||||
package is configured
|
||||
for the software build, the program generates cryptographic values
|
||||
used by the Autokey scheme.
|
||||
These values are incorporated as a set
|
||||
of three files,
|
||||
.Pa ntpkey
|
||||
containing the RSA private key,
|
||||
.Pa ntpkey_ Ns Ar host
|
||||
containing the RSA public key, where
|
||||
.Ar host
|
||||
is the DNS name of the generating machine, and
|
||||
.Pa ntpkey_dh
|
||||
containing the parameters for the Diffie-Hellman
|
||||
key-agreement algorithm.
|
||||
All files and are in printable ASCII
|
||||
format.
|
||||
A timestamp in NTP seconds is appended to each.
|
||||
Since the
|
||||
algorithms are seeded by the system clock, each run of this program
|
||||
produces a different file and file name.
|
||||
.Pp
|
||||
The
|
||||
.Xr ntp.keys 5
|
||||
file contains 16 MD5 keys.
|
||||
Each key
|
||||
consists of 16 characters randomized over the ASCII 95-character
|
||||
printing subset.
|
||||
The file is read by the daemon at the location
|
||||
specified by the
|
||||
.Ic keys
|
||||
configuration file command and made
|
||||
visible only to root.
|
||||
An additional key consisting of a easily
|
||||
remembered password should be added by hand for use with the
|
||||
.Xr ntpq 8
|
||||
and
|
||||
.Xr ntpdc 8
|
||||
programs.
|
||||
The file must be
|
||||
distributed by secure means to other servers and clients sharing
|
||||
the same security compartment.
|
||||
While the key identifiers for MD5
|
||||
and DES keys must be in the range 1-65534, inclusive, the
|
||||
.Nm
|
||||
program uses only the identifiers from 1 to
|
||||
16.
|
||||
The key identifier for each association is specified as the key
|
||||
argument in the
|
||||
.Ic server
|
||||
or
|
||||
.Ic peer
|
||||
configuration file command.
|
||||
.Pp
|
||||
The
|
||||
.Pa ntpkey
|
||||
file contains the RSA private key.
|
||||
It is
|
||||
read by the daemon at the location specified by the
|
||||
.Ar privatekey
|
||||
argument of the
|
||||
.Ic crypto
|
||||
configuration
|
||||
file command and made visible only to root.
|
||||
This file is useful
|
||||
only to the machine that generated it and never shared with any
|
||||
other daemon or application program.
|
||||
.Pp
|
||||
The
|
||||
.Pa ntpkey_ Ns Ar host
|
||||
file contains the RSA public
|
||||
key, where
|
||||
.Ar host
|
||||
is the DNS name of the host that
|
||||
generated it.
|
||||
The file is read by the daemon at the location
|
||||
specified by the
|
||||
.Ar publickey
|
||||
argument to the
|
||||
.Ic server
|
||||
or
|
||||
.Ic peer
|
||||
configuration file command.
|
||||
This file can be
|
||||
widely distributed and stored without using secure means, since the
|
||||
data are public values.
|
||||
.Pp
|
||||
The
|
||||
.Pa ntp_dh
|
||||
file contains two Diffie-Hellman parameters:
|
||||
the prime modulus and the generator.
|
||||
The file is read by the daemon
|
||||
at the location specified by the
|
||||
.Ar dhparams
|
||||
argument of the
|
||||
.Ic crypto
|
||||
configuration file command.
|
||||
The file can be
|
||||
distributed by insecure means to other servers and clients sharing
|
||||
the same key agreement compartment, since the data are public
|
||||
values.
|
||||
.Pp
|
||||
The file formats begin with two lines, the first containing the
|
||||
generating system DNS name and the second the datestamp.
|
||||
Lines
|
||||
beginning with
|
||||
.Ql #
|
||||
are considered comments and ignored by
|
||||
the daemon.
|
||||
In the
|
||||
.Xr ntp.keys 5
|
||||
file, the next 16 lines
|
||||
contain the MD5 keys in order.
|
||||
If necessary, this file can be
|
||||
further customized by an ordinary text editor.
|
||||
The format is
|
||||
described in the following section.
|
||||
In the
|
||||
.Pa ntpkey
|
||||
and
|
||||
.Pa ntpkey_ Ns Ar host
|
||||
files, the next line contains the
|
||||
modulus length in bits followed by the key as a PEM encoded string.
|
||||
In the
|
||||
.Pa ntpkey_dh
|
||||
file, the next line contains the prime
|
||||
length in bytes followed by the prime as a PEM encoded string, and
|
||||
the next and final line contains the generator length in bytes
|
||||
followed by the generator as a PEM encoded string.
|
||||
.Pp
|
||||
Note: See the file
|
||||
.Pa ./source/rsaref.h
|
||||
in the
|
||||
rsaref20
|
||||
package for explanation of return values, if
|
||||
necessary.
|
||||
.Sh SEE ALSO
|
||||
.Xr ntp.keys 5 ,
|
||||
.Xr ntpdc 8 ,
|
||||
.Xr ntpq 8
|
||||
.Sh BUGS
|
||||
It can take quite a while to generate the RSA public/private key
|
||||
pair and Diffie-Hellman parameters, from a few seconds on a modern
|
||||
workstation to several minutes on older machines.
|
File diff suppressed because it is too large
Load Diff
|
@ -35,8 +35,9 @@ may be arbitrarily set in the keys file.
|
|||
The key file uses the same comment conventions
|
||||
as the configuration file.
|
||||
Key entries use a fixed format of the form
|
||||
.Pp
|
||||
.Dl keyno type key
|
||||
.Bd -ragged -offset indent
|
||||
.Ar keyno Ar type Ar key
|
||||
.Ed
|
||||
.Pp
|
||||
where
|
||||
.Ar keyno
|
||||
|
@ -53,51 +54,41 @@ may be given in one of three different formats,
|
|||
controlled by the
|
||||
.Ar type
|
||||
character.
|
||||
The three key types, and corresponding formats,
|
||||
The four key types, and corresponding formats,
|
||||
are listed following.
|
||||
.Bl -tag -width indent
|
||||
.It S
|
||||
The
|
||||
.Ar key
|
||||
is a 64-bit hexadecimal number in the format
|
||||
.Bl -tag -width X
|
||||
.It Li S
|
||||
The key is a 64-bit hexadecimal number in the format
|
||||
specified in the DES specification;
|
||||
that is, the high order seven bits of each octet are used
|
||||
to form the 56-bit key
|
||||
while the low order bit of each octet is given a value
|
||||
such that odd parity is maintained for the octet.
