vim /etc/ntp.conf
logfile /var/log/ntp.log
修改rpm
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
|
tail -f /var/log/ntp.log
1
|
|
vim /etc/ntp.conf
logfile /var/log/ntp.log
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
|
1
|
|
https://www.jianshu.com/p/25ab49103e4d
https://www.cnblogs.com/tdyizhen1314/p/17085917.html
https://www.cnblogs.com/21summer/p/14819406.html
vim /etc/ntp.conf
logfile /var/log/ntp.log
作用: 对ntp做权限控制
1 2 3 4 5 6 7 8 |
|
【如果没有用任何参数,那么表示不做任何限制】
例子:
1
|
|
允许10.220.5.0/24 网段主机进行时间同步
作用: 指定ntp服务器的地址
格式:
1 2 3 4 5 6 7 8 9 10 |
|
server 127.127.1.0 # 将当前主机作为时间服务器
作用: 设置时间服务器的层级
格式:
1
|
|
例子:
1
|
|
注意: fudge必须和server一块用, 而且是在server的下一行
stratum 0~15
0: 表示顶级
10: 通常用于给局域网主机提供时间服务
1 2 3 4 5 6 7 |
|
ntp服务默认当本地时间与上级ntp时间差超过1000s,那么ntp进程就会退出并在系统日志文件中记录。若不希望出现ntp进程退出的情况,可使用参数选项,如下:
tinker panic 600 时间差超过600,ntp进程会退出。
tinker panic 0 ntp忽略阈值参数检测,不会因为超过阈值而自动将服务down掉,这可以保证ntpd在时间差较大时依然工作。
使用statsdir和filegen开启统计分析。
设定方式:
1 2 3 4 5 6 |
|
当打开统计分析时,ntp会在/var/log/ntpstats/目录下产生filegen中所设定的统计文件。
https://docs.ntpsec.org/latest/ntp_conf.html
ntpd(8) includes a comprehensive monitoring facility suitable
for continuous, long term recording of server and client timekeeping
performance. See the statistics
command below for a listing and example of
each type of statistics currently supported. Statistic files are managed
using file generation sets and scripts in the ./scripts directory of this
distribution. Using these facilities and UNIX cron(8) jobs, the data
can be automatically summarized and archived for retrospective
analysis.
statistics
name…Enables writing of statistics records. Currently, ten kinds of name statistics are supported.
clockstats
Enables recording of clock driver statistics information. Each update received from a clock driver appends a line of the following form to the file generation set named clockstats:
49213 525.624 SPECTRACOM(1) 93 226 00:08:29.606 |
Item | Units | Description |
---|---|---|
49213 |
MJD |
modified Julian day number |
525.624 |
s |
time of day (s) past midnight UTC |
SPECTRACOM(1) |
receiver identifier (Spectracom unit 1) |
|
93 226 00:08:29.606 |
timecode (format varies by refclock) |
The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next normally shows clock type and unit (but if you are running in strict Classic compatibility mode it will show the magic clock address in dotted-quad notation). The final field is the last timecode received from the clock in decoded ASCII format, where meaningful. For some clock drivers, a good deal of additional information can be gathered and displayed as well. See information specific to each clock for further details.
loopstats
Enables recording of loop filter statistics information. Each update of the local clock outputs a line of the following form to the file generation set named loopstats:
50935 75440.031 0.000006019 13.778190 0.000351733 0.0133806 |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
s |
clock offset |
|
PPM |
drift (frequency offset) |
|
s |
RMS jitter |
|
PPM |
RMS frequency jitter (aka wander) |
|
log2 s |
clock discipline loop time constant |
The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next five fields show time offset (seconds), frequency offset (parts per million - PPM), RMS jitter (seconds), Allan deviation (PPM) and clock discipline time constant.
