You are not logged in.

#1 2011-01-31 00:41:53

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Update NTP (Network Time Protocol) wiki article?

I was trying to set up automatic clock synchronization, so I went here https://wiki.archlinux.org/index.php/Ne … e_Protocol to see how I could do that: first thing it says to install ntp, and that's easy, but then the configuration section is very different from the default /etc/ntp.conf coming with the repository package (version 4.2.6.p2-1), so this is the first reason why I think the article should be updated.

After that I started KISS-wondering why I should use a memory/bandwidth/cpu-eating daemon if what I want is just synchronize my clock at boot time, nothing more; in fact, configuring ntp that way is useful only for a ntp server, but I'm pretty confident that the large majority of people visiting that page are just looking for a way to sync their clock, so I think that the NTP part of the page should be split in 2 or even better 3 sub sections: 1) ntp server configuration (with ntpd running); 2) simple ntp clock synchronization (with ntpd running); 3) ntp clock synchronization (at boot time or as a cron event) (without ntpd running).

Subsection 3) should explain how to configure ntp.conf (and maybe /etc/rc.local ? I'm still studying on this) just to be able to have this command

ntpd -qg

automatically executed at boot time: maybe appending it to /etc/rc.local (but I'm afraid it's slightly more complicated than that, I'm still studying on it); it could also be reminded that it's possible to run that command at predefined time intervals by creating a cron event.

Is somebody with more knowledge than me interested in helping?

(Excuse my approximate English...)

Offline

#2 2011-02-01 10:53:59

MadTux
Member
Registered: 2009-09-20
Posts: 553

Re: Update NTP (Network Time Protocol) wiki article?

Not sure what wrong with the default /etc/ntp.conf. It just has more comments in it than what is shown in the wiki. Its understandable to me that for the wiki all the comments have been eliminated to show just the bare configuration.

Offline

#3 2011-02-01 11:37:37

tenlegger
Member
From: West Yorkshire, England
Registered: 2009-12-18
Posts: 39

Re: Update NTP (Network Time Protocol) wiki article?

kynikos wrote:

After that I started KISS-wondering why I should use a memory/bandwidth/cpu-eating daemon if what I want is just synchronize my clock at boot time, nothing more;

Use OpenNTPD instead, it does exactly what you want straight out of the box.

Regards .....


Arch Linux x86_64 | KDE SC 4.7.2
AMD Athlon 64 X2 5000+ CPU | 4Gb RAM
nVidia 8500GT GPU

Offline

#4 2011-02-01 11:55:22

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

MadTux wrote:

Not sure what wrong with the default /etc/ntp.conf. It just has more comments in it than what is shown in the wiki. Its understandable to me that for the wiki all the comments have been eliminated to show just the bare configuration.

Ok, I admit maybe I've been too drastic, but try to download version 4.2.6.p2-1 of the package: this is its /etc/ntp.conf

# NOTES:
#  - you should only have to update the server line below
#  - if you start getting lines like 'restrict' and 'fudge'
#    and you didnt add them, AND you run dhcpcd on your
#    network interfaces, be sure to add '-Y -N' to the
#    dhcpcd_ethX variables in /etc/conf.d/net

# Name of the servers ntpd should sync with
# Please respect the access policy as stated by the responsible person.
#server        ntp.example.tld        iburst

server pool.ntp.org

##
# A list of available servers can be found here:
# http://www.pool.ntp.org/
# http://www.pool.ntp.org/#use
# A good way to get servers for your machine is:
# netselect -s 3 pool.ntp.org
##

# you should not need to modify the following paths
driftfile    /var/lib/ntp/ntp.drift

#server ntplocal.example.com prefer 
#server timeserver.example.org 

# Warning: Using default NTP settings will leave your NTP
# server accessible to all hosts on the Internet.

# If you want to deny all machines (including your own)
# from accessing the NTP server, uncomment:
#restrict default ignore


# To deny other machines from changing the
# configuration but allow localhost:
restrict default nomodify nopeer
restrict 127.0.0.1


# To allow machines within your network to synchronize
# their clocks with your server, but ensure they are
# not allowed to configure the server or used as peers
# to synchronize against, uncomment this line.
#
#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap

Now compare it with the one on the wiki: https://wiki.archlinux.org/index.php/Ne … 2Fntp.conf
Not only the comments, but also uncommented lines are different and differently organized, it should be enough to note that the ntp.conf section starts by saying "The first line in your ntp.conf file should contain the following:

restrict default kod nomodify notrap nopeer noquery

which is false, and the user already starts scratching his head.
Another left-unexplained thing is why are servers split in two groups, those containing "pool" and those which don't: I think that at least two or three lines in the page should be spent to explain this.

