User guide for the chrony suite

1 Introduction

1.1 Overview

Chrony is a software package for maintaining the accuracy of computer system clocks. It consists of a pair of programs :

chronyd. This is a daemon which runs in background on the system. It obtains measurements (e.g. via the network) of the system’s offset relative to other systems, and adjusts the system time accordingly. For isolated systems, the user can periodically enter the correct time by hand (using chronyc). In either case, chronyd determines the rate at which the computer gains or loses time, and compensates for this.
chronyd can also act as an NTP server, and provide a time-of-day service to other computers. A typical set-up is to run chronyd on a gateway computer that has a dial-up link to the Internet, and use it to serve time to computers on a private LAN sitting behind the gateway. The IP addresses that can act as clients of chronyd can be tightly controlled. The default is no client access.
chronyc. This is a command-line driven control and monitoring program. An administrator can use this to fine-tune various parameters within the daemon, add or delete servers etc whilst the daemon is running.
The IP addresses from which chronyc clients may connect can be tightly controlled. The default is just the computer that chronyd itself is running on.

1.2 Acknowledgements

The chrony suite makes use of the algorithm known as RSA Data Security, Inc. MD5 Message-Digest Algorithm for authenticating messages between different machines on the network.

In writing the chronyd program, extensive use has been made of RFC1305, written by David Mills. The ntp suite’s source code has been occasionally used to check details of the protocol that the RFC did not make absolutely clear. The core algorithms in chronyd are all completely distinct from ntp, however.

1.3 Availability

1.3.1 Getting the software

Links on the chrony home page describe how to obtain the software.

1.3.2 Platforms

Although most of the program is portable between Unix-like systems, there are parts that have to be tailored to each specific vendor’s system. These are the parts that interface with the operating system’s facilities for adjusting the system clock; different operating systems may provide different function calls to achieve this, and even where the same function is used it may have different quirks in its behaviour.

The software is known to work in the following environments:

Linux 2.2 and newer
NetBSD
BSD/386
Solaris 2.3/2.5/2.5.1/2.6/2.7/2.8 on Sparc (Sparc 20, Ultrasparc) and i386
SunOS 4.1.4 on Sparc 2 and Sparc20.

Closely related systems may work too, but they have not been tested.

Porting the software to other system (particularly to those supporting an adjtime system call) should not be difficult, however it requires access to such systems to test out the driver.

1.4 Relationship to other software packages

1.4.1 ntpd

The ‘reference’ implementation of the Network Time Protocol is the program ntpd, available via The NTP home page.

One of the main differences between ntpd and chronyd is in the algorithms used to control the computer’s clock. Things chronyd can do better than ntpd:

chronyd can perform usefully in an environment where access to the time reference is intermittent. ntpd needs regular polling of the reference to work well.
chronyd can usually synchronise the clock faster and with better time accuracy.
chronyd quickly adapts to sudden changes in the rate of the clock (e.g. due to changes in the temperature of the crystal oscillator). ntpd may need a long time to settle down again.
chronyd can perform well even when the network is congested for longer periods of time.
chronyd in the default configuration never steps the time to not upset other running programs. ntpd can be configured to never step the time too, but it has to use a different means of adjusting the clock, which has some disadvantages.
chronyd can adjust the rate of the clock on Linux in a larger range, which allows it to operate even on machines with broken or unstable clock (e.g. in some virtual machines).

Things chronyd can do that ntpd can’t:

chronyd provides support for isolated networks whether the only method of time correction is manual entry (e.g. by the administrator looking at a clock). chronyd can look at the errors corrected at different updates to work out the rate at which the computer gains or loses time, and use this estimate to trim the computer clock subsequently.
chronyd provides support to work out the gain or loss rate of the ‘real-time clock’, i.e. the clock that maintains the time when the computer is turned off. It can use this data when the system boots to set the system time from a corrected version of the real-time clock. These real-time clock facilities are only available on Linux, so far.

Things ntpd can do that chronyd can’t:

ntpd fully supports NTP version 4 (RFC5905), including broadcast, multicast, manycast clients / servers and the orphan mode. It also supports extra authentication schemes based on public-key cryptography (RFC5906). chronyd uses NTP version 3 (RFC1305), which is compatible with version 4.
ntpd has been ported to more types of computer / operating system.
ntpd includes drivers for many reference clocks. chronyd relies on other programs (e.g. gpsd) to access the data from the reference clocks.

1.4.2 timed

timed is a program that is part of the BSD networking suite. It uses broadcast packets to find all machines running the daemon within a subnet. The machines elect a master which periodically measures the system clock offsets of the other computers using ICMP timestamps. Corrections are sent to each member as a result of this process.

Problems that may arise with timed are :

Because it uses broadcasts, it is not possible to isolate its functionality to a particular group of computers; there is a risk of upsetting other computers on the same network (e.g. where a whole company is on the same subnet but different departments are independent from the point of view of administering their computers.)
The update period appears to be 10 minutes. Computers can build up significant offsets relative to each other in that time. If a computer can estimate its rate of drift it can keep itself closer to the other computers between updates by adjusting its clock every few seconds. timed does not seem to do this.
timed does not have any integrated capability for feeding real-time into its estimates, or for estimating the average rate of time loss/gain of the machines relative to real-time (unless one of the computers in the group has access to an external reference and is always appointed as the ‘master’).

timed does have the benefit over chronyd that for isolated networks of computers, they will track the ‘majority vote’ time. For such isolated networks, chronyd requires one computer to be the ‘master’ with the others slaved to it. If the master has a particular defective clock, the whole set of computers will tend to slip relative to real time (but they will stay accurate relative to one another).

1.5 Distribution rights and (lack of) warranty

Chrony may be distributed in accordance with the GNU General Public License version 2, reproduced in See GPL.

1.6 Bug reporting and suggestions

If you think you’ve found a bug in chrony, or have a suggestion, please let us know. You can join chrony users mailing list by sending a message with the subject subscribe to chrony-users-request@chrony.tuxfamily.org. Only subscribers can post to the list.

When you are reporting a bug, please send us all the information you can. Unfortunately, chrony has proven to be one of those programs where it is very difficult to reproduce bugs in a different environment. So we may have to interact with you quite a lot to obtain enough extra logging and tracing to pin-point the problem in some cases. Please be patient and plan for this!

Of course, if you can debug the problem yourself and send us a source code patch to fix it, we will be very grateful!

