NTPDC(8) | System Manager's Manual (user) | NTPDC(8) |
ntpdc
—
ntpdc |
[-flags ] [-flag
[value]] [--option-name [[=|
]value]] [ host ...] |
ntpdc
is deprecated. Please use
ntpq(1ntpqmdoc) instead -
it can do everything ntpdc
used to do, and it does so
using a much more sane interface.
ntpdc
is a utility program used to query
ntpd(1ntpdmdoc) about
its current state and to request changes in that state. It uses NTP mode 7
control message formats described in the source code. The program may be run
either in interactive mode or controlled using command line arguments.
Extensive state and statistics information is available through the
ntpdc
interface. In addition, nearly all the
configuration options which can be specified at startup using ntpd's
configuration file may also be specified at run time using
ntpdc
.
-4
,
--ipv4
Force DNS resolution of following host names on the command line to the IPv4 namespace.
-6
,
--ipv6
Force DNS resolution of following host names on the command line to the IPv6 namespace.
-c
cmd,
--command
=cmdThe following argument is interpreted as an interactive format command and is added to the list of commands to be executed on the specified host(s).
-d
,
--debug-level
-D
number,
--set-debug-level
=number-i
,
--interactive
Force ntpq to operate in interactive mode. Prompts will be written to the standard output and commands read from the standard input.
-l
,
--listpeers
Print a list of the peers known to the server as well as a summary of their state. This is equivalent to the 'listpeers' interactive command.
-n
,
--numeric
Output all host addresses in dotted-quad numeric format rather than converting to the canonical host names.
-p
,
--peers
Print a list of the peers known to the server as well as a summary of their state. This is equivalent to the 'peers' interactive command.
-s
,
--showpeers
Print a list of the peers known to the server as well as a summary of their state. This is equivalent to the 'dmpeers' interactive command.
-?
,
--help
-!
,
--more-help
->
[cfgfile], --save-opts
[=cfgfile]-<
cfgfile,
--load-opts
=cfgfile,
--no-load-opts
--version
[{v|c|n}]NTPDC_<option-name> or NTPDCThe environmental presets take precedence (are processed later than) the configuration files. The homerc files are "$HOME", and ".". If any of these are directories, then the file .ntprc is searched for within those directories.
ntpdc
is executed, each of the requests will be sent
to the NTP servers running on each of the hosts given as command line
arguments, or on localhost by default. If no request options are given,
ntpdc
will attempt to read commands from the standard
input and execute these on the NTP server running on the first host given on
the command line, again defaulting to localhost when no other host is
specified. The ntpdc
utility will prompt for commands
if the standard input is a terminal device.
The ntpdc
utility uses NTP mode 7 packets
to communicate with the NTP server, and hence can be used to query any
compatible server on the network which permits it. Note that since NTP is a
UDP protocol this communication will be somewhat unreliable, especially over
large distances in terms of network topology. The
ntpdc
utility makes no attempt to retransmit
requests, and will time requests out if the remote host is not heard from
within a suitable timeout time.
The operation of ntpdc
are specific to the
particular implementation of the
ntpd(1ntpdmdoc) daemon
and can be expected to work only with this and maybe some previous versions
of the daemon. Requests from a remote ntpdc
utility
which affect the state of the local server must be authenticated, which
requires both the remote program and local server share a common key and key
identifier.
Note that in contexts where a host name is expected, a
-4
qualifier preceding the host name forces DNS
resolution to the IPv4 namespace, while a -6
qualifier forces DNS resolution to the IPv6 namespace. Specifying a command
line option other than -i
or
-n
will cause the specified query (queries) to be
sent to the indicated host(s) immediately. Otherwise,
ntpdc
will attempt to read interactive format
commands from the standard input.
>
’,
followed by a file name, to the command line.
A number of interactive format commands are executed entirely
within the ntpdc
utility itself and do not result in
NTP mode 7 requests being sent to a server. These are described
following.
?
command_keywordhelp
command_keyword?
’ will print a list of all the
command keywords known to this incarnation of
ntpdc
. A ‘?
’
followed by a command keyword will print function and usage information
about the command. This command is probably a better source of information
about ntpq(1ntpqmdoc)
than this manual page.delay
millisecondshost
hostnamehostnames
[yes
| no
]yes
is specified, host names are printed in
information displays. If no
is specified, numeric
addresses are printed instead. The default is yes
,
unless modified using the command line -n
switch.keyid
keyidquit
ntpdc
.passwd
timeout
millisecondsntpdc
retries each query once after a timeout, the total waiting time for a
timeout will be twice the timeout value set.listpeers
peers
The character in the left margin indicates the mode this peer
entry is operating in. A ‘+
’
denotes symmetric active, a ‘-
’
indicates symmetric passive, a ‘=
’
means the remote server is being polled in client mode, a
‘^
’ indicates that the server is
broadcasting to this address, a
‘~
’ denotes that the remote peer
is sending broadcasts and a ‘~
’
denotes that the remote peer is sending broadcasts and a
‘*
’ marks the peer the server is
currently synchronizing to.
