Tuesday, 11 November 2008

Configuring NTP server and client on Solaris 10

One of the task which is often performed during the setup of a machine it's the setup of the NTP daemon.

NTP is one of the oldest internet protocol still in use and it allows the synchronization of computer clocks distributing UTC (Coordinated Universal Time) over the network. NTP design is focused on compensating the variable latency of the network.

A machine may be an NTP client or an NTP server. Roughly, an NTP client it's a machine that uses the NTP protocol to synchronize its clock and an NTP server it's a machine that provides NTP client the information needed to set their clocks and itself uses other NTP server to keep in sync.

NTP on Solaris 10
Solaris 10 ships with an NTP daemon, ntpd, configured via SMF (svc:/network/ntp:default) and a bunch of sample ntp.conf files to quickly configure a machine as a client or as a server.

# svcs ntp
# svcs ntp
STATE STIME FMRI online 0:43:33 svc:/network/ntp:default

Configuring a client
If your machine is just a client, you can just pick the /etc/inet/ntp.client and copy it to /etc/inet/ntp.conf. The default client configuration it's just a one-liner:

multicastclient 224.0.0.1


This configuration, as explained in the same file, it's a passive configuration for a host that just listens for NTP server putting packets on the NTP multicast network, 224.0.0.1. Obviously, if your machine it's in a LAN without an NTP server, you're probably never going to receive such a packet, and you should use some public NTP server instead.

Using a server from a pool
I personally recommend using random servers from an NTP pool such as pool.ntp.org. In the official website of the NTP Pool Project you can find instruction about using the pool or picking up some server from the list they maintain. Pools maintained by the NTP Pool Project are organized in geographical hierarchy so that, for example, you can use server from a continent-level pool or, where available, from a country-level pool. The recipe is always the same: the nearer, the quicker, the better. In my case, I'm using the European pool europe.pool.ntp.org and my configuration file contains:

server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
server 3.europe.pool.ntp.org

Setting up the drift file
The only thing left to set up it's just the drift file location, which in my case it's:

driftfile /var/ntp/ntp.drift

Starting the service
Once your ntp.conf is set up, you can start (or restart) the ntp service:

# svcadm restart ntp
# svcs ntp
STATE STIME FMRI online 0:43:33 svc:/network/ntp:default

Querying the service
Once the service is running, you can check which server you're using with ntpq:

# ntpq -p
remote refid st t when poll reach delay offset disp

==============================================================================
NTP.MCAST.NET 0.0.0.0 16 u - 64 0 0.00 0.000 16000.0
+fnutt.net
Time2.Stupi.SE 2 u 45 64 377 76.74 10.285 0.73
-sip1.viatel.ee
ntp.eenet.ee 3 u 430 1024 377 79.47 -0.988 1.05
*ntp1.net.edu.ie
ntp0.esat.net 2 u 28 64 377 63.45 4.104 0.78
+ns.airbites.bg
ntp2.gbg.netnod 2 u 27 64 377 85.13 1.723 1.05


You'll get a similar output. After a while, your query will output similar results. The server prefixed with an asterisk is the server you're synchronizing with. If you don't get an asterisk after a while, probably no NTP server is reachable, which is probably due to a firewall which is blocking UDP port 123. The difference between your clock and the data provided by NTP servers can be examined by catting the drift file:

# cat /var/ntp/ntp.drift -50.645

Setting up an NTP server
Now that you have an NTP client running, you'll probably want to setup all of your machines. If you're in a LAN, you can setup an internal NTP server which will provide data to other clients on your LAN. As before, you can take inspiration from the server configuration file shipped with Solaris 10, /etc/inet/ntp.server. After setting up the drift file and the clients you're going to use, you can examine the other options and fine-tune them at your taste. Let's give a quick look at it.

server 127.127.XType.0

This line sets up the server type and the XType value must be substituted with the correct value from the provided table:

# XType Device RefID Description

# -------------------------------------------------------
# 1 local LCL Undisciplined Local Clock
# 2 trak GPS TRAK 8820 GPS Receiver
# 3 pst WWV PSTI/Traconex WWV/WWVH Receiver
# 4 wwvb WWVB Spectracom WWVB Receiver
# 5 true TRUE TrueTime GPS/GOES Receivers
# 6 irig IRIG IRIG Audio Decoder
# 7 chu CHU Scratchbuilt CHU Receiver
# 8 parse ---- Generic Reference Clock Driver
# 9 mx4200 GPS Magnavox MX4200 GPS Receiver
# 10 as2201 GPS Austron 2201A GPS Receiver
# 11 arbiter GPS Arbiter 1088A/B GPS Receiver
# 12 tpro IRIG KSI/Odetics TPRO/S IRIG Interface
# 13 leitch ATOM Leitch CSD 5300 Master Clock Controller
# 15 * * TrueTime GPS/TM-TMD Receiver
# 17 datum DATM Datum Precision Time System
# 18 acts ACTS NIST Automated Computer Time Service
# 19 heath WWV Heath WWV/WWVH Receiver
# 20 nmea GPS Generic NMEA GPS Receiver
# 22 atom PPS PPS Clock Discipline
# 23 ptb TPTB PTB Automated Computer Time Service
# 24 usno USNO USNO Modem Time Service
# 25 * * TrueTime generic receivers
# 26 hpgps GPS Hewlett Packard 58503A GPS Receiver
# 27 arc MSFa Arcron MSF Receiver

In my case, it's just a (very) plain 1: an undiscilplined local clock.

broadcast 224.0.1.1 ttl 4

This line is the server equivalent of the multicast line seen in the default client configuration: it tells the NTP server to broadcast on the NTP multicast network.

Further readings
Complete documentation about ntp.conf syntax can be found on the xntpd man page:

# man xntpd

No comments:

Post a Comment