time sync problem--ntpdate AND xntpd??
Sean Noonan
I have a home RFC1918 net linked to the world via a FreeBSD 3.4-RELEASE
gateway/NAT/IPFW box. I'm tired of my clocks being off by hours from each
other so I did some research and discovered NTP.
I found NTP clients for my Novell and M$ boxen. I figured I'd use ntpdate
on my FreeBSD workstations. I also figured I'd use ntpdate **AND** xntpd
on my gateway/NAT/IPFW box. That way, I figured, my gateway/firewall box
would get the time from a reliable time source and then the rest of my
boxes would look to it for their time source. Sounded good.
Until I read this in man ntpdate: "Ntpdate will decline to set the date
if an NTP server (e.g. xntpd(8)) is running on the same host".
So, what should I do? It didn't/doesn't make sense to me to have all of
my worksatations use internet bandwidth to check time; better to have one
check the time and the the rest get their time from it.
What am I missing, conceptually? What are my alternatives? Is their a
NTP proxy I could run on my firewall?
TIA,
-Sean Noonan
noo...@home.com
To Unsubscribe: send mail to majo...@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Mitch Collinsworth
>I also figured I'd use ntpdate **AND** xntpd
>on my gateway/NAT/IPFW box. That way, I figured, my gateway/firewall box
>would get the time from a reliable time source and then the rest of my
>boxes would look to it for their time source. Sounded good.
Yes.
>Until I read this in man ntpdate: "Ntpdate will decline to set the date
>if an NTP server (e.g. xntpd(8)) is running on the same host".
A typical setup is to run ntpdate once during boot-up to make sure your
clock is right, and then start xntpd to keep it right. Your plan to
then use the gateway machine to serve time for the lan is perfectly
reasonable.
-Mitch
Don Read
On 19-Jan-00 Sean Noonan wrote:
> Dear list:
>
> I have a home RFC1918 net linked to the world via a FreeBSD 3.4-RELEASE
> gateway/NAT/IPFW box. I'm tired of my clocks being off by hours from each
> other so I did some research and discovered NTP.
>
> on my FreeBSD workstations. I also figured I'd use ntpdate **AND** xntpd
> on my gateway/NAT/IPFW box. That way, I figured, my gateway/firewall box
> would get the time from a reliable time source and then the rest of my
> boxes would look to it for their time source. Sounded good.
>
> if an NTP server (e.g. xntpd(8)) is running on the same host".
>
> my worksatations use internet bandwidth to check time; better to have one
> check the time and the the rest get their time from it.
>
> What am I missing, conceptually? What are my alternatives? Is their a
> NTP proxy I could run on my firewall?
>
at boot run ntpdate to set your clock, then xntpd to keep in sync.
/etc/rc.conf:
-------------------
ntpdate_enable="YES"
ntpdate_program="ntpdate"
ntpdate_flags="tick.usno.navy.mil tock.usno.navy.mil"
xntpd_enable="YES"
xntpd_program="xntpd"
/etc/ntp.conf:
-------------------
server ntp.psi.net
server chisos.ots.utexas.edu
server norad.arc.nasa.gov
peer my.local.boxen.com
driftfile /etc/ntp.drift
Regards,
---
Don Read dr...@calcasieu.com
EDP Manager dr...@texas.net
Calcasieu Lumber Co. Austin TX
-- No Coffee No Peace.
Oliver Fromme
> [...]
> Until I read this in man ntpdate: "Ntpdate will decline to set the date
> if an NTP server (e.g. xntpd(8)) is running on the same host".
>
> So, what should I do? It didn't/doesn't make sense to me to have all of
> my worksatations use internet bandwidth to check time; better to have one
> check the time and the the rest get their time from it.
>
> What am I missing, conceptually? What are my alternatives? Is their a
> NTP proxy I could run on my firewall?
"ntpdate" sets the clock just once and then exits.