|
||||
Leading zeroes must be specified
|
||||
(i.e. the key must be exactly 16 hex digits long)
|
||||
(i.e., the key must be exactly 16 hex digits long)
|
||||
and odd parity must be maintained.
|
||||
Hence a zero
|
||||
.Ar key ,
|
||||
in standard format, would be given as
|
||||
.Li 0101010101010101 .
|
||||
.It N
|
||||
The
|
||||
.Ar key
|
||||
is a 64-bit hexadecimal number in the format
|
||||
Hence a zero key, in standard format, would be given as
|
||||
.Ql 0101010101010101 .
|
||||
.It Li N
|
||||
The key is a 64-bit hexadecimal number in the format
|
||||
specified in the NTP standard.
|
||||
This is the same as the DES format,
|
||||
except the bits in each octet have been rotated one bit right
|
||||
so that the parity bit is now the high order bit of the octet.
|
||||
Leading zeroes must be specified and odd parity must be maintained.
|
||||
A zero
|
||||
.Ar key
|
||||
in NTP format would be specified as
|
||||
.Li 8080808080808080 .
|
||||
.It A
|
||||
The
|
||||
.Ar key
|
||||
is a 1-to-8 character ASCII string.
|
||||
A zero key in NTP format would be specified as
|
||||
.Ql 8080808080808080 .
|
||||
.It Li A
|
||||
The key is a 1-to-8 character ASCII string.
|
||||
A key is formed from this by using the low order 7 bits
|
||||
of each ASCII character in the string,
|
||||
with zeroes added on the right
|
||||
when necessary to form a full width 56-bit key,
|
||||
in the same way that encryption keys are formed from Unix passwords.
|
||||
.It M
|
||||
The
|
||||
.Ar key
|
||||
is a 1-to-8 character ASCII string,
|
||||
in the same way that encryption keys are formed from
|
||||
.Ux
|
||||
passwords.
|
||||
.It Li M
|
||||
The key is a 1-to-8 character ASCII string,
|
||||
using the MD5 authentication scheme.
|
||||
Note that both the keys and the authentication schemes (DES or MD5)
|
||||
must be identical between a set of peers sharing the same key number.
|
||||
|
@ -120,10 +111,6 @@ the default name of the configuration file
|
|||
.Xr ntpd 8 ,
|
||||
.Xr ntpdate 8 ,
|
||||
.Xr ntpdc 8
|
||||
.Sh HISTORY
|
||||
Written by
|
||||
.An David Mills
|
||||
at the University of Delaware.
|
||||
.Sh BUGS
|
||||
.Xr ntpd 8
|
||||
has gotten rather fat.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd January 10, 2000
|
||||
.Dd August 2, 2001
|
||||
.Dt NTPD 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -9,94 +9,88 @@
|
|||
.Nd Network Time Protocol (NTP) daemon
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl aAbdgmx
|
||||
.Op Fl aAbdgLmnPqx
|
||||
.Op Fl c Ar conffile
|
||||
.Op Fl D Ar level
|
||||
.Op Fl f Ar driftfile
|
||||
.Op Fl k Ar keyfile
|
||||
.Op Fl l Ar logfile
|
||||
.Op Fl N Cm high
|
||||
.Op Fl p Ar pidfile
|
||||
.Op Fl r Ar broadcastdelay
|
||||
.Op Fl s Ar statsdir
|
||||
.Op Fl t Ar trustedkey
|
||||
.Op Fl t Ar key
|
||||
.Op Fl v Ar variable
|
||||
.Op Fl V Ar variable
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
is an operating system daemon
|
||||
which sets and maintains the system time-of-day
|
||||
in synchronism with Internet standard time servers.
|
||||
.Nm
|
||||
is a complete implementation of the Network Time Protocol (NTP)
|
||||
version 4,
|
||||
but also retains compatibility with version 3,
|
||||
as defined by RFC 1305,
|
||||
and version 1 and 2,
|
||||
as defined by RFC 1059 and RFC 1119,
|
||||
respectively.
|
||||
.Nm
|
||||
does most computations in 64-bit floating point arithmetic
|
||||
and does relatively clumsy 64-bit fixed point operations
|
||||
only when necessary to preserve the ultimate precision,
|
||||
about 232 picoseconds.
|
||||
While the ultimate precision is not achievable
|
||||
with ordinary workstations and networks of today,
|
||||
it may be required with future nanosecond CPU clocks and gigabit LANs.
|
||||
program is an operating system daemon which sets
|
||||
and maintains the system time of day in synchronism with Internet
|
||||
standard time servers.
|
||||
It is a complete implementation of the
|
||||
Network Time Protocol (NTP) version 4, but also retains
|
||||
compatibility with version 3, as defined by RFC-1305, and version 1
|
||||
and 2, as defined by RFC-1059 and RFC-1119, respectively.
|
||||
.Pp
|
||||
The daemon can operate in any of several modes,
|
||||
including symmetric active/passive,
|
||||
client/server broadcast/multicast and manycast.
|
||||
A broadcast/multicast or manycast client can discover remote servers,
|
||||
compute server-client propagation delay correction factors
|
||||
and configure itself automatically.
|
||||
This makes it possible to deploy a fleet of workstations
|
||||
without specifying configuration details
|
||||
specific to the local environment.
|
||||
.Nm
|
||||
does most computations in 64-bit floating point
|
||||
arithmetic and does relatively clumsy 64-bit fixed point operations
|
||||
only when necessary to preserve the ultimate precision, about 232
|
||||
picoseconds.
|
||||
While the ultimate precision, is not achievable with
|
||||
ordinary workstations and networks of today, it may be required
|
||||
with future gigahertz CPU clocks and gigabit LANs.
|
||||
.Pp
|
||||
Ordinarily,
|
||||
.Nm
|
||||
reads the
|
||||
.Xr ntp.conf 5
|
||||
configuration file at startup time
|
||||
in order to determine the synchronization sources and operating modes.
|
||||
It is also possible to specify a working, although limited,
|
||||
configuration entirely on the command line,
|
||||
obviating the need for a configuration file.
|
||||
This may be particularly appropriate
|
||||
when the local host is to be configured
|
||||
as a broadcast/multicast client or manycast client,
|
||||
with all peers being determined
|
||||
by listening to broadcasts at run time.
