NTP

A bug has been introduced into Ubuntu 23.04, 23.10 and 24.04, for which the ntpsec package is installed instead of the ntp package based on the official NTP source. Please login to Launchpad to see the bug raised, then click on "Does this bug affect you?".

I have modified the following instructions but alas NTPsec is not equivalent to NTP, thus the specified configuration does not have an effect.

This bug must be rectified in time for the release of Ubuntu 24.04LTS


In Computer Networks it is preferable to minimise hierarchy — for Network Time Protocol we can accomplish this with multicast

The present standard is 'Network Time Protocol Version 4' (RFC 5905), June 2010

Per the following paragraph from http://doc.ntp.org/4.1.0/assoc.htm

It is possible and frequently useful to configure a host as both a manycast client and manycast server. A number of hosts configured this way and sharing a common group address will automatically organize themselves in an optimum configuration based on the smallest synchronization distance computed by the NTP mitigation algorithms. For example, consider an NTP subnet of two primary servers and maybe a dozen dependent clients. All servers and clients are configured as both multicast client and multicast server with multicast group address 239.1.1.1. In addition, the primary servers are configured for a primary reference source such as a GPS receiver. Once operations have stabilized in this scenario, the primary servers will affiliate with the primary reference source and each other, since they both operate at the same stratum (1), but not with any client, since clients operate at a higher stratum. The clients will find both primary servers and in addition, one of their own at the minimum synchronization distance. If one of the primary servers loses its GPS receiver, it will continue to operate as a client and other clients will time out the corresponding association and re-associate accordingly.


Per the following paragraph from http://doc.ntp.org/4.2.0/manyopt.html

It is possible and frequently useful to configure a host as both manycast client and manycast server. A number of hosts configured this way and sharing a common group address will automatically organize themselves in an optimum configuration based on stratum and synchronization distance. For example, consider an NTP subnet of two primary servers and a hundred or more dependent clients. With two exceptions, all servers and clients have identical configuration files including both multicastclient and multicastserver commands using, for instance, multicast group address 239.1.1.1. The only exception is that each primary server configuration file must include commands for the primary reference source such as a GPS receiver.


Per the following paragraph from http://doc.ntp.org/4.2.6/manyopt.html

It is possible and frequently useful to configure a host as both broadcast client and broadcast server. A number of hosts configured this way and sharing a common broadcast address will automatically organize themselves in an optimum configuration based on stratum and synchronization distance.


Per the following paragraph from https://www.ntp.org/documentation/4.2.8-series/discover/

It is possible and frequently useful to configure a host as both manycast client and manycast server. A number of hosts configured this way and sharing a common multicast group address will automatically organize themselves in an optimum configuration based on stratum and synchronization distance.


Install the Network Time Protocol Daemon:
sudo add-apt-repository -uy universe &> /dev/null; sudo apt-get -y install ntp

At the bottom of the file copy and paste:
sudo nano /etc/ntpsec/ntp.conf

# As a server
broadcast 224.0.1.1                     #Used with multicastclient
broadcast ff0e::101                     #Used with multicastclient
manycastserver 224.0.1.1                #Used with manycastclient
manycastserver ff0e::101                #Used with manycastclient

# As a client
server 2.oceania.pool.ntp.org iburst prefer
server 2.au.pool.ntp.org iburst prefer
server 2.nz.pool.ntp.org iburst prefer
#broadcastclient                        #Optionally receive from legacy devices
manycastclient 224.0.1.1                #Used with manycastserver
manycastclient ff0e::101                #Used with manycastserver
multicastclient 224.0.1.1 ttl 255       #Used with broadcast
multicastclient ff0e::101 ttl 255       #Used with broadcast

# Restrict except to those which we allow
restrict 224.0.1.1
restrict ff0e::101
restrict fe80::/10


Alternatively an automated method of appending the aforementioned configuration to the file /etc/ntp.conf is:
echo -e "\n# As a server" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "broadcast 224.0.1.1\t\t\t#Used with multicastclient" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "broadcast ff0e::101\t\t\t#Used with multicastclient" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "manycastserver 224.0.1.1\t\t#Used with manycastclient" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "manycastserver ff0e::101\t\t#Used with manycastclient" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "\n# As a client" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "server 2.oceania.pool.ntp.org iburst prefer" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "server 2.au.pool.ntp.org iburst prefer" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "server 2.nz.pool.ntp.org iburst prefer" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "#broadcastclient\t\t\t#Optionally receive from legacy devices" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "manycastclient 224.0.1.1\t\t#Used with manycastserver" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "manycastclient ff0e::101\t\t#Used with manycastserver" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "multicastclient 224.0.1.1 ttl 255\t#Used with broadcast" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "multicastclient ff0e::101 ttl 255\t#Used with broadcast" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "\n# Restrict except to those which we allow" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "restrict 224.0.1.1" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "restrict ff0e::101" | sudo tee -a /etc/ntpsec/ntp.conf \
&& echo -e "restrict fe80::/10" | sudo tee -a /etc/ntpsec/ntp.conf

Restart the daemon:
sudo /etc/init.d/ntpsec try-restart && sudo /usr/sbin/ntpd -Ab

Prove that the configuration is correct:
/usr/sbin/ntpleapfetch -v
/usr/sbin/ntpwait -v
/usr/sbin/ntptime
ntpq -p
ntptrace


Jonathan Ferguson, Ubuntu Wiki, Network Time Protocol, https://wiki.edubuntu.org/JonathanFerguson/NTP


JonathanFerguson/NTP (last edited 2024-01-02 01:54:26 by jonathan-ferguson)