1.7 Contributions

Although chrony is now a fairly mature and established project, there are still areas that could be improved. If you can program in C and have some expertise in these areas, you might be able to fill the gaps.

Particular areas that need addressing are :

Porting to other Unices
This involves creating equivalents of sys_solaris.c, sys_linux.c etc for the new system. Note, the Linux driver has been reported as working on a range of different architectures (Alpha, Sparc, MIPS as well as x86 of course).
Porting to Windows NT
A small amount of work on this was done under Cygwin. Only the sorting out of the include files has really been achieved so far. The two main areas still to address are
1. The system clock driver.
2. How to make chronyd into an NT service (i.e. what to replace fork(), setsid() etc with so that chronyd can be automatically started in the system bootstrap.
More drivers for reference clock support

2 Installation

The software is distributed as source code which has to be compiled. The source code is supplied in the form of a gzipped tar file, which unpacks to a subdirectory identifying the name and version of the program.

After unpacking the source code, change directory into it, and type

./configure

This is a shell script that automatically determines the system type. There is a single optional parameter, --prefix which indicates the directory tree where the software should be installed. For example,

./configure --prefix=/opt/free

will install the chronyd daemon into /opt/free/sbin and the chronyc control program into /opt/free/bin. The default value for the prefix is /usr/local.

The configure script assumes you want to use gcc as your compiler. If you want to use a different compiler, you can configure this way:

CC=cc CFLAGS=-O ./configure --prefix=/opt/free

for Bourne-family shells, or

setenv CC cc
setenv CFLAGS -O
./configure --prefix=/opt/free

for C-family shells.

If the software cannot (yet) be built on your system, an error message will be shown. Otherwise, Makefile will be generated.

If editline or readline library is available, chronyc will be built with line editing support. If you don’t want this, specify the –disable-readline flag to configure. Please refer to see line editing support for more information.

If a timepps.h header is available (e.g. from the LinuxPPS project), chronyd will be built with PPS API reference clock driver. If the header is installed in a location that isn’t normally searched by the compiler, you can add it to the searched locations by setting CPPFLAGS variable to -I/path/to/timepps.

Now type

make

to build the programs.

If you want to build the manual in plain text, HTML and info versions, type

make docs

Once the programs have been successfully compiled, they need to be installed in their target locations. This step normally needs to be performed by the superuser, and requires the following command to be entered.

make install

This will install the binaries, plain text manual and manpages.

To install the HTML and info versions of the manual as well, enter the command

make install-docs

If you want chrony to appear in the top level info directory listing, you need to run the install-info command manually after this step. install-info takes 2 arguments. The first is the path to the chrony.info file you have just installed. This will be the argument you gave to –prefix when you configured (/usr/local by default), with /share/info/chrony.info on the end. The second argument is the location of the file called dir. This will typically be /usr/share/info/dir. So the typical command line would be

install-info /usr/local/share/info/chrony.info /usr/share/info/dir

Now that the software is successfully installed, the next step is to set up a configuration file. The default location of the file is /etc/chrony/chrony.conf. Suppose you want to use public NTP servers from the pool.ntp.org project as your time reference. A minimal useful configuration file could be

server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
makestep 10 3

Then, chronyd can be run.

2.1 Support for line editing libraries

Chronyc can be built with support for line editing, this allows you to use the cursor keys to replay and edit old commands. Two libraries are supported which provide such functionality, editline and GNU readline.

Please note that readline since version 6.0 is licensed under GPLv3+ which is incompatible with chrony’s license GPLv2. You should use editline instead if you don’t want to use older readline versions.

The configure script will automatically enable the line editing support if one of the supported libraries is available. If they are both available, the editline library will be used.

If you don’t want to use it (in which case chronyc will use a minimal command line interface), invoke configure like this:

./configure --disable-readline other-options...

If you have editline, readline or ncurses installed in locations that aren’t normally searched by the compiler and linker, you need to use extra options:

‘--with-readline-includes=directory_name’: This defines the name of the directory above the one where readline.h is. readline.h is assumed to be in editline or readline subdirectory of the named directory.
‘--with-readline-library=directory_name’: This defines the directory containing the libedit.a or libedit.so file, or libreadline.a or libreadline.so file.
‘--with-ncurses-library=directory_name’: This defines the directory containing the libncurses.a or libncurses.so file.

2.2 Extra options for package builders

The configure and make procedures have some extra options that may be useful if you are building a distribution package for chrony.

The –infodir=DIR option to configure specifies an install directory for the info files. This overrides the info subdirectory of the argument to the –prefix option. For example, you might use

./configure --prefix=/usr --infodir=/usr/share/info

The –mandir=DIR option to configure specifies an install directory for the man pages. This overrides the man subdirectory of the argument to the –prefix option.

./configure --prefix=/usr --infodir=/usr/share/info --mandir=/usr/share/man

to set both options together.

The final option is the DESTDIR option to the make command. For example, you could use the commands

./configure --prefix=/usr --infodir=/usr/share/info --mandir=/usr/share/man
make all docs
make install DESTDIR=./tmp
cd tmp
tar cvf - . | gzip -9 > chrony.tar.gz

to build a package. When untarred within the root directory, this will install the files to the intended final locations.

3 Typical operating scenarios

• Computers on the net:		Your computer is on the Internet most of the time (or on a private network with NTP servers)
• Infrequent connection:		You connect to the Internet sometimes (e.g. via a modem)
• Isolated networks:		You have an isolated network with no reference clocks
• Dial-up home PCs:		Additional considerations if you turn your computer off when it’s not in use
• Configuration options overview:		Overview of some configuration options

3.1 Computers connected to the internet

In this section we discuss how to configure chrony for computers that are connected to the Internet (or to any network containing true NTP servers which ultimately derive their time from a reference clock) permanently or most of the time.

To operate in this mode, you will need to know the names of the NTP server machines you wish to use. You may be able to find names of suitable servers by one of the following methods:

Your institution may already operate servers on its network. Contact your system administrator to find out.
Your ISP probably has one or more NTP servers available for its customers.
Somewhere under the NTP homepage there is a list of public stratum 1 and stratum 2 servers. You should find one or more servers that are near to you — check that their access policy allows you to use their facilities.
Use public servers from the pool.ntp.org project.