"xntpd" is a daemon which runs in the background and corrects
the clock continously. It synchronizes with one or more
servers on the net every now and then (it doesn't take much
bandwidth, so there is no reason to worry). It's even clever
enough to calculate the drift of your local clock, so it can
correct it even if there is no network connection for some
time.
However, "xntpd" only works if the clock is "about right"
already. It refuses to touch the clock if the deviation is
larger than 5 minutes, because in that case it thinks that
something is seriously wrong. "xntpd" tries not to make
"steps", but rather speeds the local clock up slightly or
slows it down slightly, in order to correct for the drift.
Therefore, you usually run _both_ "ntpdate" and "xntpd".
First "ntpdate", in order to correct the clock once, no
matter what. The you run "xntpd" in the background to
keep the time in sync with the world.
In FreeBSD, this is pretty easy to configure, just set
ntpdate_enable and xntpd_enable both to "YES" in your
/etc/rc.conf file (see /etc/defaults/rc.conf for the default
values). Then you'll have to create an /etc/ntp.conf file
(see the manpage for details) which contains the servers
which you want to use for NTP.
Note that "xntpd" can be used as a server and as a client,
or both at the same time. That is, you can run xntpd in
server+client mode on one box which syncs with some NTP
servers out there on the net. Then you can run "xntpd"
clients on other machines of yours to sync to your server.
Regards
Oliver
--
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:ol...@dorifer.heim3.tu-clausthal.de)
"In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
(Terry Pratchett)
Walter Brameld
>
> >I also figured I'd use ntpdate **AND** xntpd
> >on my gateway/NAT/IPFW box. That way, I figured, my gateway/firewall box
> >would get the time from a reliable time source and then the rest of my
> >boxes would look to it for their time source. Sounded good.
>
How does one go about finding reliable time sources?
--
Walter
in暗el損ec暗u戢l (ntl-kch-l)
n. Someone who has been educated past his/her level of
intelligence.
Oliver Fromme
> How does one go about finding reliable time sources?
Try asking your ISP. Many have stratum-1 NTP servers.
Or try looking for one at a university or other organization
which is not too many network hops away, and which provides
such service to the public.
You can also build your own stratum-1 NTP server, just buy
an appropriate reference clock which is supported by xntpd,
e.g. a GPS or DCF receiver. With a good GPS receiver, you
can achieve accuracy in the range of µs, but those are a bit
expensive. DCF77 receivers, which are quite popular in
Europe, are much cheaper but less accurate (in the ms range),
but it should still be enough for private use.
Regards
Oliver
--
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:ol...@dorifer.heim3.tu-clausthal.de)
"In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
(Terry Pratchett)
Harry Woodward-Clarke
> Thanks For the reply Oliver.
> By the way, what does.....
>
> > "In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
> > (Terry Pratchett)
> mean?
>
> --
> Walter
from babelfish.altavista.com...
"in each piece [of] coal a diamond waits for its birth"
|-|
Walter Brameld
>
> Walter Brameld <bra...@twave.net> wrote in list.freebsd-questions:
> > How does one go about finding reliable time sources?
>
> Try asking your ISP. Many have stratum-1 NTP servers.
> Or try looking for one at a university or other organization
> which is not too many network hops away, and which provides
> such service to the public.
>
> You can also build your own stratum-1 NTP server, just buy
> an appropriate reference clock which is supported by xntpd,
> e.g. a GPS or DCF receiver. With a good GPS receiver, you
> can achieve accuracy in the range of µs, but those are a bit
> expensive. DCF77 receivers, which are quite popular in
> Europe, are much cheaper but less accurate (in the ms range),
> but it should still be enough for private use.
>
> Regards
> Oliver
Thanks For the reply Oliver.
By the way, what does.....
> "In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
> (Terry Pratchett)
mean?
--
Walter
in·tel·lec·tu·al (ntl-kch-l)
n. Someone who has been educated past his/her level of
intelligence.
