ntpd Daemon for NTPv4
Purpose
Implementation of Network Time Protocol (NTP) for NTP version 4 (NTPv4).
Syntax
ntpd4 [ -46aAbdDgLmnNqx ] [ -c conffile ] [ -f driftfile ] [ -i jaildir ] [ -I InterfaceOrAddress ] [ -k keyfile ] [ -l logfile ]
[ -p pidfile ] [ -P priority ] [ -r broadcastdelay ] [ -s statsdir ] [ -t key ] [ -u user[:group] ] [ -U interface_update_interval ] [ -v variable ] [ -V variable ]Description
- NTP version 3 (NTPv3) as defined by the RFC-1305 document.
- NTP version 2 (NTPv2) as defined by the RFC-1119 document.
- NTP version 1 (NTPv1) as defined by the RFC-1059 document.
The ntpd program requires a configuration file that contains configuration commands. However, a client can discover remote servers and configure them automatically. The automatic server discovery by the client makes it possible to deploy a fleet of workstations without specifying configuration details specific to the local environment. For more information about automatic server discovery by the client, see the Automatic Server Discovery page.
The ntpd program operates continuously while it adjusts the system time and frequency. However, sometimes, the continuous operation of the ntpd program is impractical. The ntpd program with the -q flag operates continuously but exits just after it sets the system clock for the first time. Most applications specify the iburst option with the server configuration command. The iburst option exchanges a lot of messages with the remote NTP time servers to groom the data, within the set time of 10 seconds. The ntpd daemon times out and exits without setting the clock if no response is received after a couple of minutes.
Flags
| Item | Description |
|---|---|
| -4 | Forces DNS resolution of hostnames to the IP version 4 (IPv4) namespace. |
| -6 | Forces DNS resolution of hostnames to the IP version 6 (IPv6) namespace. |
| -a | Specifies that the ntpd program requires cryptographic authentication for
broadcast client, multicast client, and symmetric passive associations. The -a
option is the same as the enable auth command. The -a option
is the default option. |
| -A | Specifies that the ntpd program does not require cryptographic
authentication for broadcast client, multicast client, and symmetric passive associations. The
-A option is the same as the disable auth command. |
| -b | Enables the client to synchronize to broadcast servers. |
| -c conffile | Specifies the name and path of the configuration file. The default path of the configuration file is /etc/ntp.conf. |
| -d | Disables the ntpd program to switch into daemon mode. If the
-d option is used, the ntpd program stays attached to the
starting terminal that gets all the debugging printouts. This option can occur more than once and
each occurrence indicates greater detail of display. |
| -D level | Specifies the debugging level directly, where level specifies the number of times the -d option is used. |
| -f driftfile | Specifies the name and path of the frequency file. The default path of the
frequency file is /etc/ntp.drift. This option performs the same operation as
the driftfile driftfile configuration command. |
| -g | The ntpd program exits with a message to the system log if the offset time exceeds the panic threshold, which is 1000 seconds by default. The -g option allows the offset time to be set to any value without any restriction. However, the offset time can be set to any value only once. If the offset time exceeds the panic threshold a second time, ntpd program exits with a message to the system log. This option can be used with the -q and -x options. For more information about the other options, see the tinker configuration command. |
| -i jaildir | Directs the root directory of the server to the directory specified by the jaildir variable. This option also implies that the server attempts to drop root privileges at startup. The -i option is only available if the operating system supports to run the server without full root privileges. You might need to specify the -u option with the -i option. |
| -I [address | interface name] | Opens the network address that is specified, or all the addresses associated
with the specified interface name. This option might appear multiple times. The
-I option also implies to not open other addresses, except wildcard and local
host. You can also use the interface configuration command to open
network addresses. Note: The -I option is deprecated.
|
| -k keyfile | Specifies the name and path of the symmetric key file. The default path of the symmetric key
file is /etc/ntp.keys. This option performs the same operation as the
keys keyfile configuration command. |
| -l logfile | Specifies the name and path of the log file. The default is the system log file. This option performs the same operation as the logfile configuration command. |
| -m | Registers with Multicast Domain Name System (mDNS) as an available server once the system clock is synchronized. |
| -L | Does not listen to virtual interfaces. The virtual interface names contain a
colon. You can also use the interface configuration command. Note: The
-L option is deprecated.