Assuming that you have found some servers, you need to set up a configuration file to run chrony. The (compiled-in) default location for this file is /etc/chrony/chrony.conf. Assuming that your ntp servers are called a.b.c and d.e.f, your chrony.conf file could contain as a minimum

server a.b.c
server d.e.f
server g.h.i

However, you will probably want to include some of the other directives described later. The driftfile and makestep directives may be particularly useful. Also, the iburst server option is useful to speed up the initial synchronization. The smallest useful configuration file would look something like

server a.b.c iburst
server d.e.f iburst
server g.h.i iburst
driftfile /var/lib/chrony/drift
makestep 10 3

3.2 Infrequent connection to true NTP servers

In this section we discuss how to configure chrony for computers that have occasional connections to the internet.

3.2.1 Setting up the configuration file for infrequent connections

As in the previous section, you will need access to NTP servers on the internet. The same remarks apply for how to find them.

In this case, you will need some additional configuration to tell chronyd when the connection to the internet goes up and down. This saves the program from continuously trying to poll the servers when they are inaccessible.

Again, assuming that your ntp servers are called a.b.c and d.e.f, your chrony.conf file would need to contain something like

server a.b.c
server d.e.f
server g.h.i

However, your computer will keep trying to contact the servers to obtain timestamps, even whilst offline. If you operate a dial-on-demand system, things are even worse, because the link to the internet will keep getting established.

For this reason, it would be better to specify this part of your configuration file in the following way:

server a.b.c offline
server d.e.f offline
server g.h.i offline

The offline keyword indicates that the servers start in an offline state, and that they should not be contacted until chronyd receives notification that the link to the internet is present.

In order to notify chronyd of the presence of the link, you will need to be able to log in to it with the program chronyc. To do this, chronyd needs to be configured with an administrator password. The password is read from a file specified by the keyfile directive. The generatecommandkey directive can be used to generate a random password automatically on the first chronyd start.

The smallest useful configuration file would look something like

server a.b.c offline
server d.e.f offline
server g.h.i offline
keyfile /etc/chrony/chrony.keys
generatecommandkey
driftfile /var/lib/chrony/drift
makestep 10 3

The next section describes how to tell chronyd when the internet link goes up and down.

3.2.2 How to tell chronyd when the internet link is available.

To use this option, you will need to configure a command key in chronyd's configuration file /etc/chrony/chrony.conf, as described in the previous section.

To tell chronyd when to start and finish sampling the servers, the online and offline commands of chronyc need to be used. To give an example of their use, we assume that pppd is the program being used to connect to the internet, and that chronyc has been installed at its default location /usr/bin/chronyc. We also assume that the command key has been set up as described in the previous section.

In the file /etc/ppp/ip-up we add the command sequence

/usr/bin/chronyc -a online

and in the file /etc/ppp/ip-down we add the sequence

/usr/bin/chronyc -a offline

chronyd's polling of the servers will now only occur whilst the machine is actually connected to the Internet.

3.3 Isolated networks

In this section we discuss how to configure chrony for computers that never have network conectivity to any computer which ultimately derives its time from a reference clock.

In this situation, one computer is selected to be the master timeserver. The other computers are either direct clients of the master, or clients of clients.

The rate value in the master’s drift file needs to be set to the average rate at which the master gains or loses time. chronyd includes support for this, in the form of the manual directive in the configuration file and the settime command in the chronyc program.

If the master is rebooted, chronyd can re-read the drift rate from the drift file. However, the master has no accurate estimate of the current time. To get around this, the system can be configured so that the master can initially set itself to a ‘majority-vote’ of selected clients’ times; this allows the clients to ‘flywheel’ the master across its outage.

A typical configuration file for the master (called master) might be (assuming the clients are in the 192.168.165.x subnet and that the master’s address is 192.168.169.170)

driftfile /var/lib/chrony/drift
generatecommandkey
keyfile /etc/chrony/chrony.keys
initstepslew 10 client1 client3 client6
local stratum 8
manual
allow 192.168.165

For the clients that have to resynchronise the master when it restarts, the configuration file might be

server master
driftfile /var/lib/chrony/drift
logdir /var/log/chrony
log measurements statistics tracking
keyfile /etc/chrony/chrony.keys
generatecommandkey
local stratum 10
initstepslew 20 master
allow 192.168.169.170

The rest of the clients would be the same, except that the local and allow directives are not required.

3.4 The home PC with a dial-up connection

3.4.1 Assumptions/how the software works

This section considers the home computer which has a dial-up connection. It assumes that Linux is run exclusively on the computer. Dual-boot systems may work; it depends what (if anything) the other system does to the system’s real-time clock.

Much of the configuration for this case is discussed earlier (see Infrequent connection). This section addresses specifically the case of a computer which is turned off between ’sessions’.

In this case, chronyd relies on the computer’s real-time clock (RTC) to maintain the time between the periods when it is powered up. The arrangement is shown in the figure below.

            trim if required                          PSTN
      +---------------------------+               +----------+
      |                           |               |          |
      v                           |               |          |
+---------+                    +-------+       +-----+     +---+
| System's|  measure error/    |chronyd|       |modem|     |ISP|
|real-time|------------------->|       |-------|     |     |   |
|  clock  |   drift rate       +-------+       +-----+     +---+
+---------+                       ^                          |
      |                           |                          |
      +---------------------------+                  --o-----o---
         set time at boot up                           |
                                                  +----------+
                                                  |NTP server|
                                                  +----------+

When the computer is connected to the Internet (via the modem), chronyd has access to external NTP servers which it makes measurements from. These measurements are saved, and straight-line fits are performed on them to provide an estimate of the computer’s time error and rate of gaining/losing time.

When the computer is taken offline from the Internet, the best estimate of the gain/loss rate is used to free-run the computer until it next goes online.

Whilst the computer is running, chronyd makes measurements of the real-time clock (RTC) (via the /dev/rtc interface, which must be compiled into the kernel). An estimate is made of the RTC error at a particular RTC second, and the rate at which the RTC gains or loses time relative to true time.

On 2.6 and later kernels, if your motherboard has a HPET, you need to enable the ‘HPET_EMULATE_RTC’ option in your kernel configuration. Otherwise, chrony will not be able to interact with the RTC device and will give up using it.

When the computer is powered down, the measurement histories for all the NTP servers are saved to files (if the dumponexit directive is specified in the configuration file), and the RTC tracking information is also saved to a file (if the rtcfile directive has been specified). These pieces of information are also saved if the dump and writertc commands respectively are issued through chronyc.

When the computer is rebooted, chronyd reads the current RTC time and the RTC information saved at the last shutdown. This information is used to set the system clock to the best estimate of what its time would have been now, had it been left running continuously. The measurement histories for the servers are then reloaded.

