Ops335Assignment 1Oct 24 2001Andrew GreeneStu # 027-993-047

Time Keeping Methods

ContentsIntroduction.................................................................................................................................................4

Date.............................................................................................................................................................4

Pros..........................................................................................................................................................5

Cons.........................................................................................................................................................5

HWCLOCK....................................................................................................................................................5

Accuracy..................................................................................................................................................6

Pros..........................................................................................................................................................6

Cons.........................................................................................................................................................6

Daytime.......................................................................................................................................................6

Accuracy..................................................................................................................................................8

Pros..........................................................................................................................................................8

Cons.........................................................................................................................................................8

Rdate...........................................................................................................................................................8

Accuracy..................................................................................................................................................9

Pros..........................................................................................................................................................9

Cons.........................................................................................................................................................9

Ntpdate.......................................................................................................................................................9

The differences between stratum-1, stratum-2, stratum-3...................................................................10

Accuracy................................................................................................................................................10

Pros........................................................................................................................................................10

Cons.......................................................................................................................................................10

NTP Daemon..............................................................................................................................................10

Ntp server statistics...............................................................................................................................13

Accuracy................................................................................................................................................14

Pros........................................................................................................................................................14

Cons.......................................................................................................................................................14

VM01 as a stratum-3 server..................................................................................................................14

Chrony.......................................................................................................................................................14

Accuracy................................................................................................................................................15

Pros........................................................................................................................................................15

Cons.......................................................................................................................................................15

Conclusion.................................................................................................................................................15

References.................................................................................................................................................16

IntroductionSetting the correct time and date on any computer system including Linux version operating systems. If the system time of computer is out of date things will not function in an orderly manner, timestamps would be incorrect cron jobs wouldn’t run when they’re supposed to but more importantly programs that need accurate time synchronization to perform properly would cease to function. So as a system administrator it is important to know and understand how to set the correct time/date and which method best suits your system’s needs. In this document I will be exploring some of the different methods that can be used to set the time on a Linux system along with some of the advantages and disadvantages of using those various methods.

Date The first and easiest way to set the time and date on Linux is with the DATE command.

This method of setting the time is only as accurate as the user who runs the command because a human is setting the time it will never really be accurate. And the time will be offset from other clocks and the offset in time will increase over time slowly making your system more and more inaccurate over time

ProsThis method of setting the time is fairly simple to setup and doesn’t require you to really know much more than the actual time and how to count to implement.

ConsSetting the time this way is not ideal for computer systems that need precise time synchronization to perform different day to day tasks.

HWCLOCKThe hardware clock is present in every computer system and is used to keep track of time when the system is powered down or has no power at all it is a clock that runs on an internal battery. This clock can also be used to set the time and can be synchronized with the system time or vice versa.

Command to show what time the hardware clock is currently set to

hwclock –r or hwclock --show

Command to set the system time to the hardware time

hwclock –s or hwclock --systohc

Command to set the hardware time to the system time

hwclock –w or hwclock –hctosys

AccuracyThis method of setting the time is also inaccurate due to systematic drift caused by the hwclock loosing or gaining a certain amount of time each day, but this loss of time is corrected with the adjust function this helps the hwclock to resynchronize its self.

ProsThis method is a more accurate way to set the system time rather than doing it manually with the date set command you can synchronize your system clock to the hardware clock.

Cons This method does not work well in dual boot environments particularly when you run Windows and Linux on the same machine due to the way windows handles time, although this can be corrected by changing the hwclock to use UTC.

Daytime In order to setup you fedora pc to be a daytime server you first need to install the xinetd package. the extended Internet services daemon is used to start programs that provide Internet services. Without having to start the service at boot up the service waits for a connection request on all ports for a specific service and then starts the specified service.

First you need to install the xinetd package

Yum install xinetd

Now you need to configure the service that will use xinetd with the following files.

cat > /etc/xinetd.d/daytime << "EOF" &&

# Begin /etc/xinetd.d/daytime

service daytime{ disable = yes type = INTERNAL id = daytime-stream socket_type = stream protocol = tcp

user = root wait = no}

service daytime{ disable = yes type = INTERNAL id = daytime-dgram socket_type = dgram protocol = udp user = root wait = yes}

# End /etc/xinetd.d/daytime

EOF

And finally start the xinetd service

/etc/rc.d/init.d/xinetd start

Configuring a Virtual Machine to use a daytime server

You need to configure the /etc/rc.local file to set the date when it boots from the host machine

Now you need to open up port 13 on the firewall

Port 13 Description: “Daytime. Returns the time of day in machine language; can return OS version. Provides host time, which can be useful in timing attacks. Also creates a DOS threat when its output is looped echo port (7). Disable this port on all hosts.”

