OpenBSD Journal

new ntpd in base

Contributed by grey on from the dusting for daemons dept.

As announced here the NTP daemon which we mentioned was being worked on here is now in the base install of OpenBSD.

Here is the complete announcement as posted to misc@:

OpenBSD now includes an NTP daemon in the base install.
It is written from scratch by alexander@ and myself.
Of course it is privilege seperated, chroot()ed etc ;)

It is very easy to use; basically all you need to do is to add
ntpd_flags=""
to your /etc/rc.conf.local (or change that line in rc.conf for those 
who need to feel the pain). The default cofiguration file is completely 
usable, it randomly picks 8 public stratum 2 ntp servers to synchronize 
to.

Unlike xntpd, ntpd is just what we call an network input engine. It does 
not do much timekeeping on its own, instead, it feeds the in-kernel 
timekeeping using adjtime(2), and can redistribute that time.

With the work done today ntpd(8) is now fully usable. Please use it and 
report back.

Thanks

Henning

(Comments are closed)


  1. By Anonymous Coward () on

    If I recall correctly, it also does sntp? ntp over ssl? or something like that. Please clue me in. Thx!

    1. By Fábio Olivé Leite () on

      From some of the commit messages I've seen, yes it does support SNTP (RFC2030). But SNTP is the Simple Network Time Protocol, and not NTP over SSL.

      1. By Anonymous Coward () on

        Ohhhhh, ok, thank you!

  2. By Anonymous Coward () on

    OpenBSD-current from today (CVS: July 9th 2004): -bash-2.05b# /usr/sbin/ntpd /etc/ntpd.conf: No such file or directory ntpd in free(): error: junk pointer, too high to make sense Abort trap (core dumped)

    1. By Sam () on

      Update again and see if it still happens. You (or your cvs mirror) may have got a cvs checkout at a bad time between two consecutive commits.

      1. By Anonymous Coward () on

        I tired twice with 1 day interval, on the main cvs server. same results both times, so I'll use ntpdate+cron after all

        1. By danimal () on

          maybe you need the -f flag for the config file as the usage instructs (or, just leave the file off all together since ntpd finds /etc/ntpd.conf just fine by default). You could also try running with the -d flag so that it won't daemonize and logs to stderr. I'm not sure why you're getting that error but the ntpd in snapshots and cvs works just fine.

    2. By Peter Hessler () spambox@theapt.org on http://theapt.org/openbsd/

      Depending on how long ago it was that you installed your system, you may not have installed the config file. `cp src/etc/ntpd.conf /etc`. That'll get you basic functionality. NTPD won't start is there isn't a config file.

  3. By Richard Bejtlich () on http://www.taosecurity.com

    Is it possible to bind this ntpd to a specified interface? This has been a feature request several years in the making at ntp.org.

    Thank you,

    Richard

    1. By danimal () on

      of course. see the "listen on" directive in the ntpd.conf(5) file. by default there is no listening and the example has a '*' which means to listen on all local addresses, but you can have multiple 'listen on' directives for each address you want it to sit on.

  4. By gwyllion () on

    Darren Tucker has created a portable version of this ntp implementation: openntpd. It is available at www.zip.com.au/~dtucker/openntpd

    1. By Anonymous Coward () on

      I think these files files are also available at http://www.openntpd.org/

      1. By Wim () on

        Wow, you guys really beat me to the punch here, of course somebody had to go out and claim the domain ;-)
        Wel, I'm fed up with the old ntpd on my 3.5 systems, I'm wondering how much trouble it is to upgrade those systems to the new ntpd, has anybody tried so far?
        This is why I hate the old ntpd: sometimes it screws up and puts NaN in /var/db/ntpd.drif. As a result, the whole time on the machine swings forward or backward in time, screwing over lots of things, like pf state rules that decide to quit ("Hey,I'm older than 12 days, zap. Bye bye NAT state!") and named that just aborts:
        Jul 14 15:31:10 ampharos named[4301]: client 10.32.4.9#10349: query: axis.internal.xxxxxxxx.com IN A 
        Jun 26 11:17:02 ampharos named[4301]: /usr/src/usr.sbin/bind/lib/isc/unix/time.c:239: INSIST(t1->nanoseconds < 1000000000 && t2->nanoseconds < 1000000000) failed 
        Jun 26 11:17:02 ampharos named[4301]: exiting (due to assertion failure)
        Jul 14 15:33:50 ampharos sm-mta[31574]: i6EDXiaW031574: from=, size=66137, class=-30, nrcpts=1, msgid=<2004071 41331.i6EDVruT020933@cauchy.math.missouri.edu>, proto=ESMTP, daemon=MTA, relay=mx2.freebsd.org [216.136.204.119]
        

    2. By djm@ () on

      Darren is a masochist

  5. By Aasmund () on

    does the install script configure it? if not, maybe I could do it?

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]