The next time the computer goes online, the previous sessions’ measurements can contribute to the line-fitting process, which gives a much better estimate of the computer’s gain/loss rate.

One problem with saving the measurements and RTC data when the machine is shut down is what happens if there is a power failure; the most recent data will not be saved. Although chronyd is robust enough to cope with this, some performance may be lost. (The main danger arises if the RTC has been changed during the session, with the trimrtc command in chronyc. Because of this, trimrtc will make sure that a meaningful RTC file is saved out after the change is completed).

The easiest protection against power failure is to put the dump and writertc commands in the same place as the offline command is issued to take chronyd offline; because chronyd free-runs between online sessions, no parameters will change significantly between going offline from the Internet and any power failure.

A final point regards home computers which are left running for extended periods and where it is desired to spin down the hard disc when it is not in use (e.g. when not accessed for 15 minutes). chronyd has been planned so it supports such operation; this is the reason why the RTC tracking parameters are not saved to disc after every update, but only when the user requests such a write, or during the shutdown sequence. The only other facility that will generate periodic writes to the disc is the log rtc facility in the configuration file; this option should not be used if you want your disc to spin down.

3.4.2 Typical configuration files.

To illustrate how a dial-up home computer might be configured, example configuration files are shown in this section.

For the /etc/chrony/chrony.conf file, the following can be used as an example.

server 0.pool.ntp.org minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 1.pool.ntp.org minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 2.pool.ntp.org minpoll 5 maxpoll 10 maxdelay 0.4 offline
logdir /var/log/chrony
log statistics measurements tracking
driftfile /var/lib/chrony/drift
keyfile /etc/chrony/chrony.keys
generatecommandkey
makestep 10 3
maxupdateskew 100.0
dumponexit
dumpdir /var/lib/chrony
rtcfile /var/lib/chrony/rtc

pppd is used for connecting to the internet. This runs two scripts /etc/ppp/ip-up and /etc/ppp/ip-down when the link goes online and offline respectively.

The relevant part of the /etc/ppp/ip-up file is

/usr/bin/chronyc -a online

and the relevant part of the /etc/ppp/ip-down script is

/usr/bin/chronyc -a -m offline dump writertc

To start chronyd during the boot sequence, the following is in /etc/rc.d/rc.local (this is a Slackware system)

if [ -f /usr/sbin/chronyd -a -f /etc/chrony/chrony.conf ]; then
  /usr/sbin/chronyd -r -s
  echo "Start chronyd"
fi

The placement of this command may be important on some systems. In particular, chronyd may need to be started before any software that depends on the system clock not jumping or moving backwards, depending on the directives in chronyd's configuration file.

For the system shutdown, chronyd should receive a SIGTERM several seconds before the final SIGKILL; the SIGTERM causes the measurement histories and RTC information to be saved out.

3.5 Other important configuration options

The most common option to include in the configuration file is the driftfile option. One of the major tasks of chronyd is to work out how fast or how slow the system clock runs relative to real time - e.g. in terms of seconds gained or lost per day. Measurements over a long period are usually required to refine this estimate to an acceptable degree of accuracy. Therefore, it would be bad if chronyd had to work the value out each time it is restarted, because the system clock would not run so accurately whilst the determination is taking place.

To avoid this problem, chronyd allows the gain or loss rate to be stored in a file, which can be read back in when the program is restarted. This file is called the drift file, and might typically be stored in /var/lib/chrony/drift. By specifying an option like the following

driftfile /var/lib/chrony/drift

in the configuration file (/etc/chrony/chrony.conf), the drift file facility will be activated.

4 Usage reference

4.1 Starting chronyd

If chronyd has been installed to its default location /usr/sbin/chronyd, starting it is simply a matter of entering the command

/usr/sbin/chronyd

Information messages and warnings will be logged to syslog.

If no configuration commands are specified on the command line, chronyd will read the commands from the configuration file (default /etc/chrony/chrony.conf).

The command line options supported are as follows:

-n

When run in this mode, the program will not detach itself from the terminal.

-d

When run in this mode, the program will not detach itself from the terminal, and all messages will be sent to the terminal instead of to syslog. When chronyd was compiled with debugging support, this option can be used twice to print also debugging messages.

-f <conf-file>

This option can be used to specify an alternate location for the configuration file (default /etc/chrony/chrony.conf).

-r

This option will reload sample histories for each of the servers and refclocks being used. These histories are created by using the dump command in chronyc, or by setting the dumponexit directive in the configuration file. This option is useful if you want to stop and restart chronyd briefly for any reason, e.g. to install a new version. However, it only makes sense on systems where the kernel can maintain clock compensation whilst not under chronyd's control. The only version where this happens so far is Linux. On systems where this is not the case, e.g. Solaris and SunOS the option should not be used.

-R

When this option is used, the initstepslew directive and the makestep directive used with a positive limit will be ignored. This option is useful when restarting chronyd and can be used in conjuction with the ‘-r’ option.

-s

This option will set the system clock from the computer’s real-time clock. This is analogous to supplying the ‘-s’ flag to the /sbin/hwclock program during the Linux boot sequence.

Support for real-time clocks is limited at present - the criteria are described in the section on the rtcfile directive (see rtcfile directive).

If chronyd cannot support the real time clock on your computer, this option cannot be used and a warning message will be logged to the syslog.

If used in conjunction with the ‘-r’ flag, chronyd will attempt to preserve the old samples after setting the system clock from the real time clock. This can be used to allow chronyd to perform long term averaging of the gain or loss rate across system reboots, and is useful for dial-up systems that are shut down when not in use. For this to work well, it relies on chronyd having been able to determine accurate statistics for the difference between the real time clock and system clock last time the computer was on.

-u <user>

This option sets the name of the user to which will chronyd switch to drop root privileges if compiled with Linux capabilities support (default root).

-q

When run in this mode, chronyd will set the system clock once and exit. It will not detach from the terminal.

-Q

This option is similar to ‘-q’, but it will only print the offset and not correct the clock.

-v

This option displays chronyd's version number to the terminal and exits.

-P <priority>

This option will select the SCHED_FIFO real-time scheduler at the specified priority (which must be between 0 and 100). This mode is supported only on Linux.

-m

This option will lock chronyd into RAM so that it will never be paged out. This mode is only supported on Linux.

-4

With this option hostnames will be resolved only to IPv4 addresses and only IPv4 sockets will be created.

-6

With this option hostnames will be resolved only to IPv6 addresses and only IPv6 sockets will be created.