Iptables –A INPUT –p tcp –dport 13 –j ACCEPT

If you wanted to use another host on the internet to get your system time from you would change the hostname

For example I used time.chu.nrc.ca

set -- `nc time.chu.nrc.ca 13`date -u --set="$2 $3"

AccuracyThis method of time keeping is very accurate depending on the time of the daytime server you are connecting to.

Pros You can set the system time according to a standard time available on the internet. It is also a more reliable source for the time when compared to the internal hardware clock.

Cons It is not as popular as NTP Network Time Protocol, windows machines use NTP instead of the Daytime Protocol.

RdateUsing rdate with a cron job to synchronize the virtual machine with the host machines time

First make sure that you have the rdate package installed

Yum install rdate

Now create a bash shell script with the rdate commands you want to run

cat > /etc/cron.daily/rdate << "EOF"

#!/bin/bash

# -s is used to set the system clock with rdate

rdate -s 192.168.122.1/sbin/hwclock --systohc

EOF

Don’t forget to add the correct permissions to the file you just created

chmod +x /etc/cron.daily/rdate

you can also connect to other hosts using rdate but keep in mind most servers don’t allow rdate connections anymore however I found one that still does time.chu.nrc.ca

rdate time.chu.nrc.ca

you can find a decent list of time-servers here :http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers

Accuracyrdate is not an accurate method of keeping time because your system will not be synchronized with the remote servers time it just sets the system time to whatever the remote servers time is at that moment it does not account for systematic drift.

Pros“The rdate command does not override the time zone on the target system. Rdate request time data which is independent of the time zone.”

ConsRdate does not account for systematic drift which can cause the time to be inaccurate at times.

This method uses port 37 to connect to the time server

NtpdateTo set up ntpdate command to update your virtual machines time from any ntp server in a cron job you will need to do the following

First you will need to create a crontab file

Crontab -e

Then enter the following command to run every 60mins

60 * * * * ntpdate tick.usask.ca

Exit and save this crontab

The differences between stratum-1, stratum-2, stratum-3 Stratum-1 servers are the closet servers to a reference clock, so they are the most accurate of the 3 and would have little or no delay in time. Servers that are directly connected to a stratum-0 device are considered stratum-1 servers. A stratum-2 server is defined by being connected to a stratrum-1 server via a network path and receives its time from ntp packet requests. Stratum-3 servers are similar to stratum to except that they receive their time from ntp packets sent from a stratum- 2 server the further away the server is from the stratum-0 device increase the delay that server will have in accurate time.

AccuracyThis method is one of the most accurate ways to get precise time on a computer system

ProsNtpdate is used to synchronize the system time on a computer from a time server it can also be used to reference other time sources.

ConsI don’t really see any disadvantages to this method for keeping time other than if you don’t have access to a open stratum-1 server

Ntpdate uses port 123 to transmit data

NTP DaemonSetting up your own time server

The first thing you need to do is install the ntp package

Yum install –y ntp

Then edit the configuration of the /etc/ntp.conf file

Here is a sample configuration file:

example of ntp.conf:

# Permit time synchronization with our time source, but do not

# permit the source to query or modify the service on this system.

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could

# be tightened as well, but to do so would effect some of

# the administrative functions.

restrict 127.0.0.1

restrict -6 ::1

# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

#server 0.rhel.pool.ntp.org

#server 1.rhel.pool.ntp.org

#server 2.rhel.pool.ntp.org

#server mst.sirim.my prefer

#server my.pool.ntp.org

#broadcast 192.168.1.255 key 42 # broadcast server

#broadcastclient # broadcast client

#broadcast 224.0.1.1 key 42 # multicast server

#multicastclient 224.0.1.1 # multicast client

#manycastserver 239.255.254.254 # manycast server

#manycastclient 239.255.254.254 key 42 # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup

# and when no outside source of synchronized time is available.

#server mst.sirim.my prefer

#server my.pool.ntp.org

# Drift file. Put this in a directory which the daemon can write to.

# No symbolic links allowed, either, since the daemon updates the file

# by creating a temporary in the same directory and then rename()'ing

# it to the file.

driftfile /var/lib/ntp/drift

# Key file containing the keys and key identifiers used when operating

# with symmetric key cryptography.

keys /etc/ntp/keys

# Specify the key identifiers which are trusted.

#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.