|
||||
configuration file at startup time in order to determine the
|
||||
synchronization sources and operating modes.
|
||||
It is also possible to
|
||||
specify a working, although limited, configuration entirely on the
|
||||
command line, obviating the need for a configuration file.
|
||||
This may
|
||||
be particularly useful when the local host is to be configured as a
|
||||
broadcast/multicast client, with all peers being determined by
|
||||
listening to broadcasts at run time.
|
||||
.Pp
|
||||
If NetInfo support is built into
|
||||
.Nm ,
|
||||
then
|
||||
.Nm
|
||||
will attempt to read its configuration from the NetInfo
|
||||
if the default configuration file cannot be read
|
||||
and no file is specified by the
|
||||
will attempt to read its configuration from the
|
||||
NetInfo if the default
|
||||
.Xr ntp.conf 5
|
||||
file cannot be read and no file is
|
||||
specified by the
|
||||
.Fl c
|
||||
option.
|
||||
.Pp
|
||||
Various
|
||||
internal
|
||||
Various internal
|
||||
.Nm
|
||||
variables can be displayed and configuration options altered
|
||||
while the daemon is running
|
||||
through use of the
|
||||
variables can be displayed and
|
||||
configuration options altered while the
|
||||
.Nm
|
||||
is running
|
||||
using the
|
||||
.Xr ntpq 8
|
||||
and
|
||||
.Xr ntpdc 8
|
||||
programs.
|
||||
utility programs.
|
||||
.Pp
|
||||
When
|
||||
.Nm
|
||||
starts it looks at the value of
|
||||
.Xr umask 2
|
||||
and if it is zero,
|
||||
.Xr umask 2 ,
|
||||
and if zero
|
||||
.Nm
|
||||
will set it to 022.
|
||||
will set the
|
||||
.Xr umask 2
|
||||
to 022.
|
||||
.Pp
|
||||
The following command line options are available:
|
||||
The following options are available:
|
||||
.Bl -tag -width indent
|
||||
.It Fl a
|
||||
Enable authentication mode (default).
|
||||
|
@ -106,6 +100,8 @@ Disable authentication mode.
|
|||
Synchronize using NTP broadcast messages.
|
||||
.It Fl c Ar conffile
|
||||
Specify the name and path of the configuration file.
|
||||
(Disable
|
||||
netinfo?)
|
||||
.It Fl d
|
||||
Specify debugging mode.
|
||||
This flag may occur multiple times,
|
||||
|
@ -115,33 +111,69 @@ Specify debugging level directly.
|
|||
.It Fl f Ar driftfile
|
||||
Specify the name and path of the drift file.
|
||||
.It Fl g
|
||||
Normally, the daemon exits
|
||||
if the offset exceeds a 1000 s sanity limit.
|
||||
This option overrides this limit
|
||||
and allows the time to be set to any value without restriction;
|
||||
however, this can happen only once.
|
||||
Normally,
|
||||
.Nm
|
||||
exits if the offset exceeds the sanity
|
||||
limit, which is 1000 s by default.
|
||||
If the sanity limit is set to
|
||||
zero, no sanity checking is performed and any offset is acceptable.
|
||||
This option overrides the limit and allows the time to be set to
|
||||
any value without restriction; however, this can happen only once.
|
||||
After that,
|
||||
the daemon will exit if the limit is exceeded.
|
||||
.Nm
|
||||
will exit if the limit is exceeded.
|
||||
This
|
||||
option can be used with the
|
||||
.Fl q
|
||||
option.
|
||||
.It Fl k Ar keyfile
|
||||
Specify the name and path of the file
|
||||
containing the NTP authentication keys.
|
||||
Specify the name and path of the file containing the NTP
|
||||
authentication keys.
|
||||
.It Fl l Ar logfile
|
||||
Specify the name and path of the log file.
|
||||
The default is the system log facility.
|
||||
The default is the
|
||||
system log facility.
|
||||
.It Fl L
|
||||
Listen to virtual IPs.
|
||||
.It Fl m
|
||||
Synchronize using NTP multicast messages
|
||||
on the IP multicast group address 224.0.1.1
|
||||
(requires multicast kernel).
|
||||
Synchronize using NTP multicast messages on the IP multicast
|
||||
group address 224.0.1.1 (requires multicast kernel).
|
||||
.It Fl n
|
||||
Don't fork.
|
||||
.It Fl N Ar priority
|
||||
To the extent permitted by the operating system, run the
|
||||
.Nm
|
||||
at a high priority.
|
||||
.It Fl p Ar pidfile
|
||||
Specify the name and path to record the daemon's process ID.
|
||||
Specify the name and path to record the
|
||||
.Nm Ns 's
|
||||
process
|
||||
ID.
|
||||
.It Fl P
|
||||
Override the priority limit set by the operating system.
|
||||
Not recommended for sissies.
|
||||
Not
|
||||
recommended for sissies.
|
||||
.It Fl q
|
||||
Exit the
|
||||
.Nm
|
||||
just after the first time the clock is
|
||||
set.
|
||||
This behavior mimics that of the
|
||||
.Xr ntpdate 8
|
||||
program,
|
||||
which is to be retired.
|
||||
The
|
||||
.Fl g
|
||||
and
|
||||
.Fl x
|
||||
options can
|
||||
be used with this option.
|
||||
.It Fl r Ar broadcastdelay
|
||||
Specify the default propagation delay
|
||||
between the broadcast/multicast server and this computer.
|
||||
Specify the default propagation delay from the
|
||||
broadcast/multicast server and this computer.
|
||||
This is necessary
|
||||
only if the delay cannot be computed automatically by the protocol.
|
||||
only if the delay cannot be computed automatically by the
|
||||
protocol.
|
||||
.It Fl s Ar statsdir
|
||||
Specify the directory path for files created by the statistics
|
||||
facility.
|
||||
|
@ -151,53 +183,360 @@ Add a key number to the trusted key list.
|
|||
.It Fl V Ar variable
|
||||
Add a system variable listed by default.
|
||||
.It Fl x
|
||||
Ordinarily, if the time is to be adjusted more than 128 ms,
|
||||
it is stepped, not gradually slewed.
|
||||
This option forces the time to be slewed in all cases.
|
||||
Note: since the slew rate is limited to 0.5 ms/s,
|
||||
each second of adjustment requires an amortization interval of 2000 s.
|
||||
Thus, an adjustment of many seconds can take hours or days to amortize.