On systems that support an /etc/rc.local file for starting programs at boot time, chronyd can be started from there.

On systems with a System V style initialisation, a suitable start/stop script might be as shown below. This might be placed in the file /etc/rc2.d/S83chrony.

#!/bin/sh
# This file should have uid root, gid sys and chmod 744
#

killproc() {            # kill the named process(es)
        pid=`/usr/bin/ps -e |
             /usr/bin/grep -w $1 |
             /usr/bin/sed -e 's/^  *//' -e 's/ .*//'`
        [ "$pid" != "" ] && kill $pid
}

case "$1" in

'start')
   if [ -f /opt/free/sbin/chronyd -a -f /etc/chrony/chrony.conf ]; then
     /opt/free/sbin/chronyd
   fi
   ;;
'stop')
   killproc chronyd
   ;;
*)
   echo "Usage: /etc/rc2.d/S83chrony { start | stop }"
   ;;
esac

(In both cases, you may want to bear in mind that chronyd can step the time when it starts. There may be other programs started at boot time that could be upset by this, so you may need to consider the ordering carefully. However, chronyd will need to start after daemons providing services that it may require, e.g. the domain name service.)

4.2 The chronyd configuration file

The configuration file is normally called /etc/chrony/chrony.conf; in fact, this is the compiled-in default. However, other locations can be specified with a command line option.

Each command in the configuration file is placed on a separate line. The following sections describe each of the commands in turn. The directives can occur in any order in the file.

The configuration commands can also be specified directly on the chronyd command line, each argument is parsed as a line and the configuration file is ignored.


• comments in config file:		How to write a comment
• acquisitionport directive:		Set NTP client port
• allow directive:		Give access to NTP clients
• bindacqaddress directive:		Limit network interface used by NTP client
• bindaddress directive:		Limit network interface used by NTP server
• bindcmdaddress directive:		Limit network interface used for commands
• broadcast directive:		Make chronyd act as an NTP broadcast server
• clientloglimit directive:		Set client log memory limit
• cmdallow directive:		Give control access to chronyc on other computers
• cmddeny directive:		Deny control access to chronyc on other computers
• cmdport directive:		Set port to use for runtime commanding
• combinelimit directive:		Limit sources included in combining algorithm
• commandkey directive:		Set runtime command key
• corrtimeratio directive:		Set correction time ratio
• deny directive:		Deny access to NTP clients
• driftfile directive:		Specify location of file containing drift data
• dumpdir directive:		Specify directory for dumping measurements
• dumponexit directive:		Dump measurements when daemon exits
• fallbackdrift directive:		Specify fallback drift intervals
• generatecommandkey directive:		Generate command key automatically
• hwclockfile directive:		Specify location of hwclock’s adjtime file
• include directive:		Include a configuration file
• initstepslew directive:		Trim the system clock on boot-up
• keyfile directive:		Specify location of file containing keys
• leapsectz directive:		Read leap second data from tz database
• local directive:		Allow unsynchronised machine to act as server
• lock_all directive:		Require that chronyd be locked into RAM
• log directive:		Make daemon log certain sets of information
• logbanner directive:		Specify how often is banner written to log files
• logchange directive:		Generate syslog messages if large offsets occur
• logdir directive:		Specify directory for logging
• mailonchange directive:		Send email if a clock correction above a threshold occurs
• makestep directive:		Step system clock if large correction is needed
• manual directive:		Allow manual entry using chronyc’s settime cmd
• maxchange directive:		Set maximum allowed offset
• maxclockerror directive:		Set maximum frequency error of local clock
• maxsamples directive:		Set maximum number of samples per source
• maxslewrate directive:		Set maximum slew rate
• maxupdateskew directive:		Stop bad estimates upsetting machine clock
• minsamples directive:		Set minimum number of samples per source
• noclientlog directive:		Prevent chronyd from gathering data about clients
• peer directive:		Specify an NTP peer
• pidfile directive:		Specify the file where chronyd’s pid is written
• port directive:		Set NTP server port
• refclock directive:		Specify a reference clock
• reselectdist directive:		Set improvement in distance needed to reselect a source
• rtcautotrim directive:		Specify threshold at which RTC is trimmed automatically
• rtcdevice directive:		Specify name of enhanced RTC device (if not /dev/rtc)
• rtcfile directive:		Specify the file where real-time clock data is stored
• rtconutc directive:		Specify that the real time clock keeps UTC not local time
• rtcsync directive:		Specify that RTC should be automatically synchronised by kernel
• sched_priority directive:		Require real-time scheduling and specify a priority for it
• server directive:		Specify an NTP server
• stratumweight directive:		Specify how important is stratum when selecting source
• tempcomp directive:		Specify temperature sensor and compensation coefficients
• user directive:		Specify user for dropping root privileges

4.2.1 Comments in the configuration file

The configuration file may contain comment lines. A comment line is any line that starts with zero or more spaces followed by any one of the following characters:

!
;
#
%

Any line with this format will be ignored.

4.2.2 acquisitionport

By default, chronyd uses a separate client socket for each configured server and their source port is chosen arbitrarily by the operating system. However, you can use the acquisitionport directive to explicitly specify a port and use only one socket (per IPv4/IPv6 address family) for all configured servers. This may be useful for getting through firewalls.

It may be set to the same port as used by the NTP server (see port directive) to use only one socket for all NTP packets.

An example of the acquisitionport command is

acquisitionport 1123

This would change the source port used for client requests to udp/1123. You could then persuade the firewall administrator to let that port through.

4.2.3 allow

The allow command is used to designate a particular subnet from which NTP clients are allowed to access the computer as an NTP server.

The default is that no clients are allowed access, i.e. chronyd operates purely as an NTP client. If the allow directive is used, chronyd will be both a client of its servers, and a server to other clients.

Examples of use of the command are as follows:

allow foo.bar.com
allow 1.2
allow 3.4.5
allow 6.7.8/22
allow 6.7.8.9/22
allow 2001:db8::/32
allow 0/0
allow ::/0
allow

The first command allows the named node to be an NTP client of this computer. The second command allows any node with an IPv4 address of the form 1.2.x.y (with x and y arbitrary) to be an NTP client of this computer. Likewise, the third command allows any node with an IPv4 address of the form 3.4.5.x to have client NTP access. The fourth and fifth forms allow access from any node with an IPv4 address of the form 6.7.8.x, 6.7.9.x, 6.7.10.x or 6.7.11.x (with x arbitrary), i.e. the value 22 is the number of bits defining the specified subnet. (In the fifth form, the final byte is ignored). The sixth form is used for IPv6 addresses. The seventh and eighth forms allow access by any IPv4 and IPv6 node respectively. The ninth forms allows access by any node (IPv4 or IPv6).