#requestkey 8

# Specify the key identifier to use with the ntpq utility.

#controlkey 8

Now you will need to synchronize the server time with another ntp server to make sure that it is keeping accurate time.

ntpdate -du tick.usask.ca

the final step is to start the ntp service

/etc/init.d/ntpd start

Ntp server statisticsClockstats: keeps a record of each update received from a clock driver

Cryptostats: keeps a record of cryptographic public key information.

Loopstats: keeps records of all peers of a NTP server and of special signals, only valid updates are recorded

Rawstats: keeps a record of all raw-timestamp statistics, including all other statistical information

Statistics file for the ntp server are kept in /var/log/ntpstats/

55860 20163.440 69.65.40.29 9024 0.004507597 0.030620614 1.938014172 0.000775769

55860 20163.500 155.101.3.115 9024 -0.006067298 0.090790078 1.938016022 0.000777510

55860 20224.495 67.159.5.90 9024 0.003422017 0.028263910 0.938175602 0.001154453

55860 20229.439 69.65.40.29 9024 0.005335449 0.029718525 0.938324641 0.000648778

55860 51698.012 169.229.70.201 9024 2.517703439 0.150168769 7.937502140 0.000000119

AccuracyThis is the most accurate of all methods discussed for keeping time the longer the daemon runs increases the system clocks precision.

ProsIt doesn’t use a lot of system resources to run making it more efficient than ntpdate, the longer it runs the higher the accuracy of time to that of the source clocks times.

ConsIt can take some time before the system clock reaches a high level of time precision, you also have to choose accurate time sources to reference for synchronization.

VM01 as a stratum-3 serverIf you wanted to set up the virtual machine as a stratum-3 server you would have to set it up as a ntp server, then use your host machine as stratum-2 reference or some other stratum-2 server over the internet as time reference then synchronize it to that clock and that would turn your virtual machine into a stratum-3 server.

ChronyTo setup chrony the first thing you need to do is install the required packages

Yum install chrony

Then you need to edit the configuration file located in /etc/chrony.conf

# Allow client access from local network.

allow 192.168.122/24

# Specify the key used as password for chronyc.

commandkey 1

now edit the /etc/chrony.keys file just place your password information in this file

now start the chrony service

service chronyd start

repeat the steps above on your virtual machine but edit the configuration file a little differently

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

server 192.168.122.1

now edit the /etc/chrony.keys file with the same password from the host machine

AccuracyThis method is fairly accurate way to keep time because it can works with ntp servers and other time refereneces

ProsIt works on computers that don’t always have access to internet all the time for example dial up connections.

ConsIn my opinion it is easier to set up you system to use ntpdate to keep time.

ConclusionAfter doing research and implementing the various methods of time keeping. I have come to the conclusion that ntpd is without a doubt the most accurate way to keep time on any system. Just using the date command would be the simplest but least accurate, I don’t recommend using rdate at all because it seems to be out of date with today’s time keeping methods. Crony is also a good alternative to ntpd if you don’t have permanent access to the internet. There are lots of good ways to keep time but I guess it really boils down to your personal situation and the way you will be using your computer system .

References

http://tldp.org/HOWTO/TimePrecision-HOWTO/set.html

http://linux.die.net/man/8/hwclock

http://www.computerhope.com/unix/udate.htm

http://linuxcommand.org/man_pages/xinetd8.html

http://www.linuxfromscratch.org/blfs/view/svn/server/xinetd.html

http://www.ehow.com/info_8759592_daytime-port-13.html

http://www.auditmypc.com/tcp-port-13.asp

http://linuxgazette.net/108/park1.html

http://www.nist.gov/pml/div688/grp40/its.cfm

http://www.directadmin.com/forum/archive/index.php/t-7484.html

http://www.webhostingtalk.com/showthread.php?t=232155

http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers

http://newsgroups.derkeiler.com/Archive/Comp/comp.protocols.time.ntp/2011-03/msg00221.html

http://www.broomscloset.com/closet/date_time/itworld041014.html

http://linuxwave.blogspot.com/2007/08/setting-up-your-own-ntp-server.html

http://www.cyberciti.biz/faq/set-date-time-network-time-protocol-ntp/

http://www.endruntechnologies.com/stratum1.htm