ntsstats
Enables recording of NTS statistics counters on a periodic basis. Each hour a line of the following form is appended to the file generation set named ntsstats:
60209 77147.187 3600 1320 1239 0 2895 2895 11 4104 0 2897 2885 10 0 0 2 0 |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
s |
time since reset |
|
packets |
client requests sent |
|
packets |
client responses received good |
|
packets |
client responses received bad |
|
packets |
server responses sent |
|
packets |
server requests received good |
|
packets |
server requests received bad |
|
packets |
cookies made |
|
packets |
cookie decodes not server |
|
packets |
cookie decodes total |
|
packets |
cookie decodes current |
|
packets |
cookie decodes 1-2 days |
|
packets |
cookie decodes 2-3 days |
|
packets |
cookie decodes 3-10 days |
|
packets |
cookie decodes too old |
|
packets |
cookie decodes error |
These counters are also available via ntpq's nts command.
ntskestats
Enables recording of NTS-KE statistics counters on a periodic basis. Each hour a line of the following form is appended to the file generation set named ntskestats:
60209 77147.187 3600 10 2.914 0.026 2 3.218 0.004 0 0.000 0.000 0 0 |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
s |
time since reset |
|
requests |
server requests good |
|
seconds |
server good wall clock time |
|
seconds |
server good CPU time |
|
requests |
server requests no-TLS |
|
seconds |
server no-TLS wall clock time |
|
seconds |
server no-TLS CPU time |
|
requests |
server requests bad |
|
seconds |
server bad wall clock time |
|
seconds |
server bad CPU time |
|
requests |
client requests good |
|
requests |
client requests bad |
These counters are also available via ntpq's nts command.
There are two types of failures for NTS-KE server processing. The no-TLS slots are for the path when the TLS connection doesn’t get setup. The bad slots are for the path when the TLS connection does get setup but there is an error during the NTS-KE exchange.
Both are typically caused by bad guys probing for servers to abuse. A no-TLS event would be caused by a bad guy using unencrypted SMTP while a bad event would be caused by SMTP over TLS.
protostats
Record significant peer and system events. Each significant
event appends one line to the protostats
file set:
49213 525.624 128.4.1.1 963a 8a message |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
IP |
source address ( |
|
code |
status word |
|
code |
event message code |
message |
text |
event message |
The event message code and message field are described on the "Event Messages and Status Words" page.
peerstats
Enables recording of peer statistics information. This includes statistics records of all peers of an NTP server and of special signals, where present and configured. Each valid update appends a line of the following form to the current element of a file generation set named peerstats:
48773 10847.650 SPECTRACOM(4) 9714 -0.001605376 0.000000000 0.001424877 0.000958674 |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
clock name (unit) or source address |
|
|
hex |
status word |
|
s |
clock offset |
|
s |
roundtrip delay |
|
s |
dispersion |
|
s |
RMS jitter |
The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The third field shows the reference clock type and unit number (but if you are running in the peer address in dotted-quad notation instead) The fourth field is a status word, encoded in hex in the format described in Appendix A of the NTP specification RFC 1305. The final four fields show the offset, delay, dispersion and RMS jitter, all in seconds.
rawstats
Enables recording of raw-timestamp statistics information. This includes statistics records of all peers of an NTP server and of special signals, where present and configured. Each NTP message received from a peer or clock driver appends a line of the following form to the file generation set named rawstats:
59786 36302.768 2610:20:6f15:15::27 2604:a880:1:20::17:5001 3867818701.119346355 3867818701.152009264 3867818701.152010426 3867818702.768490825 0 3 4 1 13 -29 0.000244 0.000488 .NIST. 0 1 2000 |
Item |
Units |
Description |
59786 |
MJD |
date |
36302.768 |
s |
time past midnight |
2610:20:6f15:15::27 |
IP |
source address |
2604:a880:1:20::17:5001 |
IP |
destination address |
3867818701.119346355 |
NTP s |
origin timestamp |
3867818701.152009264 |
NTP s |
receive timestamp |
3867818701.152010426 |
NTP s |
transmit timestamp |
3867818702.768490825 |
NTP s |
destination timestamp |
0 |
0: OK, 1: insert pending, 2: delete pending, 3: not synced |
leap warning indicator |
3 |
4 was current in 2012 |
NTP version |
4 |
3: client, 4: server, 6: ntpq |
mode |
1 |
1-15, 16: not synced |
stratum |
13 |
log2 seconds |
poll |
-29 |
log2 seconds |
precision |
0.000244 |
seconds |
total roundtrip delay from the remote server to the primary reference clock |
0.000488 |
seconds |
total dispersion from the remote server to the primary reference clock |
.NIST. |
IP or text |
refid, association ID |
0 |
integer |
lost packets since last response |
1 |
integer |
dropped packets since last request |
2000 |
hex integer |
0 if packet accecpted, BOGON flag if packet is discarded |
The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The next two fields show the remote IP Address followed by the local address. The next four fields show the originate, receive, transmit and final NTP timestamps in order. The timestamp values are as received and before processing by the various data smoothing and mitigation algorithms.