A second form of the directive, allow all, has a greater effect, depending on the ordering of directives in the configuration file. To illustrate the effect, consider the two examples

allow 1.2.3.4
deny 1.2.3
allow 1.2

and

allow 1.2.3.4
deny 1.2.3
allow all 1.2

In the first example, the effect is the same regardles of what order the three directives are given in. So the 1.2.x.y subnet is allowed access, except for the 1.2.3.x subnet, which is denied access, however the host 1.2.3.4 is allowed access.

In the second example, the allow all 1.2 directives overrides the effect of any previous directive relating to a subnet within the specified subnet. Within a configuration file this capability is probably rather moot; however, it is of greater use for reconfiguration at run-time via chronyc (see allow all command).

Note, if the initstepslew directive (see initstepslew directive) is used in the configuration file, each of the computers listed in that directive must allow client access by this computer for it to work.

4.2.4 bindacqaddress

The bindacqaddress directive sets the network interface to which will chronyd bind its NTP client sockets. The syntax is similar to the bindaddress and bindcmdaddress directives.

For each of IPv4 and IPv6 protocols, only one bindacqaddress directive can be specified.

4.2.5 bindaddress

The bindaddress directive allows you to restrict the network interface to which chronyd will listen for NTP requests. This provides an additional level of access restriction above that available through the deny mechanism.

Suppose you have a local ethernet with addresses in the 192.168.1.0 subnet together with an internet connection. The ethernet interface’s IP address is 192.168.1.1. Suppose you want to block all access through the internet connection. You could add the line

bindaddress 192.168.1.1

to the configuration file.

This directive affects NTP (UDP port 123 by default) packets. If no bindcmdaddress directive is present, the address supplied by bindaddress will be used to control binding of the command socket (UDP port 323 by default) as well.

The bindaddress directive has been found to cause problems when used on computers that need to pass NTP traffic over multiple network interfaces (e.g. firewalls). It is, therefore, not particularly useful. Use of the allow and deny directives together with a network firewall is more likely to be successful.

For each of IPv4 and IPv6 protocols, only one bindaddress directive can be specified.

4.2.6 bindcmdaddress

The bindcmdaddress directive allows you to restrict the network interface to which chronyd will listen for command packets (issued by chronyc). This provides an additional level of access restriction above that available through cmddeny mechanism.

Suppose you want to block all access except from localhost. You could add the lines

bindcmdaddress 127.0.0.1
bindcmdaddress ::1

to the configuration file.

For each of IPv4 and IPv6 protocols, only one bindcmdaddress directive can be specified.

The default values are set by the bindaddress directive.

The bindcmdaddress directive has been found to cause problems when used on computers that need to pass command traffic over multiple network interfaces. Use of the cmdallow and cmddeny directives together with a network firewall is more likely to be successful.

4.2.7 broadcast

The broadcast directive is used to declare a broadcast address to which chronyd should send packets in NTP broadcast mode (i.e. make chronyd act as a broadcast server). Broadcast clients on that subnet will be able to synchronise.

The syntax is as follows

broadcast 30 192.168.1.255
broadcast 60 192.168.2.255 12123
broadcast 60 ff02::101

In the first example, the destination port defaults to 123/udp (the normal NTP port). In the second example, the destionation port is specified as 12123. The first parameter in each case (30 or 60 respectively) is the interval in seconds between broadcast packets being sent. The second parameter in each case is the broadcast address to send the packet to. This should correspond to the broadcast address of one of the network interfaces on the computer where chronyd is running.

You can have more than 1 broadcast directive if you have more than 1 network interface onto which you wish to send NTP broadcast packets.

chronyd itself cannot currently act as a broadcast client; it must always be configured as a point-to-point client by defining specific NTP servers and peers. This broadcast server feature is intended for providing a time source to other NTP software (e.g. various MS Windows clients).

If ntpd is used as the broadcast client, it will try to use a point-to-point client/server NTP access to measure the round-trip delay. Thus, the broadcast subnet should also be the subject of an allow directive (see allow directive).

4.2.8 clientloglimit

This directive specifies the maximum size of the memory allocated to log client accesses. When the limit is reached, only information for clients that have already been logged will be updated. If 0 is specified, the memory size will be unlimited. The default is 524288 bytes.

An example of the use of this directive is

clientloglimit 1048576

4.2.9 cmdallow

This is similar to the allow directive (see allow directive), except that it allows control access (rather than NTP client access) to a particular subnet or host. (By ’control access’ is meant that chronyc can be run on those hosts and successfully connect to chronyd on this computer.)

The syntax is identical to the allow directive.

There is also a cmdallow all directive with similar behaviour to the allow all directive (but applying to control access in this case, of course).

4.2.10 cmddeny

This is similar to the cmdallow directive (see cmdallow directive), except that it denies control access to a particular subnet or host, rather than allowing it.

The syntax is identical.

There is also a cmddeny all directive with similar behaviour to the cmdallow all directive.

4.2.11 cmdport

The cmdport directive allows the port that is used for run-time command and monitoring (via the program chronyc) to be altered from its default (323/udp). If set to 0, chronyd will not open the port, this is useful to disable the chronyc access completely.

An example shows the syntax

cmdport 257

This would make chronyd use 257/udp as its command port. (chronyc would need to be run with the -p 257 switch to inter-operate correctly).

4.2.12 combinelimit

When chronyd has multiple sources available for synchronization, it has to select one source as the synchronization source. The measured offsets and frequencies of the system clock relative to the other sources, however, can be combined with the selected source to improve the accuracy of the system clock.

The combinelimit directive limits which sources are included in the combining algorithm. Their synchronization distance has to be shorter than the distance of the selected source multiplied by the value of the limit. Also, their measured frequencies have to be close to the frequency of the selected source.

By default, the limit is 3. Setting the limit to 0 effectively disables the source combining algorithm and only the selected source will be used to control the system clock.

The syntax is

combinelimit <limit>

4.2.13 commandkey

The commandkey command is used to set the key number used for authenticating user commands via the chronyc program at run time. This allows certain actions of the chronyc program to be restricted to administrators.

An example of the commandkey command is

commandkey 20

By default, the key number is 0.

