home   articles   archive   forum   masthead  
Published at 28.5.2001
Author: Ronny Ziegler
Translator: Sebastian Kueppers
Languages: de nl cn
Printer printer-version
Support Us!
 

Time server

NIS-Installation No matter how expensive your PC was, you can't leave behind the feeling that the internal clock isn't quite right. After a few days work it may differentiate a few seconds from the real time...

Never set your clock again

A correctly working clock is necessary for a computer to be part of a network. How would you know which version of a document is the newest one if you get more than one copy? Furthermore many security logs write down the timestamp to ensure no data package has been intercepted and (maybe) changed.
But mostly it is troublesome to re-set the clock every few days because of manufacturers using inferior hardware whose clock is too fast or slow after a rather short time.

A curious thing if brilliant programmers wouldn't have found a solution for this problem. Special time servers can be found on the internet for this reason. Those servers clocks are adjusted more or less directly by an atomic clock and are able to tell other computers the time using a special protocol.
But this is more complicated than it sounds. You may not forget that the information signal from the server to the client can only be transferred in an finite time (The meaning of that is known since master Einstein proclaimed his relativity theory). To make it even more complicated you have to consider that the internet is never equally as fast each time...

How exact the time information is depends a lot on the time server used and can be exact to a microsecond.
This precision is mostly only needed for research institutes who need very exact timestamps.
For the 'standard' desktop PC an accuracy of a tenth second is enough. For this reason the high-precisely time servers (so called Stratum-1-Server) are password protected that not everyone can overload this servers with requests.
Time server that get their signal from a stratum-1-server instead of a atomic clock or GPS-signal (so called Stratum-2-Server) are mostly available for everyone (without password protection) and can be used as time server.

A selection of time servers can be found at:

Installation

The necessary software can be found at www.ntp.org. In the meantime a new version of the transmission protocol is available. Packets like xntp3-x.xx use the old protocol version whereas the new version is called ntp-4.0.*.tar.gz. Because of the new version 4 being backwards compatible to the 'old' version you can (and should) use the newer version.
Many distributions come with a version 3 ntp and due to a shortly recovered security bug, the laborious work of compiling the sourcecode is worth the time and effort.

After downloading the source package and unpacking it into the /tmp-directory: 

  >> tar zxvf ntp-4.0.*.tar.gz -C /tmp/
simply run the configure-script: 
  >> cd /tmp/ntp-4.0.99k23/
  >> ./configure
After this script finished its system check compile the sources using 
  >> make
and copy them (which isn't necessary) to their predefined directories using 
  >> make install
The configuration file - which should be found at /etc/ntp.conf - should at least contain the following lines:

/etc/ntp.conf
  server timeserver1.uni-sonstwo.de
  driftfile /etc/ntp.drift


It is suggested that you enter more than one time server so the software can decide for itself which server is more accurate. Which servers should be used is a science for itself. It proved to be best using servers located near to you. A selection of free accessible german time servers is for example 

  server ntp0.fau.de
  server ntps1-0.uni-erlangen.de
  server ntps1-1.uni-erlangen.de
  server ntps1-1.rz.Uni-Osnabrueck.de
The configuration file set up the programm can be used immediately. Simply run (as root) the program in the ntpd-subdirectory using the following options: 
  >> cd ntpd
  >> ./ntpd -d -l/var/log/ntp.log
You should get something like this:

Messages
  create_sockets(123)
  interface  OK
  interface  OK
  bind() fd 3, family 2, port 123, addr 0.0.0.0, flags=1
  bind() fd 6, family 2, port 123, addr 127.0.0.1, flags=0
  bind() fd 7, family 2, port 123, addr 192.168.1.11, flags=1
  bind() fd 8, family 2, port 123, addr 172.16.186.1, flags=1
  init_io: maxactivefd 8
  resolving ntp0.fau.de
  report_event: system event 'event_restart' (0x01) status 'sync_alarm,
       sync_unspec, 1 event, event_unspec' (0xc010)
  auth_agekeys: at 1 keys 1 expired 0
  peer_clear: at 2 assoc ID 0
  newpeer: 192.168.1.11->194.178.31.21 mode 3 vers 4 poll 6 10
         flags 1 1 ttl 0 key 00000000


The logfile (/var/log/ntp.log) should show something like: 

  ntpd[1733]: logging to file /var/log/ntp.log
  ntpd[1733]: ntpd 4.0.99k23 Sam Apr 14 22:06:04 CEST 2001 (1)
  ntpd[1733]: signal_no_reset: signal 13 had flags 4000000
  ntpd[1733]: precision = 35 usec
  ntpd[1733]: kernel time discipline status 0040
  ntpd[1733]: frequency initialized -26.854 from /etc/ntp.drift
After waiting a bit ntpd sets the systems time to the precise value. This happens in small steps to avoid problems caused by missing of seconds or seconds being double<.
If the difference between precise time and system clock is greater than 1000 seconds ntpd assumes a greater problem than a bad hardware clock and quits itself without setting the time. To force ntpd to set the time even when the difference is that huge you can start it using the -g option.

To set the clock automatically on booting you simply have to add the following line to your /sbin/init.d/boot.local file (of course you have to change the path to fit your system): 

  /usr/local/ntp-4.0.99k23/ntpd/ntpd -g -l/var/log/ntp.log
or program an init-script. Using SuSE 7.0 it could look like that:

/sbini/init.d/ntpd
  
  . /etc/rc.status
  . /etc/rc.config
  
  base=${0##*/}
  link=${base#*[SK][0-9][0-9]}
  
  test $link = $base && START_FOO=yes
  test "$START_FOO" = yes || exit 0
  
  rc_reset
  case "$1" in
      start)
  	echo -n "Starting service nptd"
  
  	startproc /pfad/zu/ntp-4.0.99k23/ntpd/ntpd -g -l/var/log/ntp.log
  
  	# Remember status and be verbose
  	rc_status -v
  	;;
      stop)
  	echo -n "Shutting down service foo"
  	## Stop daemon with killproc(8) and if this fails
  	## set echo the echo return value.
  
  	killproc -TERM /pfad/zu/ntp-4.0.99k23/ntpd/ntpd
  
  	# Remember status and be verbose
  	rc_status -v
  	;;
      restart)
  	## If first returns OK call the second, if first or
  	## second command fails, set echo return value.
  	$0 stop  &&  $0 start
  
  	# Remember status and be quiet
  	rc_status
  	;;
      *)
  	echo "Usage: $0 {start|stop|restart}"
  	exit 1
  	;;
  esac
  rc_exit


NTP in networks

In bigger networks it makes no sense to receive the precise time from an official Stratus-2-Server for every workstation itself. The server could easily become overloaded. It is suggested to choose a server in the local network and use it as (then called Stratus-3-) time server.
Every computer running ntpd can be used as time server by others.

Time-Network

In rather big networks it could be helpful to set up more than one time server getting their time from different Stratus-2- (or even Stratus-1-) servers to improve reliability.

Should for example in your local network the computer owning the IP 192.168.0.1 be used as time server the client's /etc/ntpd.conf has to contain only this computer as server:

/etc/ntpd.conf
  server 192.168.0.1
  driftfile /etc/ntp.drift


So the official Stratus-2-Server gets relieved while every client still gets an accurate time.



Talkback Area




Enter Own Comment