A packet that is accecpted is logged. At most the first dropped packet per request is logged. That avoids DDoSing the log file.
The BOGON flags are decoded here.
sysstats
Enables recording of ntpd statistics counters on a periodic basis. Each hour a line of the following form is appended to the file generation set named sysstats:
59935 82782.547 3600 36082754 31287166 26510580 4779042 113 19698 1997 428 4773352 0 366120 |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
s |
time since reset |
|
# |
packets received |
|
# |
packets processed |
|
# |
current version |
|
# |
old version(s) |
|
# |
access denied |
|
# |
bad length or format |
|
# |
bad authentication |
|
# |
declined |
|
# |
rate exceeded |
|
# |
kiss-o'-death packets sent |
|
# |
NTPv1 packets received |
The first two fields show the date (Modified Julian Day) and time (seconds and fraction past UTC midnight). The remaining ten fields show the statistics counter values accumulated since the last generated line.
usestats
Enables recording of ntpd resource usage statistics. Each hour a line of the following form is appended to the file generation set named usestats:
57570 83399.541 3600 0.902 1.451 164 0 0 0 2328 64226 1 0 4308 |
Item | Units | Description |
---|---|---|
|
MJD |
date |
|
s |
time past midnight |
|
s |
time since reset |
|
s |
ru_utime: CPU seconds - user mode |
|
s |
ru_stime: CPU seconds - system |
|
# |
ru_minflt: page faults - reclaim/soft (no I/O) |
|
# |
ru_majflt: page faults - I/O |
|
# |
ru_nswap: process swapped out |
|
# |
ru_inblock: file blocks in |
|
# |
ru_oublock: file blocks out |
|
# |
ru_nvcsw: context switches, wait |
|
# |
ru_nivcsw: context switches, preempts |
|
# |
ru_nsignals: signals |
|
# |
ru_maxrss: resident set size, kilobytes |
The first two fields show the date (Modified Julian Day) and time
(seconds and fraction past UTC midnight). The ru_ tags are the
names from the rusage struct. See man getrusage
for details.
(The NetBSD and FreeBSD man pages have more details.)
The maxrss column is the high water mark since the process was started.
The remaining fields show the values used since the last report.
statsdir
directory_pathIndicates the full path of a directory where statistics files should be created (see below). This keyword allows the (otherwise constant) filegen filename prefix to be modified for file generation sets, which is useful for handling statistics logs.
filegen
name [file
filename] [type
typename] [link
| nolink
] [enable
| disable
]Configures setting of the generation file set name. Generation file sets provide a means for handling files that are continuously growing during the lifetime of a server. Server statistics are a typical example for such files. Generation file sets provide access to a set of files used to store the actual data. At any time at most one element of the set is being written to. The type given specifies when and how data will be directed to a new element of the set. This way, information stored in elements of a file set that are currently unused are available for administrative operations without the risk of disturbing the operation of ntpd. (Most important: they can be removed to free space for new data produced.)