|
| -M | Raises the scheduler precision to its maximum (1 ms) by using
the timeBeginPeriod option. The -M option is available on Windows operating system only. |
| -n | Does not run the fork subroutine. |
| -N | Runs the ntpd command at the highest priority level that is permitted by the operating system. |
| -p pidfile | Specifies the name and path of the file that is used to record the ntpd
process ID. This option performs the same operation as the pidfile pidfile
configuration command. |
| -P priority | Runs the ntpd at the specified priority that is permitted by the operating system. |
| -q | Exits the ntpd program just after the first time the clock
is set. This behavior mimics that of the ntpdate program. The
-g and -x options can be used with this option. Note: The
kernel time discipline is disabled with this option.
|
| -r broadcastdelay | Specifies the default propagation delay from the broadcast or multicast server to the client. This option is necessary only if the delay cannot be computed automatically by the protocol. |
| -s statsdir | Specifies the directory path for files that are created by the statistics facility. This option performs the same operation as the statsdir configuration command. |
| -t key | Adds a key number to the trusted key list. This option can occur more than once. This option
performs the same operation as the trustedkey key configuration
command. |
| -u user[:group] | Specifies a user or a group to switch to. This option is only available if the
operating system supports to run the server without complete root privileges. Currently, this option
is supported under NetBSD and Linux® operating systems. For
NetBSD operating system, configure with --enable-clockctl command and for Linux operating system, configure with
--enable-linuxcaps command. |
| -U interface_update_interval | Specifies the number of seconds to wait between the interface list scans to pick up a new and deleted network interface. Set to 0 to disable dynamic interface list update. The default action is to scan after every 5 minutes. |
| -v
variable or -V variable |
Adds a system variable that is listed by default. |
| -x | The time slews if the offset is less than the step threshold and steps up if
the offset is more than the step threshold. By default, the step threshold is 128 milliseconds. The
-x option sets the step threshold to 600 seconds, which is well within the
accuracy window to set the clock manually. Notes:
|
The configuration file
The ntpd program reads the ntp.conf configuration file at startup to determine the synchronization sources and operating modes. It is possible to specify a working configuration entirely on the command line that eliminates the need for a configuration file. However, the configurations that can be specified on the command line are limited. The command-line configuration is useful when a local host is to be configured as a broadcast client, with servers identified by listening to broadcasts at run time.
By default, the configuration file is installed in the /etc/ntp.conf path,
where ntp.conf is the name of the configuration file. However, the
configuration file can be installed in any other directory. You can specify the path of the
configuration file by using the -c conffile command. The
configuration file format is similar to other Unix configuration files. Any comment begins with a
number sign (#) and extends to the end of the line. Blank lines in the
configuration file are ignored.
The configuration commands in the configuration file consist of an initial command keyword
followed by a list of options that are separated by whitespace. The commands cannot be continued
over multiple lines. The options can be host names, host addresses that are written in numeric,
dotted-quad form, integers, floating point numbers if time is specified in seconds, and text
strings. The optional arguments are delimited by brackets ([ ]) in the options
page, while alternatives are separated by a vertical bar (|). The [ …
] notation means an optional, indefinite repetition of the last item before the [ …
] notation.
Exit Status
- 0
- Successful completion.
- > 0
- An error occurred.
Security
- Access Control
- You must have root authority to run this command.
- Auditing Events
- N/A
Examples
/usr/sbin/ntp_ssw -v4- To start the xntpd daemon, enter the following command:
startsrc -s xntpd - To stop the xntpd daemon, enter the following command:
stopsrc -s xntpd
Files
| Item | Description |
|---|---|
| /usr/sbin/ntp4/ntpd4 | Contains the ntpd daemon for NTP version 4. Default Symbolic link to NTP version 3 binary from /usr/sbin directory. /usr/sbin/xntpd--> /usr/sbin/ntp3/xntpd |
| /etc/ntp.conf | Contains the default configuration file. |
| /etc/ntp.drift | Contains the default drift file. |