|
||||
Normally, the time is slewed if the offset is less than the
|
||||
step threshold, which is 128 ms by default, and stepped if above
|
||||
the threshold.
|
||||
This option forces the time to be slewed in all
|
||||
cases.
|
||||
If the step threshold is set to zero, all offsets are
|
||||
stepped, regardless of value and regardless of the
|
||||
.Fl x
|
||||
option.
|
||||
In general, this is not a good idea, as it bypasses the
|
||||
clock state machine which is designed to cope with large time and
|
||||
frequency errors Note: Since the slew rate is limited to 0.5 ms/s,
|
||||
each second of adjustment requires an amortization interval of 2000
|
||||
s.
|
||||
Thus, an adjustment of many seconds can take hours or days to
|
||||
amortize.
|
||||
This option can be used with the
|
||||
.Fl q
|
||||
option.
|
||||
.El
|
||||
.Ss Variables
|
||||
Most variables used by the NTP protocol
|
||||
can be examined with
|
||||
.Xr ntpdc 8
|
||||
(mode 7 messages) and
|
||||
.Xr ntpq 8
|
||||
(mode 6 messages).
|
||||
Currently, very few variables can be modified via mode 6 messages.
|
||||
These variables are either created with the
|
||||
.Ic setvar
|
||||
directive
|
||||
(described in the
|
||||
.Qq Miscellaneous Options
|
||||
section of the
|
||||
.Xr ntp.conf 5
|
||||
page)
|
||||
or the leap warning bits.
|
||||
The leap warning bits can be set in the
|
||||
.Va leapwarning
|
||||
variable up to one month ahead.
|
||||
Both the
|
||||
.Va leapwarning
|
||||
and
|
||||
.Va leapindication
|
||||
variables have a slightly different encoding
|
||||
than the usual leap bits interpretation:
|
||||
.Ss "How NTP Operates"
|
||||
The
|
||||
.Nm
|
||||
program operates by exchanging messages with
|
||||
one or more configured servers at designated poll intervals.
|
||||
When
|
||||
started, whether for the first or subsequent times, the program
|
||||
requires several exahanges from the majority of these servers so
|
||||
the signal processing and mitigation algorithms can accumulate and
|
||||
groom the data and set the clock.
|
||||
In order to protect the network
|
||||
from bursts, the initial poll interval for each server is delayed
|
||||
an interval randomized over 0-16s.
|
||||
At the default initial poll
|
||||
interval of 64s, several minutes can elapse before the clock is
|
||||
set.
|
||||
The initial delay to set the clock can be reduced using the
|
||||
.Cm iburst
|
||||
keyword with the
|
||||
.Ic server
|
||||
configuration
|
||||
command, as described in
|
||||
.Xr ntp.conf 5 .
|
||||
.Pp
|
||||
.Bl -tag -width indent -compact
|
||||
.It 00
|
||||
The daemon passes the leap bits of its synchronization source
|
||||
(usual mode of operation).
|
||||
.It 01
|
||||
.It 10
|
||||
A leap second is added/deleted (operator forced leap second).
|
||||
.It 11
|
||||
Leap information from the synchronizations source is ignored
|
||||
(thus
|
||||
.Dv LEAP_NOWARNING
|
||||
is passed on).
|
||||
.El
|
||||
Most operating systems and hardware of today incorporate a
|
||||
time-of-year (TOY) chip to maintain the time during periods when
|
||||
the power is off.
|
||||
When the machine is booted, the chip is used to
|
||||
initialize the operating system time.
|
||||
After the machine has
|
||||
synchronized to a NTP server, the operating system corrects the
|
||||
chip from time to time.
|
||||
In case there is no TOY chip or for some
|
||||
reason its time is more than 1000s from the server time,
|
||||
.Nm
|
||||
assumes something must be terribly wrong and the only
|
||||
reliable action is for the operator to intervene and set the clock
|
||||
by hand.
|
||||
This causes
|
||||
.Nm
|
||||
to exit with a panic message to
|
||||
the system log.
|
||||
The
|
||||
.Fl g
|
||||
option overrides this check and the
|
||||
clock will be set to the server time regardless of the chip time.
|
||||
However, and to protect against broken hardware, such as when the
|
||||
CMOS battery fails or the clock counter becomes defective, once the
|
||||
clock has been set, an error greater than 1000s will cause
|
||||
.Nm
|
||||
to exit anyway.
|
||||
.Pp
|
||||
Under ordinariy conditions,
|
||||
.Nm
|
||||
adjusts the clock in
|
||||
small steps so that the timescale is effectively continuous and
|
||||
without discontinuities.
|
||||
Under conditions of extreme network
|
||||
congestion, the roundtrip delay jitter can exceed three seconds and
|
||||
the synchronization distance, which is equal to one-half the
|
||||
roundtrip delay plus error budget terms, can become very large.
|
||||
The
|
||||
.Nm
|
||||
algorithms discard sample offsets exceeding 128 ms,
|
||||
unless the interval during which no sample offset is less than 128
|
||||
ms exceeds 900s.
|
||||
The first sample after that, no matter what the
|
||||
offset, steps the clock to the indicated time.
|
||||
In practice this
|
||||
reduces the false alarm rate where the clock is stepped in error to
|
||||
a vanishingly low incidence.
|
||||
.Pp
|
||||
As the result of this behavior, once the clock has been set, it
|
||||
very rarely strays more than 128 ms, even under extreme cases of
|
||||
network path congestion and jitter.
|
||||
Sometimes, in particular when
|
||||
.Nm
|
||||
is first started, the error might exceed 128 ms.
|
||||
This
|
||||
may on occasion cause the clock to be set backwards if the local
|
||||
clock time is more than 128 s in the future relative to the server.
|
||||
In some applications, this behavior may be unacceptable.
|
||||
If the
|
||||
.Fl x
|
||||
option is included on the command line, the clock will
|
||||
never be stepped and only slew corrections will be used.
|
||||
.Pp
|
||||
The issues should be carefully explored before deciding to use
|
||||
the
|
||||
.Fl x
|
||||
option.
|
||||
The maximum slew rate possible is limited
|
||||
to 500 parts-per-million (PPM) as a consequence of the correctness
|
||||
principles on which the NTP protocol and algorithm design are
|
||||
based.
|
||||
As a result, the local clock can take a long time to
|
||||
converge to an acceptable offset, about 2,000 s for each second the
|
||||
clock is outside the acceptable range.