However, I repeat that I think it should be clearly explained that if one just wants to synchronize the clock at boot or as a cron event without running a daemon, the command

ntpd -qg

is perfectly enough.
I could add such an explanation to the article, but I'd like somebody to tell me if adding just ntpd -qg to /etc/rc.local is correct, because for example I see that many lines usually added to /etc/rc.* files end with &> dev/null and I don't know if it would also apply in this case; I'd also like to know if adding

hwclock -w

to reset the hardware clock would be right or wrong.
Does anybody have arguments against adding that to the article? Would it be okay if I created a section for server/daemon configuration and another for client-only/no-daemon config?

Offline

#5 2011-02-01 12:02:48

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

tenlegger wrote:

Use OpenNTPD instead, it does exactly what you want straight out of the box.

Well OpenNTPD is still a daemon, and what's more the header of the article states (in bold!) that it's not maintained any longer for linux, so I think that if there's a very easy way to replace it with a simple ntpd command it should be at least cited in the article.

Offline

#6 2011-02-01 12:39:49

tenlegger
Member
From: West Yorkshire, England
Registered: 2009-12-18
Posts: 39

Re: Update NTP (Network Time Protocol) wiki article?

Yes but just because it isn't maintained anymore doesn't mean to say that we shouldn't use it smile

Regards .....


Arch Linux x86_64 | KDE SC 4.7.2
AMD Athlon 64 X2 5000+ CPU | 4Gb RAM
nVidia 8500GT GPU

Offline

#7 2011-02-01 14:18:33

R00KIE
Forum Fellow
From: Between a computer and a chair
Registered: 2008-09-14
Posts: 4,734

Re: Update NTP (Network Time Protocol) wiki article?

tenlegger wrote:

Yes but just because it isn't maintained anymore doesn't mean to say that we shouldn't use it smile

Regards .....

Not maintained anymore usually means that either security problems and/or compatibility problems will not be fixed, so yes the wiki is right in warning about that and recommending to use an alternative that is maintained, in this case ntpd. However you are free to use whatever you want smile

If someone adds usage alternatives to the wiki (usable alternatives) that is always a good thing and people are free to use whatever better fits their needs.


R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K

Offline

#8 2011-02-01 15:21:28

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

Thanks Rookie, I don't understand all this resistance to a simple proposal of updating or reorganizing an article, I just made some questions in order to understand better some particulars and to be able to write what I'd like to, so that anybody else with my (I think somewhat common) problem could benefit from it.
I think post #4 sums up quite well my doubts, if somebody with a little knowledge and time could spend it to give me some answers, or otherwise provide some arguments why the method I'm proposing is wrong or useless it'd be appreciated.

EDIT (@ some moderator passing by): maybe this thread could have more luck if moved to Networking, Server, and Protection?

Last edited by kynikos (2011-02-01 16:13:06)

Offline

#9 2011-02-01 16:20:43

brebs
Member
Registered: 2007-04-03
Posts: 3,742

Re: Update NTP (Network Time Protocol) wiki article?

3) ntp clock synchronization (at boot time or as a cron event) (without ntpd running)

If you don't keep your PC switched on for very long at a time (e.g. a day or two), then just syncing the time at startup is OK.

Running a sync as a cron event is a silly idea - the time could just jump around randomly, which would screw up a time-sensitive app. This is why ntpd (as opposed to ntpdate) zeros in on the correct time, *slowly*. You can't just occasionally swap the past, present and future around in a program's inputs, and expect correct output wink

In summary, the easiest thing for everyone, without knowing how time-sensitive their apps are, or their uptime (could be years for lucky servers, as an extreme), or how accurate/quirky the clock on the motherboard is, is to just set up ntpd and then be able to forget about the problem, because ntp is handling it.

On PCs these days (even netbooks), I recommend running ntp and BIND, because they are so convenient.

Offline

#10 2011-02-01 18:01:26

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

Good point, brebs!
However, maybe I could write a very brief 1.5 Section "Syncing without ntpd running", including your reasonable observations and the warning not to use a cron event in any case, but only at boot.

Now there still remain my doubts over ntp.conf, in fact the example in the article is objectively too different from the one in the latest-version package.
At least could somebody explain here why are the servers kept in two groups? It's not clear at all how one should choose the server(s) to add in the list.
Finally I would also add a very very synthetic explanation of the concept of stratum (the plural is "strata"?).

What do you think?