The contents of the host field may be one of four forms. It
may be a host name, an IP address, a reference clock implementation name
with its parameter or
REFCLK
(implementation_number,
parameter). On hostnames
no
only IP-addresses will be displayed.
dmpeers
peers
command, except for the character in the
leftmost column. Characters only appear beside peers which were included
in the final stage of the clock selection algorithm. A
‘.
’ indicates that this peer was
cast off in the falseticker detection, while a
‘+
’ indicates that the peer made it
through. A ‘*
’ denotes the peer the
server is currently synchronizing with.showpeer
peer_address [...]pstats
peer_address [...]clockstat
clock_peer_address [...]kerninfo
loopinfo
[oneline
| multiline
]oneline
and multiline
options specify the format in which this information is to be printed,
with multiline
as the default.sysinfo
The ‘system flags’ show various system flags,
some of which can be set and cleared by the
enable
and disable
configuration commands, respectively. These are the
auth
, bclient
,
monitor
, pll
,
pps
and stats
flags. See
the ntpd(1ntpdmdoc)
documentation for the meaning of these flags. There are two additional
flags which are read only, the kernel_pll
and
kernel_pps
. These flags indicate the
synchronization status when the precision time kernel modifications are
in use. The ‘kernel_pll’ indicates that the local clock is
being disciplined by the kernel, while the ‘kernel_pps’
indicates the kernel discipline is provided by the PPS signal.
The ‘stability’ is the residual frequency error remaining after the system frequency correction is applied and is intended for maintenance and debugging. In most architectures, this value will initially decrease from as high as 500 ppm to a nominal value in the range .01 to 0.1 ppm. If it remains high for some time after starting the daemon, something may be wrong with the local clock, or the value of the kernel variable kern.clockrate.tick may be incorrect.
The ‘broadcastdelay’ shows the default broadcast
delay, as set by the broadcastdelay
configuration command.
The ‘authdelay’ shows the default authentication
delay, as set by the authdelay
configuration
command.
sysstats
memstats
iostats
timerstats
reslist
monlist
[version]clkbug
clock_peer_address [...]ntpdc
. This can be done
using the keyid
and passwd
commands, the latter of which will prompt at the terminal for a password to
use as the encryption key. You will also be prompted automatically for both
the key number and password the first time a command which would result in an
authenticated request to the server is given. Authentication not only provides
verification that the requester has permission to make such changes, but also
gives an extra degree of protection again transmission errors.
Authenticated requests always include a timestamp in the packet data, which is included in the computation of the authentication code. This timestamp is compared by the server to its receive time stamp. If they differ by more than a small amount the request is rejected. This is done for two reasons. First, it makes simple replay attacks on the server, by someone who might be able to overhear traffic on your LAN, much more difficult. Second, it makes it more difficult to request configuration changes to your server from topologically remote hosts. While the reconfiguration facility will work well with a server on the local host, and may work adequately between time-synchronized hosts on the same LAN, it will work very poorly for more distant hosts. As such, if reasonable passwords are chosen, care is taken in the distribution and protection of keys and appropriate source address restrictions are applied, the run time reconfiguration facility should provide an adequate level of security.
The following commands all make authenticated requests.
addpeer
peer_address [keyid]
[version] [prefer
]prefer
keyword
indicates a preferred peer (and thus will be used primarily for clock
synchronisation if possible). The preferred peer also determines the
validity of the PPS signal - if the preferred peer is suitable for
synchronisation so is the PPS signal.addserver
peer_address [keyid]
[version] [prefer
]broadcast
peer_address [keyid]
[version] [prefer
]unconfig
peer_address [...]fudge
peer_address [time1
]
[time2
] [stratum]
[refid]enable
[auth
| bclient
|
calibrate
| kernel
|
monitor
| ntp
|
pps
| stats
]disable
[auth
| bclient
|
calibrate
| kernel
|
monitor
| ntp
|
pps
| stats
]enable
and disable
configuration file commands of
ntpd(1ntpdmdoc).
auth
bclient
calibrate
kernel
monitor
monlist
command or further information. The
default for this flag is enable.ntp
pps
stats
restrict
address mask
flag [...]restrict
configuration file commands of
ntpd(1ntpdmdoc).unrestrict
address mask
flag [...]delrestrict
address mask
[ntpport
]readkeys
trustedkey
keyid [...]untrustedkey
keyid [...]trustedkey
and
untrustedkey
configuration file commands of
ntpd(1ntpdmdoc).authinfo
traps
addtrap
address [port]
[interface]clrtrap
address [port]
[interface]reset
David L. Mills, Network Time Protocol (Version 3), RFC1305.
ntpdc
utility is a crude hack. Much of the
information it shows is deadly boring and could only be loved by its
implementer. The program was designed so that new (and temporary) features
were easy to hack in, at great expense to the program's ease of use. Despite
this, the program is occasionally useful.
Please report bugs to http://bugs.ntp.org .
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
August 14 2018 | NetBSD 9.4 |