|
||||
During this interval the
|
||||
local clock will not be consistent with any other network clock and
|
||||
the system cannot be used for distributed applications that require
|
||||
correctly synchronized network time.
|
||||
.Pp
|
||||
In spite of the above precautions, sometimes when large
|
||||
frequency errors are present the resulting time offsets stray
|
||||
outside the 128-ms range and an eventual step or slew time
|
||||
correction is required.
|
||||
If following such a correction the
|
||||
frequency error is so large that the first sample is outside the
|
||||
acceptable range,
|
||||
.Nm
|
||||
enters the same state as when the
|
||||
.Pa ntp.drift
|
||||
file is not present.
|
||||
The intent of this behavior
|
||||
is to quickly correct the frequency and restore operation to the
|
||||
normal tracking mode.
|
||||
In the most extreme cases
|
||||
(time.ien.it comes to mind), there may be occasional
|
||||
step/slew corrections and subsequent frequency corrections.
|
||||
It
|
||||
helps in these cases to use the
|
||||
.Cm burst
|
||||
keyword when
|
||||
configuring the server.
|
||||
.Ss "Frequency Discipline"
|
||||
The
|
||||
.Nm
|
||||
behavior at startup depends on whether the
|
||||
frequency file, usually
|
||||
.Pa ntp.drift ,
|
||||
exists.
|
||||
This file
|
||||
contains the latest estimate of clock frequency error.
|
||||
When the
|
||||
.Nm
|
||||
is started and the file does not exist, the
|
||||
.Nm
|
||||
enters a special mode designed to quickly adapt to
|
||||
the particular system clock oscillator time and frequency error.
|
||||
This takes approximately 15 minutes, after which the time and
|
||||
frequency are set to nominal values and the
|
||||
.Nm
|
||||
enters
|
||||
normal mode, where the time and frequency are continuously tracked
|
||||
relative to the server.
|
||||
After one hour the frequency file is
|
||||
created and the current frequency offset written to it.
|
||||
When the
|
||||
.Nm
|
||||
is started and the file does exist, the
|
||||
.Nm
|
||||
frequency is initialized from the file and enters normal mode
|
||||
immediately.
|
||||
After that the current frequency offset is written to
|
||||
the file at hourly intervals.
|
||||
.Ss "Operating Modes"
|
||||
.Nm
|
||||
can operate in any of several modes, including
|
||||
symmetric active/passive, client/server broadcast/multicast and
|
||||
manycast, as described in the
|
||||
.Qq Association Management
|
||||
page
|
||||
(available as part of the HTML documentation
|
||||
provided in
|
||||
.Pa /usr/share/doc/ntp ) .
|
||||
It normally operates continuously while
|
||||
monitoring for small changes in frequency and trimming the clock
|
||||
for the ultimate precision.
|
||||
However, it can operate in a one-time
|
||||
mode where the time is set from an external server and frequency is
|
||||
set from a previously recorded frequency file.
|
||||
A
|
||||
broadcast/multicast or manycast client can discover remote servers,
|
||||
compute server-client propagation delay correction factors and
|
||||
configure itself automatically.
|
||||
This makes it possible to deploy a
|
||||
fleet of workstations without specifying configuration details
|
||||
specific to the local environment.
|
||||
.Pp
|
||||
By default,
|
||||
.Nm
|
||||
runs in continuous mode where each of
|
||||
possibly several external servers is polled at intervals determined
|
||||
by an intricate state machine.
|
||||
The state machine measures the
|
||||
incidental roundtrip delay jitter and oscillator frequency wander
|
||||
and determines the best poll interval using a heuristic algorithm.
|
||||
Ordinarily, and in most operating environments, the state machine
|
||||
will start with 64s intervals and eventually increase in steps to
|
||||
1024s.
|
||||
A small amount of random variation is introduced in order to
|
||||
avoid bunching at the servers.
|
||||
In addition, should a server become
|
||||
unreachable for some time, the poll interval is increased in steps
|
||||
to 1024s in order to reduce network overhead.
|
||||
.Pp
|
||||
In some cases it may not be practical for
|
||||
.Nm
|
||||
to run
|
||||
continuously.
|
||||
A common workaround has been to run the
|
||||
.Xr ntpdate 8
|
||||
program from a
|
||||
.Xr cron 8
|
||||
job at designated
|
||||
times.
|
||||
However, this program does not have the crafted signal
|
||||
processing, error checking and mitigation algorithms of
|
||||
.Nm .
|
||||
The
|
||||
.Fl q
|
||||
option is intended for this purpose.
|
||||
Setting this option will cause
|
||||
.Nm
|
||||
to exit just after
|
||||
setting the clock for the first time.
|
||||
The procedure for initially
|
||||
setting the clock is the same as in continuous mode; most
|
||||
applications will probably want to specify the
|
||||
.Cm iburst
|
||||
keyword with the
|
||||
.Ic server
|
||||
configuration command.
|
||||
With this
|
||||
keyword a volley of messages are exchanged to groom the data and
|
||||
the clock is set in about a minute.
|
||||
If nothing is heard after a
|
||||
couple of minutes, the daemon times out and exits.
|
||||
After a suitable
|
||||
period of mourning, the
|
||||
.Xr ntpdate 8
|
||||
program may be
|
||||
retired.
|
||||
.Pp
|
||||
When kernel support is available to discipline the clock
|
||||
frequency, which is the case for stock Solaris, Tru64, Linux and
|
||||
.Fx ,
|
||||
a useful feature is available to discipline the clock
|
||||
frequency.
|
||||
First,
|
||||
.Nm
|
||||
is run in continuous mode with
|
||||
selected servers in order to measure and record the intrinsic clock
|
||||
frequency offset in the frequency file.
|
||||
It may take some hours for
|
||||
the frequency and offset to settle down.
|
||||
Then the
|
||||
.Nm
|
||||
is
|
||||
stopped and run in one-time mode as required.
|
||||
At each startup, the
|
||||
frequency is read from the file and initializes the kernel
|
||||
frequency.
|
||||
.Ss "Poll Interval Control"
|
||||
This version of NTP includes an intricate state machine to
|
||||
reduce the network load while maintaining a quality of
|
||||
synchronization consistent with the observed jitter and wander.
|
||||
There are a number of ways to tailor the operation in order enhance
|
||||
accuracy by reducing the interval or to reduce network overhead by
|
||||
increasing it.