Offline

#11 2011-02-02 15:39:34

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

Ok this is my proposal for the new subsection:
======( Contents menu )======

# 1 ntpd

    * 1.5 Syncing the clock without the daemon running

======( Subsection 1.5 )======

Syncing the clock without the daemon running

If what you want is just synchronizing your system clock at boot time without running ntpd as a daemon, you can add to your /etc/rc.local this line:

ntpd -qg &

If you also want to update the hardware clock, use this line instead:

ntpd -qg && hwclock -w &

Now you can delete ntpd from the daemons list in /etc/rc.conf, or just disable it:

DAEMONS=(syslog-ng network !ntpd ...)

Note 1: you'd better not background the network daemon, to make sure that when rc.local is executed, the network connection is already initialized.
Note 2: using this method is highly discouraged on servers and in general on machines that need to run continuously for more than 2 or 3 days, as the system clock will be updated only once at boot time!
Note 3: running "ntpd -qg" as a cron event is to be completely avoided, unless you are perfectly aware of how your running applications would react to instantaneous system time changes!

======================

Please help me correct any coding and English mistakes (I'm not a native speaker).

EDIT: I'm also working on adapting section 1.2 (/etc/ntp.conf) to the most recent version of ntp package, I'll post that when I'm done.

Last edited by kynikos (2011-02-02 15:44:53)

Offline

#12 2011-02-02 15:55:57

litemotiv
Forum Fellow
Registered: 2008-08-01
Posts: 5,026

Re: Update NTP (Network Time Protocol) wiki article?

In my opinion, openntpd should be removed from the wiki article completely (or otherwise only be mentioned in a footnote). ntpd is just as easily installed and it does the job right.


ᶘ ᵒᴥᵒᶅ

Offline

#13 2011-02-02 16:08:24

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

litemotiv wrote:

In my opinion, openntpd should be removed from the wiki article completely (or otherwise only be mentioned in a footnote). ntpd is just as easily installed and it does the job right.

Hi litemotiv, I think so too, but what do you think of my proposal?

Offline

#14 2011-02-02 16:25:22

litemotiv
Forum Fellow
Registered: 2008-08-01
Posts: 5,026

Re: Update NTP (Network Time Protocol) wiki article?

kynikos, a few notes:

- The part "Now you can delete ntpd from the daemons list in /etc/rc.conf, or just disable it:" is not really needed since you already explain that it is "without running ntpd as a daemon".

- Mentioning to "not background the network daemon" is not necessary i believe, it is probably more appropriate to only mention that "a network connection needs to be present".

- Please don't use exclamation marks. wink


ᶘ ᵒᴥᵒᶅ

Offline

#15 2011-02-02 16:56:01

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

litemotiv wrote:

The part "Now you can delete ntpd from the daemons list in /etc/rc.conf, or just disable it:" is not really needed since you already explain that it is "without running ntpd as a daemon".

Uhm yes, but in that case I think the best solution would be do change the sections tree this way:

======( Contents menu )======
# 1 ntpd

    * 1.1 Installation
    * 1.2 /etc/ntp.conf
    * 1.3 Running as a daemon
          o 1.3.1 Starting the daemon
                - 1.3.1.1 /etc/rc.conf
                - 1.3.1.2 NetworkManager
          o 1.3.2 Running as non-root user
    * 1.4 Syncing the clock without the daemon running
          o 1.4.1 /etc/rc.local
          o 1.4.2 Notes
=======================

Just to stress that this is a complete alternative to the daemon method, not just an option/extension to that.

Of course, if OpenNTPD is discarded, the tree could change like this:

======( Contents menu )======
# 1 Installation
# 2 /etc/ntp.conf
# 3 Running as a daemon
    * 1.3.1 Starting the daemon
          o 1.3.1.1 /etc/rc.conf
          o 1.3.1.2 NetworkManager
    * 1.3.2 Running as non-root user
# 4 Syncing the clock without the daemon running
    * 1.4.1 /etc/rc.local
    * 1.4.2 Notes
=======================

Mentioning to "not background the network daemon" is not necessary i believe, it is probably more appropriate to only mention that "a network connection needs to be present".

Good, I'll change that.

Please don't use exclamation marks. wink

Oops sorry smile

The new version revised:
======( Subsection 1.4 )======

Syncing the clock without the daemon running

If what you want is just synchronize your system clock at boot time without running ntpd as a daemon, you can add to your /etc/rc.local this line:

ntpd -qg &

If you also want to update the hardware clock, use this line instead:

ntpd -qg && hwclock -w &

Note 1: in order for this method to work you have to make sure that, when rc.local is executed, the network connection has already been initialized (for example you shouldn't background essential network-related daemons in /etc/rc.conf)
Note 2: using this method is highly discouraged on servers and in general on machines that need to run continuously for more than 2 or 3 days, as the system clock will be updated only once at boot time.
Note 3: running "ntpd -qg" as a cron event is to be completely avoided, unless you are perfectly aware of how your running applications would react to instantaneous system time changes.

