admntp(1M) TCP/IP 5.4R3.00 admntp(1M)
NAME
admntp - manage the Network Time Protocol (NTP) server
SYNOPSIS
admntp -o add | modify -t server | peer -a address [ -V 1 | 2 | 3 ] [
-c comment ]
admntp -o add | modify -t restrict -a address [ -m mask ]
[restrictions ... ]
admntp -o delete server | peer | restrict ip_address
admntp -o set [ -B yes | no ] [ -C control_key ] [ -D drift_file ] [
-K keys_file ] [ -L loop_statistics_file ] [ -M yes | no ]
[ -P precision ] [ -R request_key ] [ -S statistics_file ]
[ -X broadcast_delay ]
admntp -o list [ -qv ] [servers | restrictions | parameters]
admntp -o get
admntp -o start
admntp -o stop
DESCRIPTION
Admntp manages the NTP server (daemon) configuration file. NTP is a
protocol that can be used to synchronize the time among multiple
computers. NTP configurations are usually laid out in a hierarchy.
Time services can be provided by machines that are connected to
various forms of crystal and atomic clocks or provided on a self-
contained network using a small number of servers as the reference
clocks. The protocol provides a mechanism to synchronize time in
principle to precisions in the order of nanoseconds while preserving
a non-ambiguous date well into the next century.
Operations
Arguments to the -o switch:
add Adds a server, peer, or restriction to the /etc/ntp.conf
file.
modify Modifies a server, peer, or restriction in the
/etc/ntp.conf file.
delete Deletes a line from the /etc/ntp.conf file.
set Sets the specified parameters in the /etc/ntp.conf file.
list Lists the contents of the specified section of the
/etc/ntp.conf file. The default listing is for parameters.
get Creates a list of parameters that are defined in the
Licensed material--property of copyright holder(s) 1
admntp(1M) TCP/IP 5.4R3.00 admntp(1M)
/etc/ntp.conf file.
start Starts running xntpd and adds xntpd to the list of daemons
that will start automatically when tcpip is started.
stop Stops the currently running xntpd and removes it from the
list of daemons that start automatically when tcpip is
started.
Options
-t type determines the section of the configuration file the
operation should be performed on. Possible values are:
server, peer, or restrict.
-a address
specifies an IP address that should be used in processing
the operation.
-V determines the version of the outgoing NTP packets. By
default the value is 3. Older servers on the Internet
require a value of 2 or even 1 in order to work.
-c comment
is a comment. Multiple word comments must be double
quoted.
-m mask is and'ed against the incoming packet's IP address. The
result is then looked up in the restrictions section of the
configuration file to determine what restrictions are in
force.
-B yes | no
indicates whether the local server should listen for, and
attempt to synchronize to, broadcast NTP messages. The
default is no.
-C control_key
specifies the encryption key number to be used for
authenticating mode 6 control messages. Omitting this
statement causes control messages, which change the state
of the server, to be ignored.
-D drift_file
records the "drift" (frequency error) value that xntpd has
computed. At startup, the file is read and the value used
to initialize xntpd's internal value of the frequency
error.
-K keys_file
contains the encryption keys used by xntpd. xntpd uses
this file only for control key and request key encryption.
-L loop_statistics_file
keeps information about different loops within xntpd. This
Licensed material--property of copyright holder(s) 2
admntp(1M) TCP/IP 5.4R3.00 admntp(1M)
should be used only for debugging purposes.
-M yes | no
indicates whether the xntpd traffic monitoring function
should be enabled. When enabled, the origin address of
each packet the server receives is recorded along with a
limited amount of additional information. This traffic can
be inspected by using the xntpdc(1M) monlist command.
-P precision
of the local timekeeping. This integer is approximately
the base 2 logarithm of the local timekeeping precision in
seconds. The default is -6.
-R request_key
is the key used for authentication of runtime
reconfiguration of xntpd. This reconfiguration can be
accomplished by using the xntpdc(1M) command.
-S statistics_file
is the file where xntpd(1M) keeps miscellaneous statistics
about itself. This should be used only for debugging
purposes.
-X broadcast_delay
specifies the default round trip delay to the host whose
broadcasts are being synchronized to. The value is in
seconds and for Ethernet is typically between 0.007 and
0.015. The default is 0.008 seconds.
-q produces unformatted output.
-v produces formatted output.
RESTRICTIONS
Used when -t restrict is specified.
ignore Ignore all packets from hosts that match this entry.
Neither queries nor time server polls will be responded to.
noquery Ignore all NTP mode 6 and 7 packets (i.e., information
queries and configuration requests) from the source. Time
service is not affected.
nomodify Ignore all NTP mode 6 and 7 packets which attempt to modify
the state of the server (i.e., runtime configuration).
Queries that return information are permitted.
notrap Decline to provide mode 6 control message trap service to
matching hosts. The trap service is a subsystem of the
mode 6 control message protocol, which is intended for use
by remote event logging programs.
Licensed material--property of copyright holder(s) 3
admntp(1M) TCP/IP 5.4R3.00 admntp(1M)
lowpriotrap
Declare traps set by matching hosts to be low priority.
The number of traps a server can maintain is limited to 3.
Traps are usually assigned on a first-come, first-serve
basis, with later trap requestors being denied service.
This flag allows later requests for normal priority traps
to override low-priority traps.
noserv Ignore NTP packets whose mode is other than 6 or 7. In
effect, time service is denied, though queries may still be
permitted.
nopeer Provide stateless time service to polling hosts, but do not
allocate peer memory resources to these hosts even if they
otherwise might be considered useful as future
synchronization partners.
notrust Never use these hosts as synchronization sources, but treat
them normally in other respects.
ntpport Match the restriction entry only if the source port in the
packet is the standard NTP UDP port (123). Both "ntpport"
and non-"ntpport" may be specified. The "ntpport" is
considered more specific and is sorted later in the list.
If no restrictions are specified, then the hosts that match the
address and mask are unrestricted. Internally, the restrictions are
sorted in ascending address order. The last restriction that matches
the incoming address is the restriction that is placed on the host.
For example, if the following lines were in the /etc/ntp.conf file:
restrict 130.30.8.0 mask 255.255.255.0 noquery
restrict 130.30.8.3 mask 255.255.255.255
hosts on the network 130.30.8 would not be able to query the xntpd
process except for 130.30.8.3, which has no restrictions.
EXAMPLES
In the following examples, the system administrator performs the
following actions: adds a server; adds a peer; adds a restriction;
sets up a request key; and sets up a drift file.
admntp -o add -t server -a 130.30.8.2 -V 2 -c "tuna.acme.com 2/09/93"
admntp -o add -t peer -a 130.30.8.3 -V 3 -c "fish.acme.com 2/09/93"
admntp -o add -t restrict -a 130.30.8.0 -m 255.255.255.000 nomodify
admntp -o set -D /etc/ntp.drift -R 3
FILES
/etc/ntp.conf
File that contains the Network Time Protocol configuration
information.
Licensed material--property of copyright holder(s) 4
admntp(1M) TCP/IP 5.4R3.00 admntp(1M)
DIAGNOSTICS
Warnings
- The delete operation is requested, and pattern does not exist at
the beginning of the line.
Errors
- The add operation is requested, and address already exists.
Exit Codes
0 The operation was successful.
1 The operation was unsuccessful.
2 The operation failed due to access restrictions.
3 There was an error in the command line.
SEE ALSO
xntpd(1M)
xntpdc(1M)
RFC-1305
Licensed material--property of copyright holder(s) 5