|
||||
However, the user is advised to carefully consider
|
||||
the consequenses of changing the poll adjustment range from the
|
||||
default minimum of 64 s to the default maximum of 1,024 s.
|
||||
The
|
||||
default minimum can be changed with the
|
||||
.Ic tinker
|
||||
.Cm minpoll
|
||||
command to a value not less than 16 s.
|
||||
This value is used for all
|
||||
configured associations, unless overriden by the
|
||||
.Cm minpoll
|
||||
option on the configuration command.
|
||||
Note that most device drivers
|
||||
will not operate properly if the poll interval is less than 64 s
|
||||
and that the broadcast server and manycast client associations will
|
||||
also use the default, unless overriden.
|
||||
.Pp
|
||||
In some cases involving dial up or toll services, it may be
|
||||
useful to increase the minimum interval to a few tens of minutes
|
||||
and maximum interval to a day or so.
|
||||
Under normal operation
|
||||
conditions, once the clock discipline loop has stabilized the
|
||||
interval will be increased in steps from the minumum to the
|
||||
maximum.
|
||||
However, this assumes the intrinsic clock frequency error
|
||||
is small enough for the discipline loop correct it.
|
||||
The capture
|
||||
range of the loop is 500 PPM at an interval of 64s decreasing by a
|
||||
factor of two for each doubling of interval.
|
||||
At a minimum of 1,024
|
||||
s, for example, the capture range is only 31 PPM.
|
||||
If the intrinsic
|
||||
error is greater than this, the drift file
|
||||
.Pa ntp.drift
|
||||
will
|
||||
have to be specially tailored to reduce the residual error below
|
||||
this limit.
|
||||
Once this is done, the drift file is automatically
|
||||
updated once per hour and is available to initialize the frequency
|
||||
on subsequent daemon restarts.
|
||||
.Ss "The huff-n'-puff filter"
|
||||
In scenarios where a considerable amount of data are to be
|
||||
downloaded or uploaded over telephone modems, timekeeping quality
|
||||
can be seriously degraded.
|
||||
This occurs because the differential
|
||||
delays on the two directions of transmission can be quite large.
|
||||
In
|
||||
many cases the apparent time errors are so large as to exceed the
|
||||
step threshold and a step correction can occur during and after the
|
||||
data transfer is in progress.
|
||||
.Pp
|
||||
The huff-n'-puff filter is designed to correct the apparent time
|
||||
offset in these cases.
|
||||
It depends on knowledge of the propagation
|
||||
delay when no other traffic is present.
|
||||
In common scenarios this
|
||||
occurs during other than work hours.
|
||||
The filter maintains a shift
|
||||
register that remembers the minimum delay over the most recent
|
||||
interval measured usually in hours.
|
||||
Under conditions of severe
|
||||
delay, the filter corrects the apparent offset using the sign of
|
||||
the offset and the difference between the apparent delay and
|
||||
minimum delay.
|
||||
The name of the filter reflects the negative (huff)
|
||||
and positive (puff) correction, which depends on the sign of the
|
||||
offset.
|
||||
.Pp
|
||||
The filter is activated by the
|
||||
.Ic tinker command and
|
||||
.Cm huffpuff
|
||||
keyword, as described in
|
||||
.Xr ntp.conf 5 .
|
||||
.Sh FILES
|
||||
.Bl -tag -width /etc/ntp.drift -compact
|
||||
.It Pa /etc/ntp.conf
|
||||
|
@ -234,18 +573,13 @@ A snapshot of this documentation is available in HTML format in
|
|||
.%T Network Time Protocol (Version 3)
|
||||
.%O RFC1305
|
||||
.Re
|
||||
.Sh HISTORY
|
||||
Written by
|
||||
.An Dennis Ferguson
|
||||
at the University of Toronto.
|
||||
Text amended by
|
||||
.An David Mills
|
||||
at the University of Delaware.
|
||||
.Sh BUGS
|
||||
.Nm
|
||||
has gotten rather fat.
|
||||
While not huge, it has gotten larger than might
|
||||
be desireable for an elevated-priority daemon running on a workstation,
|
||||
particularly since many of the fancy features which consume the space
|
||||
were designed more with a busy primary server, rather than a high
|
||||
stratum workstation, in mind.
|
||||
While not huge, it has gotten
|
||||
larger than might be desirable for an elevated-priority
|
||||
.Nm
|
||||
running on a workstation, particularly since many of
|
||||
the fancy features which consume the space were designed more with
|
||||
a busy primary server, rather than a high stratum workstation in
|
||||
mind.
|
||||
|
|
|
@ -9,163 +9,117 @@
|
|||
.Nd set the date and time via NTP
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl bBdqsuv
|
||||
.Op Fl bBdoqsuv
|
||||
.Op Fl a Ar key
|
||||
.Op Fl e Ar authdelay
|
||||
.Op Fl k Ar keyfile
|
||||
.Op Fl o Ar version
|
||||
.Op Fl p Ar samples
|
||||
.Op Fl t Ar timeout
|
||||
.Ar server
|
||||
.Op Ar ...
|
||||
.Ar server ...
|
||||
.Sh DESCRIPTION
|
||||
.Nm
|
||||
sets the local date and time by polling the Network Time Protocol (NTP)
|
||||
server(s) given as the
|
||||
.Pp
|
||||
.Em Note :
|
||||
The functionality of this program is now available
|
||||
in the
|
||||
.Xr ntpd 8
|
||||
program.
|
||||
See the
|
||||
.Fl q
|
||||
command line
|
||||
option in the
|
||||
.Xr ntpd 8
|
||||
page.
|
||||
After a suitable period of
|
||||
mourning, the
|
||||
.Nm
|
||||
program is to be retired from this
|
||||
distribution.
|
||||
.Pp
|
||||
.Nm
|
||||
sets the local date and time by polling the
|
||||
Network Time Protocol (NTP) server(s) given as the
|
||||
.Ar server
|
||||
arguments to determine
|
||||
the correct time. It must be run as root on the local host. A number
|
||||
of samples are obtained from each of the servers specified
|
||||
and a subset of the NTP clock filter and selection algorithms
|
||||
are applied to select the best of these.
|
||||
Note that the accuracy and reliability of
|
||||
.Nm
|
||||
depends on the number of servers,
|
||||
the number of polls each time it is run
|
||||
and the interval between runs.
|
||||
.Pp
|
||||
.Nm
|
||||
can be run manually as necessary to set the host clock,
|
||||
or it can be run from the host startup script
|
||||
to set the clock at boot time.