======================

One thing: I'm not expert at all about standard input/output stuff, I don't know if this line in /etc/rc.local would be more correct:

ntpd -qg && hwclock -w &> dev/null

Last edited by kynikos (2011-02-02 17:03:42)

Offline

#16 2011-02-02 17:05:08

litemotiv
Forum Fellow
Registered: 2008-08-01
Posts: 5,026

Re: Update NTP (Network Time Protocol) wiki article?

Looks good so far, the 3 notes under subsection 1.4 might be a bit much but we will need to judge that in practice. Generally, a single note is the advisable amount to attach. If it clutters the screen too much, you could consider making it an unordered list instead.

Adding dev/null to the update command shouldn't be necessary, it's good that the command outputs it's status to the screen for feedback. People who want to suppress the message probably already know how to achieve that. smile


ᶘ ᵒᴥᵒᶅ

Offline

#17 2011-02-02 17:46:43

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

Done, I'll think of some way to update 1.2 now.

Last edited by kynikos (2011-02-02 17:48:14)

Offline

#18 2011-02-06 21:34:21

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

Ok, I finally managed to find the time to revise the ntp.conf section, this is my first attempt to it:

===/etc/ntp.conf===

The first thing you define in your ntp.conf is the servers your machine will synchronize to.
NTP servers are classified in a hierarchical system with many levels called "strata": the devices which are considered independent time sources are classified as "stratum 0" sources; the servers directly connected to stratum 0 devices are classified as "stratum 1" sources; servers connected to stratum 1 sources are then classified as "stratum 2" sources and so on. It has to be understood that a server's stratum cannot be taken as an indication of its accuracy or reliability.
Tipically, stratum 2 servers are used for general synchronization purposes: if you don't already know the servers you're going to connect to, you should use the pool.ntp.org servers (http://www.pool.ntp.org/ or http://support.ntp.org/bin/view/Servers/NTPPoolServers) and choose the server pool that is closest to your location.
The following lines are just an example:

 server 0.it.pool.ntp.org iburst
 server 1.it.pool.ntp.org iburst
 server 2.it.pool.ntp.org iburst
 server 3.it.pool.ntp.org iburst

The iburst option is recommended, and sends a burst of packets if it cannot obtain a connection with the first attempt. The "burst" option should never be used without explicit permission and will likely result in blacklisting.

If you're setting up a ntp server, you need to add localhost as a server, so that, in case it loses internet access, it won't stop serving time to the network; add localhost as a "stratum 10" server (using the "fudge" command) so that it will never be used unless internet access is lost:

 server 127.127.1.0
 fudge  127.127.1.0 stratum 10

The next thing you have to do is add the drift file (which keeps track of yours clocks time deviation) and optionally the log file location:

 driftfile /var/lib/ntp/ntp.drift
 logfile /var/log/ntp.log

Now all that's left to do is define the rules that will allow clients to connect to your service (localhost is considered a client too) using the "restrict" command; you should already have a line like this in your file:

 restrict default nomodify nopeer

This restricts everyone from modifying anything and prevents everyone from querying your time server.
You can also add other options:

 restrict default kod nomodify notrap nopeer noquery

In the past, "notrust" option was used too, but its function has changed to mean that authentication with a key is required.

Following this line, you need to tell ntpd what to allow through into your server; the following line is enough if you're not configuring a ntp server:

 restrict 127.0.0.1

Otherwise you can add more clients like in this example:

 restrict 1.2.3.4 nomodify
 restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap

This tells ntpd that 1.2.3.4 and all IP addresses from the 192.168.0.0 range will be allowed to synchronize on this server, but they will not be allowed to modify anything. All other IP addresses in the world will still obey the default restrictions (the first line in the ntp.conf).

In the end, the complete file will look like this (almost all original comments have been stripped out for clarity):

# Name of the servers ntpd should sync with (these are for Italy as an example)
server 0.it.pool.ntp.org iburst
server 1.it.pool.ntp.org iburst
server 2.it.pool.ntp.org iburst
server 3.it.pool.ntp.org iburst

driftfile    /var/lib/ntp/ntp.drift
logfile        /var/log/ntp.log

restrict default nomodify nopeer
restrict 127.0.0.1

For a more in-depth explanation of the file, especially if you want to configure your machine as a ntp server, the Gentoo Wiki has a more detailed description.
Lastly, never forget man pages:

$ man ntp.conf

is likely to answer most of your remaining doubts.