In the key file (see the keyfile command) there should be a line of the form

20 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC

When running the chronyc program to perform run-time configuration, the command

password HEX:B028F91EA5C38D06C2E140B26C7F41EC

must be entered before any commands affecting the operation of the daemon can be entered, or chronyc must be started with the ‘-a’ option to run the password command automatically.

4.2.14 corrtimeratio

When chronyd makes a time correction, it controls how quickly the system clock is slewed (so far only on Linux). This rate affects the frequency error of the system clock.

The corrtimeratio directive sets the ratio between the duration in which the clock is slewed for an average correction according to the source history and the interval in which the corrections are done (usually the NTP polling interval). Corrections larger than the average take less time and smaller corrections take more time, the amount of the correction and the correction time are inversely proportional.

Increasing corrtimeratio improves the overall frequency error of the system clock, but increases the overall time error as the corrections take longer.

By default, the ratio is set to 3, the time accuracy of the clock is preferred over its frequency accuracy.

The syntax is

corrtimeratio 100

The maximum allowed slew rate can be set by the maxslewrate directive (see maxslewrate directive. The current remaining correction is shown in the tracking report (see tracking command) as the System time value.

4.2.15 deny

This is similar to the allow directive (see allow directive), except that it denies NTP client access to a particular subnet or host, rather than allowing it.

The syntax is identical.

There is also a deny all directive with similar behaviour to the allow all directive.

4.2.16 driftfile

One of the main activities of the chronyd program is to work out the rate at which the system clock gains or loses time relative to real time.

Whenever chronyd computes a new value of the gain/loss rate, it is desirable to record it somewhere. This allows chronyd to begin compensating the system clock at that rate whenever it is restarted, even before it has had a chance to obtain an equally good estimate of the rate during the new run. (This process may take many minutes, at least).

The driftfile command allows a file to be specified into which chronyd can store the rate information. Two parameters are recorded in the file. The first is the rate at which the system clock gains or loses time, expressed in parts per million, with gains positive. Therefore, a value of 100.0 indicates that when the system clock has advanced by a second, it has gained 100 microseconds on reality (so the true time has only advanced by 999900 microseconds). The second is an estimate of the error bound around the first value in which the true rate actually lies.

An example of the driftfile command is

driftfile /var/lib/chrony/drift

4.2.17 dumpdir

To compute the rate of gain or loss of time, chronyd has to store a measurement history for each of the time sources it uses.

Certain systems (so far only Linux) have operating system support for setting the rate of gain or loss to compensate for known errors. (On other systems, chronyd must simulate such a capability by periodically slewing the system clock forwards or backwards by a suitable amount to compensate for the error built up since the previous slew).

For such systems, it is possible to save the measurement history across restarts of chronyd (assuming no changes are made to the system clock behaviour whilst it is not running). If this capability is to be used (via the dumponexit command in the configuration file, or the dump command in chronyc), the dumpdir command should be used to define the directory where the measurement histories are saved.

An example of the command is

dumpdir /var/lib/chrony

A source whose reference id (the IP address for IPv4 sources) is 1.2.3.4 would have its measurement history saved in the file /var/lib/chrony/1.2.3.4.dat.

4.2.18 dumponexit

If this command is present, it indicates that chronyd should save the measurement history for each of its time sources recorded whenever the program exits. (See the dumpdir command above).

4.2.19 fallbackdrift

Fallback drifts are long-term averages of the system clock drift calculated over exponentially increasing intervals. They are used when the clock is unsynchronised to avoid quickly drifting away from true time if there was a short-term deviation in drift before the synchronisation was lost.

The directive specifies the minimum and maximum interval for how long the system clock has to be unsynchronised to switch between fallback drifts. They are defined as a power of 2 (in seconds). The syntax is as follows

fallbackdrift 16 19

In this example, the minimum interval is 16 (18 hours) and maximum interval is 19 (6 days). The system clock frequency will be set to the first fallback 18 hours after the synchronisation was lost, to the second after 36 hours, etc. This might be a good setting to cover daily and weekly temperature fluctuations.

By default (or if the specified maximum or minimum is 0), no fallbacks will be used and the clock frequency will stay at the last value calculated before synchronisation was lost.

4.2.20 generatecommandkey

With this directive, if the command key is not found on start in the file specified by the keyfile directive, chronyd will generate a new command key from the /dev/urandom file and write it to the key file.

The generated key will use SHA1 if chronyd is compiled with the support, otherwise MD5 will be used.

4.2.21 hwclockfile

The hwclockfile directive sets the location of the adjtime file which is used by the /sbin/hwclock program. With this directive, chronyd will parse the file to find out if the RTC keeps local time or UTC. It overrides the rtconutc directive (see rtconutc directive).

An example of the command is

hwclockfile /etc/adjtime

4.2.22 include

The include directive includes a specified configuration file. This is useful when maintaining configuration on multiple hosts to keep the differences in a separate file.

include /etc/chrony/chrony/local.conf

4.2.23 initstepslew

In normal operation, chronyd slews the time when it needs to adjust the system clock. For example, to correct a system clock which is 1 second slow, chronyd slightly increases the amount by which the system clock is advanced on each clock interrupt, until the error is removed. (Actually, this is done by calling the adjtime() or similar system function which does it for us.) Note that at no time does time run backwards with this method.

On most Unix systems it is not desirable to step the system clock, because many programs rely on time advancing monotonically forwards.

When the chronyd daemon is initially started, it is possible that the system clock is considerably in error. Attempting to correct such an error by slewing may not be sensible, since it may take several hours to correct the error by this means.

The purpose of the initstepslew directive is to allow chronyd to make a rapid measurement of the system clock error at boot time, and to correct the system clock by stepping before normal operation begins. Since this would normally be performed only at an appropriate point in the system boot sequence, no other software should be adversely affected by the step.

If the correction required is less than a specified threshold, a slew is used instead. This makes it easier to restart chronyd whilst the system is in normal operation.

The initstepslew directive takes a threshold and a list of NTP servers as arguments. A maximum of 8 will be used. Each of the servers is rapidly polled several times, and a majority voting mechanism used to find the most likely range of system clock error that is present. A step (or slew) is applied to the system clock to correct this error. chronyd then enters its normal operating mode.

An example of use of the command is

initstepslew 30 foo.bar.com baz.quz.com

where 2 NTP servers are used to make the measurement. The 30 indicates that if the system’s error is found to be 30 seconds or less, a slew will be used to correct it; if the error is above 30 seconds, a step will be used.