|
||||
This is useful in some cases to set the clock initially
|
||||
before starting the NTP daemon
|
||||
.Xr ntpd 8 .
|
||||
It is also possible to run
|
||||
.Nm
|
||||
from a
|
||||
.Xr cron 8
|
||||
script.
|
||||
However, it is important to note that
|
||||
.Nm
|
||||
with contrived cron scripts is no substitute for the NTP daemon,
|
||||
which uses sophisticated algorithms to maximize accuracy and reliability
|
||||
while minimizing resource use.
|
||||
Finally, since
|
||||
.Nm
|
||||
does not discipline the host clock frequency as does
|
||||
.Xr ntpd 8 ,
|
||||
the accuracy using
|
||||
.Nm
|
||||
is limited.
|
||||
.Pp
|
||||
Time adjustments are made by
|
||||
.Nm
|
||||
in one of two ways. If
|
||||
.Nm
|
||||
determines the clock is in error more than 0.5 second it will simply
|
||||
step the time by calling the system
|
||||
.Xr settimeofday 2
|
||||
routine.
|
||||
If the error is less than 0.5 seconds, it will slew the time
|
||||
by calling the system
|
||||
.Xr adjtime 2
|
||||
routine.
|
||||
The latter technique is less disruptive and more
|
||||
accurate when the error is small, and works quite well when
|
||||
.Nm
|
||||
is run by
|
||||
.Xr cron 8
|
||||
every hour or two.
|
||||
.Pp
|
||||
.Nm
|
||||
will decline to set the date if an NTP server daemon
|
||||
(e.g.,
|
||||
.Xr ntpd 8 )
|
||||
is running on the same host.
|
||||
When running
|
||||
.Nm
|
||||
on a regular basis from
|
||||
.Xr cron 8
|
||||
as an alternative to running a daemon,
|
||||
doing so once every hour or two
|
||||
will result in precise enough timekeeping
|
||||
to avoid stepping the clock.
|
||||
.Pp
|
||||
If NetInfo support is compiled into
|
||||
.Nm ,
|
||||
then the server argument is optional if
|
||||
.Nm
|
||||
can find a time server in the NetInfo configuration for
|
||||
.Xr ntpd 8 .
|
||||
arguments to determine the correct time.
|
||||
It must be run as root on
|
||||
the local host.
|
||||
A number of samples are obtained from each of the
|
||||
servers specified and a subset of the NTP clock filter and
|
||||
selection algorithms are applied to select the best of these.
|
||||
Note
|
||||
that the accuracy and reliability of
|
||||
.Nm
|
||||
depends on
|
||||
the number of servers, the number of polls each time it is run and
|
||||
the interval between runs.
|
||||
.Pp
|
||||
The following options are available:
|
||||
.Bl -tag -width indent
|
||||
.It Fl a Ar key
|
||||
Enable the authentication function
|
||||
and specify the key identifier to be used
|
||||
for authentication as the argument
|
||||
.Ar key .
|
||||
Enable the authentication function and specify the key
|
||||
identifier to be used for authentication as the argument
|
||||
.Ar key
|
||||
The keys and key identifiers must match
|
||||
in both the client and server key files.
|
||||
The default is to disable the authentication function.
|
||||
The default is to disable
|
||||
the authentication function.
|
||||
.It Fl B
|
||||
Force the time to always be slewed using the
|
||||
.Xr adjtime 2
|
||||
system call,
|
||||
even if the measured offset is greater than +-128 ms.
|
||||
The default is to step the time using
|
||||
system
|
||||
call, even if the measured offset is greater than +-128 ms.
|
||||
The
|
||||
default is to step the time using
|
||||
.Xr settimeofday 2
|
||||
if the offset is greater than +-128 ms.
|
||||
Note that,
|
||||
if the offset is much greater than +-128 ms in this case,
|
||||
it can take a long time (hours)
|
||||
to slew the clock to the correct value.
|
||||
During this time,
|
||||
the host should not be used to synchronize clients.
|
||||
if the offset is
|
||||
greater than +-128 ms.
|
||||
Note that, if the offset is much greater
|
||||
than +-128 ms in this case, that it can take a long time (hours) to
|
||||
slew the clock to the correct value.
|
||||
During this time. the host
|
||||
should not be used to synchronize clients.
|
||||
.It Fl b
|
||||
Force the time to be stepped using the
|
||||
.Xr settimeofday 2
|
||||
system call,
|
||||
rather than slewed (default) using the
|
||||
system
|
||||
call, rather than slewed (default) using the
|
||||
.Xr adjtime 2
|
||||
system call.
|
||||
This option should be used
|
||||
when called from a startup file at boot time.
|
||||
This option should be used when called from a startup file at boot
|
||||
time.
|
||||
.It Fl d
|
||||
Enable the debugging mode,
|
||||
in which
|
||||
.Nm
|
||||
will go through all the steps,
|
||||
but not adjust the local clock.
|
||||
Information useful for general debugging will also be printed.
|
||||
Enable the debugging mode, in which
|
||||
.Nm
|
||||
will go
|
||||
through all the steps, but not adjust the local clock.
|
||||
Information
|
||||
useful for general debugging will also be printed.
|
||||
.It Fl e Ar authdelay
|
||||
Specify the processing delay
|
||||
to perform an authentication function as the value
|
||||
Specify the processing delay to perform an authentication
|
||||
function as the value
|
||||
.Ar authdelay ,
|
||||
in seconds and fraction
|
||||
(see
|
||||
.Xr ntpd 8
|
||||
.Xr ntpd 8
|
||||
for details).
|
||||
This number is usually small enough
|
||||
to be negligible for most purposes,
|
||||
though specifying a value
|
||||
may improve timekeeping on very slow CPU's.
|
||||
This number is usually small
|
||||
enough to be negligible for most purposes, though specifying a
|
||||
value may improve timekeeping on very slow CPU's.
|
||||
.It Fl k Ar keyfile
|
||||
Specify the path for the authentication key file
|
||||
as the string
|
||||
Specify the path for the authentication key file as the string
|
||||
.Ar keyfile .
|
||||
The default is
|
||||
.Pa /etc/ntp.keys .
|
||||
This file should be in the format described in
|
||||
.Xr ntpd 8 .
|
||||
This file
|
||||
should be in the format described in
|
||||
.Xr ntpd 8 .