Last edited by kynikos (2011-02-06 23:15:03)

Offline

#19 2011-02-10 22:05:46

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

I know the article is quite long and maybe a bit boring, but really nobody is interested anymore?

Offline

#20 2011-02-11 03:42:05

brebs
Member
Registered: 2007-04-03
Posts: 3,742

Re: Update NTP (Network Time Protocol) wiki article?

I *was* interested in this - years ago. For years, it's been "just working".

You have one wiki page, mixing both ntp and openntp together. That's confusing. They should have one wiki page each, with preference given to ntp - which is actually written, and *maintained*, with Linux in mind.

Offline

#21 2011-02-11 09:56:08

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

brebs wrote:

I *was* interested in this - years ago. For years, it's been "just working".

Just because something "just works" doesn't mean it can't be improved.

You have one wiki page, mixing both ntp and openntp together. That's confusing. They should have one wiki page each, with preference given to ntp

I agree, and I'm willing to do that, just let's discuss it here a very tiny little bit, I don't want to decide things by myself...
I can split the article between ntp and openntp, we should just think how those pages should be linked together and with the rest of the wiki: there are many references in the wiki that link to the NTP page, I think the best solution would be to leave ntp there, create another article for openntp and link it only in the ntp page, cited as an (unmaintained) alternative.
For those who have little time and like short answers, here are some suggestions: [ yes, split 'em | split them, but do it this way: [explain] | they're just fine together ]

which is actually written, and *maintained*, with Linux in mind.

It doesn't seem very *maintained* if I wrote in the discussion page and *nobody* has ever answered. If it's not clear, I'm trying to *maintain* the page, not to *vandalize* it...
EDIT: sorry brebs I don't know how I could misunderstand your words wink

Please can someone read my revision @ post #18 and tell me whether it's better than the current version or it sucks, and in the latter case, why it does? Short answers: [ it's better, edit the page | you should change this and that (define this and that) | the current version is perfect already ]

Last edited by kynikos (2011-02-11 10:18:04)

Offline

#22 2011-02-11 10:14:51

litemotiv
Forum Fellow
Registered: 2008-08-01
Posts: 5,026

Re: Update NTP (Network Time Protocol) wiki article?

Sure, split 'em. wink

The wiki is version-controlled, so it's actually not really problematic to just make the changes you have in mind. If they are considered (partially) unsuitable they can always be reverted or edited.

brebs meant that the software itself is maintained, the wiki page...not so much apparently.

Other than that, good work!


ᶘ ᵒᴥᵒᶅ

Offline

#23 2011-02-11 10:33:20

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

litemotiv wrote:

brebs meant that the software itself is maintained, the wiki page...not so much apparently.

I apologize to brebs, maybe I missed a word or two while reading, I don't know... roll

Sure, split 'em. wink

Ah finally a positive answer, from litemotiv again!

The wiki is version-controlled, so it's actually not really problematic to just make the changes you have in mind. If they are considered (partially) unsuitable they can always be reverted or edited.

Yes, I know it's version-controlled, but not automatically, there must be a real person to version-control it, and if there aren't any maintainers one could add mistaken infos or code and they would remain there without anybody ever realizing it...

Other than that, good work!

Thanks, then I'm going to edit the page! (and do other refinements too)

Offline

#24 2011-02-11 16:09:45

brebs
Member
Registered: 2007-04-03
Posts: 3,742

Re: Update NTP (Network Time Protocol) wiki article?

Don't be disheartened. I went through all that you're going through, editing the Gentoo wiki for ntp, years ago. Ya don't get thanks - ya just get criticism when it's the slightest bit incaccurate, or doesn't solve some lazy-ass' immediate problem, whose problem would be solved if they actually spent five minutes reading what you've spent hours carefully preparing.

Most people want ntp on their PC, and couldn't care less about being a server, so concentrate on that situation.

Offline

#25 2011-02-11 21:50:48

kynikos
Wiki Admin
Registered: 2010-12-28
Posts: 170

Re: Update NTP (Network Time Protocol) wiki article?

@brebs
Don't worry, I'm not disheartened, I just whined a little bit to see if it could bring me some answers, and it worked ^^

I've done everything: Network Time Protocol daemon and OpenNTPD
As you can see, the Network Time Protocol page is now a redirection to the daemon page, but I should have taken care of all links and redirections, so there shouldn't be broken links anywhere.
Also note that the i18n links are still referred to "Network Time Protocol", as all other wikis still have the old name for the article (though I think soon I will update at least the Italian version).

Offline

Board footer

Powered by FluxBB