The initstepslew directive can also be used in an isolated LAN environment, where the clocks are set manually. The most stable computer is chosen as the master, and the other computers are slaved to it. If each of the slaves is configured with the local option (see below), the master can be set up with an initstepslew directive which references some or all of the slaves. Then, if the master machine has to be rebooted, the slaves can be relied on to ’flywheel’ the time for the master.

The initstepslew directive is functionally similar to a combination of the makestep and server directives with the iburst option. The main difference is that the initstepslew servers are used only before normal operation begins and that the foreground chronyd process waits for initstepslew to finish before exiting. This is useful to prevent programs started in the boot sequence after chronyd from reading the clock before it’s stepped.

4.2.24 keyfile

This command is used to specify the location of the file containing ID/key pairs for the following 2 uses:

Authentication of NTP packets.
Authentication of administrator commands entered via chronyc.

The format of the command is shown in the example below

keyfile /etc/chrony/chrony.keys

The argument is simply the name of the file containing the ID/key pairs. The format of the file is shown below

10 tulip
11 hyacinth
20 MD5 ASCII:crocus
25 SHA1 HEX:1dc764e0791b11fa67efc7ecbc4b0d73f68a070c 
 ...

Each line consists of an ID, a name of authentication hash function (optional) and a password. The ID can be any unsigned integer in the range 0 through 2**32-1, but ID of 0 can be used only for the command key and not for the NTP authentication. The hash function is MD5 by default, depending on how was chronyd compiled other allowed hash functions may be SHA1, SHA256, SHA384, SHA512, RMD128, RMD160, RMD256, RMD320, TIGER and WHIRLPOOL. The password can be encoded as a string of characters not containing a space with optional ASCII: prefix or as a hexadecimal number with HEX: prefix.

The password is used with the hash function to generate and verify a message authentication code (MAC) in NTP and command packets. For maximum security, it’s recommended to use SHA1 or stronger hash function. The passwords should be random and they should be as long as the output size of the configured hash function, e.g. 160 bits with SHA1.

The ID for the chronyc authentication key is specified with the commandkey command (see earlier). The command key can be generated automatically on start with the generatecommandkey directive.

4.2.25 leapsectz

This directive is used to set the name of the timezone in the system tz database which chronyd can use to find out when will the next leap second occur. It will periodically check if the times 23:59:59 and 23:59:60 are valid on Jun 30 and Dec 31 in the timezone. A useful timezone is right/UTC. This is mainly useful with reference clocks which don’t provide the leap second information. It is not necessary to restart chronyd if the tz database is updated with a new leap second at least 12 hours before the event.

An example of the command is

leapsectz right/UTC

The following shell command verifies that the timezone contains leap seconds and can be used with this directive

$ TZ=right/UTC date -d 'Dec 31 2008 23:59:60'
Wed Dec 31 23:59:60 UTC 2008

4.2.26 local

The local keyword is used to allow chronyd to appear synchronised to real time (from the viewpoint of clients polling it), even if it has no current synchronisation source.

This option is normally used on computers in an isolated network, where several computers are required to synchronise to one other, this being the "master" which is kept vaguely in line with real time by manual input.

An example of the command is

local stratum 10

The value 10 may be substituted with other values in the range 1 through 15. Stratum 1 indicates a computer that has a true real-time reference directly connected to it (e.g. GPS, atomic clock etc) – such computers are expected to be very close to real time. Stratum 2 computers are those which have a stratum 1 server; stratum 3 computers have a stratum 2 server and so on.

A large value of 10 indicates that the clock is so many hops away from a reference clock that its time is fairly unreliable. Put another way, if the computer ever has access to another computer which is ultimately synchronised to a reference clock, it will almost certainly be at a stratum less than 10. Therefore, the choice of a high value like 10 for the local command prevents the machine’s own time from ever being confused with real time, were it ever to leak out to clients that have visibility of real servers.

4.2.27 lock_all

The lock_all directive will lock chronyd into RAM so that it will never be paged out. This mode is only supported on Linux. This directive uses the Linux mlockall() system call to prevent chronyd from ever being swapped out. This should result in lower and more consistent latency. It should not have significant impact on performance as chronyd's memory usage is modest. The mlockall man page has more details.

4.2.28 log

The log command indicates that certain information is to be logged.

measurements: This option logs the raw NTP measurements and related information to a file called measurements.log.
statistics: This option logs information about the regression processing to a file called statistics.log.
tracking: This option logs changes to the estimate of the system’s gain or loss rate, and any slews made, to a file called tracking.log.
rtc: This option logs information about the system’s real-time clock.
refclocks: This option logs the raw and filtered reference clock measurements to a file called refclocks.log.
tempcomp: This option logs the temperature measurements and system rate compensations to a file called tempcomp.log.

The files are written to the directory specified by the logdir command.

An example of the command is

log measurements statistics tracking

4.2.28.1 Measurements log file format

An example line (which actually appears as a single line in the file) from the measurements log file is shown below.

2010-12-22 05:40:50 158.152.1.76    N  8 1111 111 1111 10 10 1.0 \
   -4.966e-03  2.296e-01  1.577e-05  1.615e-01  7.446e-03

The columns are as follows (the quantities in square brackets are the values from the example line above) :

Date [2010-12-22]
Hour:Minute:Second [05:40:50]. Note that the date/time pair is expressed in UTC, not the local time zone.
IP address of server/peer from which measurement comes [158.152.1.76]
Leap status (N means normal, + means that the last minute of the current month has 61 seconds, - means that the last minute of the month has 59 seconds, ? means the remote computer is not currently synchronised.) [N]
Stratum of remote computer. [2]
RFC1305 tests 1 through 4 (1=pass, 0=fail) [1111]
Tests for maximum delay, maximum delay ratio and maximum delay dev ratio, against defined parameters (1=pass, 0=fail) [111]
RFC1305 tests 5 through 8 (1=pass, 0=fail) [1111]
Local poll [10]
Remote poll [10]
‘Score’ (an internal score within each polling level used to decide when to increase or decrease the polling level. This is adjusted based on number of measurements currently being used for the regression algorithm). [1.0]
The estimated local clock error (‘theta’ in RFC1305). Positive indicates that the local clock is slow. [-4.966e-03].
The peer delay (‘delta’ in RFC1305). [2.296e-01]
The peer dispersion (‘epsilon’ in RFC1305). [1.577e-05]
The root delay (‘Delta’ in RFC1305). [1.615e-01]
The root dispersion (‘E’ in RFC1305). [7.446e-03]