|
||||
.It Fl o Ar version
|
||||
Specify the NTP version for outgoing packets as the integer
|
||||
Specify the NTP version for outgoint packets as the integer
|
||||
.Ar version ,
|
||||
which can be 1 or 2.
|
||||
The default is 3.
|
||||
This allows
|
||||
.Nm
|
||||
.Nm
|
||||
to be used with older NTP versions.
|
||||
.It Fl p Ar samples
|
||||
Specify the number of samples to be acquired from each server
|
||||
|
@ -176,37 +130,121 @@ The default is 4.
|
|||
.It Fl q
|
||||
Query only - don't set the clock.
|
||||
.It Fl s
|
||||
Divert logging output from the standard output (default)
|
||||
to the system
|
||||
.Xr syslog 3
|
||||
Divert logging output from the standard output (default) to the
|
||||
system
|
||||
.Xr syslog 3
|
||||
facility.
|
||||
This is designed primarily for convenience of
|
||||
.Xr cron 8
|
||||
This is designed primarily for
|
||||
convenience of
|
||||
.Xr cron 8
|
||||
scripts.
|
||||
.It Fl t Ar timeout
|
||||
Specify the maximum time waiting for a server response
|
||||
as the value
|
||||
Specify the maximum time waiting for a server response as the
|
||||
value
|
||||
.Ar timeout ,
|
||||
in seconds and fraction.
|
||||
The value is rounded to a multiple of 0.2 seconds.
|
||||
The default is 1 second,
|
||||
a value suitable for polling across a LAN.
|
||||
The value is is
|
||||
rounded to a multiple of 0.2 seconds.
|
||||
The default is 1 second, a
|
||||
value suitable for polling across a LAN.
|
||||
.It Fl u
|
||||
Direct
|
||||
.Nm
|
||||
to use an unprivileged port for outgoing packets.
|
||||
This is most useful when behind a firewall
|
||||
that blocks incoming traffic to privileged ports,
|
||||
and you want to synchronise with hosts beyond the firewall.
|
||||
.Nm
|
||||
to use an unprivileged port or outgoing
|
||||
packets.
|
||||
This is most useful when behind a firewall that blocks
|
||||
incoming traffic to privileged ports, and you want to synchronise
|
||||
with hosts beyond the firewall.
|
||||
Note that the
|
||||
.Fl d
|
||||
option always uses unprivileged ports.
|
||||
.Fl d
|
||||
option
|
||||
always uses unprivileged ports.
|
||||
.It Fl v
|
||||
Be verbose.
|
||||
This option will cause
|
||||
.Nm Ns 's
|
||||
version identification string to be logged.
|
||||
version
|
||||
identification string to be logged.
|
||||
.El
|
||||
.Pp
|
||||
.Nm
|
||||
can be run manually as necessary to set the
|
||||
host clock, or it can be run from the host startup script to set
|
||||
the clock at boot time.
|
||||
This is useful in some cases to set the
|
||||
clock initially before starting the NTP daemon
|
||||
.Xr ntpd 8 .
|
||||
It is
|
||||
also possible to run
|
||||
.Nm
|
||||
from a
|
||||
.Xr cron 8
|
||||
script.
|
||||
However, it is important to note that
|
||||
.Nm
|
||||
with
|
||||
contrived
|
||||
.Xr cron 8
|
||||
scripts is no substitute for the NTP
|
||||
daemon, which uses sophisticated algorithms to maximize accuracy
|
||||
and reliability while minimizing resource use.
|
||||
Finally, since
|
||||
.Nm
|
||||
does not discipline the host clock frequency as
|
||||
does
|
||||
.Xr ntpd 8 ,
|
||||
the accuracy using
|
||||
.Nm
|
||||
is
|
||||
limited.
|
||||
.Pp
|
||||
Time adjustments are made by
|
||||
.Nm
|
||||
in one of two
|
||||
ways.
|
||||
If
|
||||
.Nm
|
||||
determines the clock is in error more
|
||||
than 0.5 second it will simply step the time by calling the system
|
||||
.Xr settimeofday 2
|
||||
routine.
|
||||
If the error is less than 0.5
|
||||
seconds, it will slew the time by calling the system
|
||||
.Xr adjtime 2
|
||||
routine.
|
||||
The latter technique is less disruptive
|
||||
and more accurate when the error is small, and works quite well
|
||||
when
|
||||
.Nm
|
||||
is run by
|
||||
.Xr cron 8
|
||||
every hour or
|
||||
two.
|
||||
.Pp
|
||||
.Nm
|
||||
will decline to set the date if an NTP server
|
||||
daemon (e.g.,
|
||||
.Xr ntpd 8 )
|
||||
is running on the same host.
|
||||
When
|
||||
running
|
||||
.Nm
|
||||
on a regular basis from
|
||||
.Xr cron 8
|
||||
as
|
||||
an alternative to running a daemon, doing so once every hour or two
|
||||
will result in precise enough timekeeping to avoid stepping the
|
||||
clock.
|
||||
.Pp
|
||||
If NetInfo support is compiled into
|
||||
.Nm ,
|
||||
then the
|
||||
.Ic server
|
||||
argument is optional if
|
||||
.Nm
|
||||
can find a
|
||||
time server in the NetInfo configuration for
|
||||
.Xr ntpd 8 .
|
||||
.Sh FILES
|
||||
.Bl -tag -width /etc/ntp.keys -compact
|
||||
.It Pa /etc/ntp.keys
|
||||
|
@ -215,17 +253,12 @@ contains the encryption keys used by
|
|||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr ntpd 8
|
||||
.Sh HISTORY
|
||||
Written by
|
||||
.An Dennis Ferguson
|
||||
at the University of Toronto
|
||||
.Sh BUGS
|
||||
The slew adjustment is actually 50% larger than the measured offset,
|
||||
since this (it is argued)
|
||||
will tend to keep a badly drifting clock more accurate.
|
||||
This is probably not a good idea
|
||||
and may cause a troubling hunt
|
||||
for some values of the kernel variables
|
||||
.Va tick
|
||||
The slew adjustment is actually 50% larger than the measured
|
||||
offset, since this (it is argued) will tend to keep a badly
|
||||
drifting clock more accurate.
|
||||
This is probably not a good idea and
|
||||
may cause a troubling hunt for some values of the kernel variables
|
||||
.Va kern.clockrate.tick
|
||||
and
|
||||
.Va tickadj .
|
||||
.Va kern.clockrate.tickadj .
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue