[ntpsec commit] Rafactor documentation for configuration commands related to monitoring.
Eric S. Raymond
esr at ntpsec.org
Sun Oct 11 21:48:25 UTC 2015
Module: ntpsec
Branch: master
Commit: 05ba52b986a8b54062dfdedd5d8ba3e0360f714b
Changeset: http://git.ntpsec.org/ntpsec/commit/?id=05ba52b986a8b54062dfdedd5d8ba3e0360f714b
Author: Eric S. Raymond <esr at thyrsus.com>
Date: Sun Oct 11 17:47:32 2015 -0400
Rafactor documentation for configuration commands related to monitoring.
---
docs/mon-commands.txt | 328 ++++++++++++++++++++++++++++++++++++++++++++++++++
docs/monopt.txt | 253 +-------------------------------------
ntpd/ntp.conf.txt | 283 +------------------------------------------
3 files changed, 331 insertions(+), 533 deletions(-)
diff --git a/docs/mon-commands.txt b/docs/mon-commands.txt
new file mode 100644
index 0000000..1d08124
--- /dev/null
+++ b/docs/mon-commands.txt
@@ -0,0 +1,328 @@
+// Monitoring commands. Is included twice.
+
+`statistics` _name..._::
+ Enables writing of statistics records. Currently, eight kinds of
+ _name_ statistics are supported.
+
+ `clockstats`;;
+ Enables recording of clock driver statistics information. Each
+ update received from a clock driver appends a line of the following
+ form to the file generation set named _clockstats_:
++
+-----------------------------------------------
+49213 525.624 127.127.4.1 93 226 00:08:29.606 D
+-----------------------------------------------
++
+The first two fields show the date (Modified Julian Day) and time
+(seconds and fraction past UTC midnight). The next field shows the
+clock address in dotted-quad notation. The final field shows the
+last timecode received from the clock in decoded ASCII format, where
+meaningful. In some clock drivers a good deal of additional
+information can be gathered and displayed as well. See information
+specific to each clock for further details.
+
+ `cryptostats`;;
+ This option requires the OpenSSL cryptographic software library. It
+ enables recording of cryptographic public key protocol information.
+ Each message received by the protocol module appends a line of the
+ following form to the file generation set named _cryptostats_:
++
+---------------------------------
+49213 525.624 127.127.4.1 message
+---------------------------------
++
+[width="100%",cols="<34%,<33%,<33%"]
+|============================================
+|Item | Units |Description
+|`49213` |MJD |date
+|`525.624` |s |time past midnight
+|`127.127.4.1`|IP |reference clock address
+|_`message`_ |text |log message
+|============================================
++
+The first two fields show the date (Modified Julian Day) and time
+(seconds and fraction past UTC midnight). The next field shows the
+peer address in dotted-quad notation, The final message field
+includes the message type and certain ancillary information. See the
+'Authentication Options' section for further information.
+
+ `loopstats`;;
+ Enables recording of loop filter statistics information. Each update
+ of the local clock outputs a line of the following form to the file
+ generation set named _loopstats_:
++
+-----------------------------------------------------------
+50935 75440.031 0.000006019 13.778190 0.000351733 0.0133806
+-----------------------------------------------------------
++
+[width="100%",cols="<34%,<33%,<33%"]
+|==================================
+|Item |Units |Description
+|`50935` |MJD |date
+|`75440.031` |s |time past midnight
+|`0.000006019`|s |clock offset
+|`13.778` |PPM |frequency offset
+|`0.000351733`|s |RMS jitter
+|`0.013380` |PPM |RMS frequency jitter (aka wander)
+|`6` |log~2~ s |clock discipline loop time constant
+|==================================
++
+The first two fields show the date (Modified Julian Day) and time
+(seconds and fraction past UTC midnight). The next five fields show
+time offset (seconds), frequency offset (parts per million - PPM),
+RMS jitter (seconds), Allan deviation (PPM) and clock discipline
+time constant.
+
+ `protostats`;;
+ Record significant peer and system events. Each significant
+ event appends one line to the `protostats` file set:
++
+`49213 525.624 128.4.1.1 963a 8a` _`message`_
++
+[width="100%",cols="<34%,<33%,<33%"]
+|====================================
+|Item |Units |Description
+|`49213` |MJD |date
+|`525.624` |s |time past midnight
+|`128.4.1.1`|IP |source address (`0.0.0.0` for system)
+|`963a` |code |status word
+|`8a` |code |event message code
+|_`message`_|text |event message
+|====================================
++
+The event message code and _`message`_ field are described on the
+"Event Messages and Status Words" page.
+
+ `peerstats`;;
+ Enables recording of peer statistics information. This includes
+ statistics records of all peers of a NTP server and of special
+ signals, where present and configured. Each valid update appends a
+ line of the following form to the current element of a file
+ generation set named _peerstats_:
++
+---------------------------------------------------------------------------------
+48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674
+---------------------------------------------------------------------------------
++
+[width="100%",cols="<34%,<33%,<33%"]
+|===================================================
+|Item |Units |Description
+|`48773` |MJD |date
+|`10847.650` |s |time past midnight
+|`127.127.4.1` |IP |source address
+|`9714` |hex |status word
+|`-0.001605376`|s |clock offset
+|`0.000000000` |s |roundtrip delay
+|`0.001424877` |s |dispersion
+|`0.000958674` |s |RMS jitter
+|===================================================
++
+The first two fields show the date (Modified Julian Day) and time
+(seconds and fraction past UTC midnight). The next two fields show
+the peer address in dotted-quad notation and status, respectively.