Note that this command can be sent from the ntpq(1) program running at a remote location.
name
This is the type of the statistics records, as shown in the statistics command.
file
filenameThis is the file name for the statistics records. Filenames of set members are built from three concatenated elements prefix, filename and suffix:
Attribute | Description |
---|---|
prefix |
This is a constant filename path. It is not subject to modifications via the filegen option. It is defined by the server, usually specified as a compile-time constant. It may, however, be configurable for individual file generation sets via other commands. For example, the prefix used with loopstats and peerstats generation can be configured using the statsdir option explained above. |
filename |
This string is directly concatenated to the prefix mentioned
above (no intervening ‘/’). This can be modified using the file
argument to the filegen statement. No |
suffix |
This part is reflects individual elements of a file set. It is generated according to the type of a file set. |
type
typenameA file generation set is characterized by its type. The following types are supported: // The following are tables only because indent lists cannot be // nested more than 2 deep.
Attribute | Description |
---|---|
|
The file set is actually a single plain file. |
|
One element of file set is used per incarnation of a ntpd server. This type does not perform any changes to file set members during runtime, however it provides an easy way of separating files belonging to different ntpd(8) server incarnations. The set member filename is built by appending a ‘.’ to concatenated prefix and filename strings, and appending the decimal representation of the process ID of the ntpd(8) server process. |
|
One file generation set element is created per day. A day is defined as the period between 00:00 and 24:00 UTC. The file set member suffix consists of a ‘.’ and a day specification in the form YYYYMMdd. YYYY is a 4-digit year number (e.g., 1992). MM is a two digit month number. dd is a two digit day number. Thus, all information written at 10 December 1992 would end up in a file named prefix filename.19921210. |
|
Any file set member contains data related to a certain week of a year. The term week is defined by computing day-of-year modulo 7. Elements of such a file generation set are distinguished by appending the following suffix to the file set filename base: A dot, a 4-digit year number, the letter W, and a 2-digit week number. For example, information from January, 10th 1992 would end up in a file with suffix 1992W1. |
|
One generation file set element is generated per month. The file name suffix consists of a dot, a 4-digit year number, and a 2-digit month. |
|
One generation file element is generated per year. The filename suffix consists of a dot and a 4 digit year number. |
|
This type of file generation sets changes to a new element of the file set every 24 hours of server operation. The filename suffix consists of a dot, the letter a, and an 8-digit number. This number is taken to be the number of seconds the server is running at the start of the corresponding 24-hour period. |
link
| nolink
It is convenient to be able to access the current element of a
file generation set by a fixed name. This feature is enabled by
specifying link
and disabled using nolink
. If link is
specified, a hard link from the current file set element to a file
without suffix is created. When there is already a file with this
name and the number of links of this file is one, it is renamed
appending a dot, the letter C, and the pid of the ntpd server
process. When the number of links is greater than one, the file is
unlinked. This allows the current file to be accessed by a
constant name.
enable
| disable
Enables or disables the recording function.
Information is only written to a file generation by specifying
enable
; output is prevented by specifying disable
.
https://www.cnblogs.com/xifengyeluo/p/8143059.html
Unix时间戳(英文为Unix epoch, Unix time, POSIX time 或 Unix timestamp)
是从1970年1月1日(UTC/GMT的午夜)开始所经过的秒数,不考虑闰秒。
UNIX时间戳的0按照ISO 8601规范为 :1970-01-01T00:00:00Z.
一个小时表示为UNIX时间戳格式为:3600秒;一天表示为UNIX时间戳为86400秒,闰秒不计算。
在大多数的UNIX系统中UNIX时间戳存储为32位,这样会引发2038年问题或Y2038。
https://blog.csdn.net/luoluoyu2013/article/details/127750570
excel:
1 2 3 |
|
是从 1899-12-30 开始的天数 ???
1 2 3 4 5 |
|
1 2 |
|
儒略日(Julian day,JD)是指由公元前4713年1月1日,协调世界时中午12时开始所经过的天数,多为天文学家采用,用以作为天文学的单一历法,把不同历法的年表统一起来。
儒略日(Julian Date)的简化: 由于儒略日数字位数太多,国际天文学联合会于1973年采用简化儒略日(MJD),其定义为 MJD = JD - 2400000.5。MJD相应的起点是1858年11月17日世界时0时。 例如1979年10月1日零时儒略日数为2,444,147.5。天文年历附表载有各年每月零日世界时12时的儒略日数。
1 2 3 4 5 |
|
1 2 3 |
|