Walter Brameld
>
> Walter Brameld wrote:
>
> > Thanks For the reply Oliver.
> > By the way, what does.....
> >
> > > "In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
> > > (Terry Pratchett)
> > mean?
> >
> > --
> > Walter
>
>
> "in each piece [of] coal a diamond waits for its birth"
Thank you. I guess I'm just a little more plebian than some
of you out there, no classical education.
Oliver Fromme
Harry Woodward-Clarke <Harry.Wood...@s1.com> wrote in list.freebsd-questions:
> Walter Brameld wrote:
>> By the way, what does.....
>>
>> > "In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
>> > (Terry Pratchett)
>> mean?
>
> from babelfish.altavista.com...
>
> "in each piece [of] coal a diamond waits for its birth"
That translation is surprisingly accurate for babelfish. :)
Sorry that I don't have separate signatures for German and
international mailing lists. It's a quote from a great book
by Terry Patchett, who's often called the ``Douglas Adams of
Fantasy'' -- the original is in English, of course, but I only
have the German translation. The German title of the book is
``Gevatter Tod'' (published by Goldmann Verlag, ISBN 3-442-
41551-9), the original is ``Reaper Man'', published by Victor
Gollancz Ltd., London.
I have to say that this is probably the best book I've read
in my life (so far). It's a very humorous story from the
``disc world'', with a lot of ``sense of wonder'', and it's
surprisingly emotional given the fact that the main protagonist
is Mr. Death himself...
If you like Douglas Adam's "Hitchhiker Trilogy", you will love
this book. I can recommend it to everyone.
Regards
Oliver
PS: In this book, "Death" lives incognito on the disc world
for some time in a small village under the name "Bill Door".
Although I think it's coincidental, it leaves room for some
thoughts... ;-)
--
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:ol...@dorifer.heim3.tu-clausthal.de)
"In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
(Terry Pratchett)
Don Read
On 19-Jan-00 Walter Brameld wrote:
> Mitch Collinsworth wrote:
>>
>> >I also figured I'd use ntpdate **AND** xntpd
>> >on my gateway/NAT/IPFW box. That way, I figured, my gateway/firewall box
>> >would get the time from a reliable time source and then the rest of my
>> >boxes would look to it for their time source. Sounded good.
>>
>
>
http://www.eecis.udel.edu/~mills/ntp/servers.htm
Regards,
--
Don Read dr...@calcasieu.com
EDP Manager dr...@texas.net
Calcasieu Lumber Co. Austin TX
-- No Coffee No Peace
Mitch Collinsworth
>Mitch Collinsworth wrote:
>>
>> >I also figured I'd use ntpdate **AND** xntpd
>> >on my gateway/NAT/IPFW box. That way, I figured, my gateway/firewall box
>> >would get the time from a reliable time source and then the rest of my
>> >boxes would look to it for their time source. Sounded good.
No, Mitch Collinsworth did not write this. Please pay attention
to your attributions.
-Mitch Collinsworth
pa...@phoenix.volant.org
> How does one go about finding reliable time sources?
There's a very good chance that the router at the upstream end of
your link is an NTP server. Try a traceroute to almost anywhere
to get the FQDN or IP address of the router; then try ntptrace
to the router to see if it will serve you NTP.
-Pat
Kevin Oberman
servers and the stability is poor. They respond to NTP pings at a low
priority and, when the cpu gets busy, the dispersion goes through the
roof because of the delay messing up the symmetry of the transmit to
reply times.
Of course, this is usually transient, but routers (or at least Cisco
routers) are not good NTP servers.
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: obe...@es.net Phone: +1 510 486-8634
a.ever...@gmail.com
GPS timing receiver provides a network with a traceable source of time. The device will obtain very accurate time stamps from the GPS receiver and maintain an accurately synchronized internal real time clock. This time can then be provided to clients on the network that require time.
Eve
http://www.timetoolsglobal.com/