+The status field is encoded in hex in the format described in
+Appendix A of the NTP specification RFC 1305. The final four fields
+show the offset, delay, dispersion and RMS jitter, all in seconds.
+
+ `rawstats`;;
+ Enables recording of raw-timestamp statistics information. This
+ includes statistics records of all peers of a NTP server and of
+ special signals, where present and configured. Each NTP message
+ received from a peer or clock driver appends a line of the following
+ form to the file generation set named _rawstats_:
++
+---------------------------------------------------------------------------------
+5628 54575.160 128.4.1.1 192.168.1.5 3565350574.400229473
+ 3565350574.442385200 3565350574.442436000 3565350575.154505763
+ 0 4 4 1 8 -21 0.000000 0.000320 PPS
+---------------------------------------------------------------------------------
++
+|==============================================================================
+|Item |Units |Description
+|56285 |MJD |date
+|54575.160 |s |time past midnight
+|128.4.1.1 |IP |source address
+|192.168.1.5 |IP |destination address
+|3565350574.400229473|NTP s |origin timestamp
+|3565350574.442385200|NTP s |receive timestamp
+|3565350574.442436000|NTP s |transmit timestamp
+|3565350575.154505763|NTP s |destination timestamp
+|0 |0: OK, 1: insert pending, 2: delete pending, 3: not synced |leap warning indicator
+|4 |4 was current in 2012 |NTP version
+|4 |3: client, 4: server, 5: broadcast|mode
+|1 |1-15, 16: not synced |stratum
+|8 |log~2~ seconds |poll
+|-21 |log~2~ seconds |precision
+|0.000000 |seconds |total roundtrip delay to the primary reference clock
+|0.000320 |seconds |total dispersion to the primary reference clock
+|.PPS. |IP or text |refid, association ID
+|==============================================================================
++
+The first two fields show the date (Modified Julian Day) and time
+(seconds and fraction past UTC midnight). The next two fields show
+the remote peer or clock address followed by the local address in
+dotted-quad notation. The final four fields show the originate,
+receive, transmit and final NTP timestamps in order. The timestamp
+values are as received and before processing by the various data
+smoothing and mitigation algorithms.
+
+ `sysstats`;;
+ Enables recording of {ntpd} statistics counters on a periodic basis.
+ Each hour a line of the following form is appended to the file
+ generation set named _sysstats_:
++
+-----------------------------------------------------------
+50928 2132.543 36000 81965 0 9546 56 71793 512 540 10 147 1
+-----------------------------------------------------------
++
+[width="100%",cols="<34%,<33%,<33%",]
+|==================================================
+|Item |Units |Description
+|`50928` |MJD |date
+|`2132.543`|s |time past midnight
+|`3600` |s |time since reset
+|`81965` |# |packets received
+|`0` |# |packets for this host
+|`9546` |# |current versions
+|`56` |# |old version
+|`512` |# |access denied
+|`540` |# |bad length or format
+|`10` |# |bad authentication
+|`4` |# |declined
+|`147` |# |rate exceeded
+|`1` |# |kiss-o'-death packets sent
+|==================================================
++
+The first two fields show the date (Modified Julian Day) and time
+(seconds and fraction past UTC midnight). The remaining ten fields
+show the statistics counter values accumulated since the last
+generated line.
+
+ `timingstats`;;
+ (Only available when the deamon is compiled with process time
+ debugging support (--enable-debug-timing - costs performance). Record
+ processing time statistics for various selected code paths.
++
+`53876 36.920 10.0.3.5 1 0.000014592 input processing delay`
++
+[width="100%",cols="<34%,<33%,<33%",]
+|====================================
+|Item |Units |Description
+|`53876` |MJD |date
+|`36.920` |s |time past midnight
+|`10.0.3.5` |IP |server address
+|`1` |# |event count
+|`0.000014592`|s |total time
+|_`message`_ |text |code path description (see source)
+|====================================
+
+ `statsdir` _directory_path_;;
+ Indicates the full path of a directory where statistics files should
+ be created (see below). This keyword allows the (otherwise constant)
+ _filegen_ filename prefix to be modified for file generation sets,
+ which is useful for handling statistics logs.
+
+ `filegen` _name_ [`file` _filename_] [`type` _typename_] [`link` | `nolink`] [`enable` | `disable`];;
+ Configures setting of generation file set name. Generation file sets
+ provide a means for handling files that are continuously growing
+ during the lifetime of a server. Server statistics are a typical
+ example for such files. Generation file sets provide access to a set
+ of files used to store the actual data. At any time at most one
+ element of the set is being written to. The type given specifies
+ when and how data will be directed to a new element of the set. This
+ way, information stored in elements of a file set that are currently
+ unused are available for administrational operations without the
+ risk of disturbing the operation of {ntpd}. (Most important: they can
+ be removed to free space for new data produced.)
++
+Note that this command can be sent from the
+{ntpqman} program running at a remote location.
++
+ `name`::
+ This is the type of the statistics records, as shown in the
+ _statistics_ command.
+ `file` _filename_::
+ This is the file name for the statistics records. Filenames of set
+ members are built from three concatenated elements _prefix_,
+ _filename_ and _suffix_:
+
+ _prefix_;;
+ This is a constant filename path. It is not subject to
+ modifications via the _filegen_ option. It is defined by the
+ server, usually specified as a compile-time constant. It may,
+ however, be configurable for individual file generation sets via
+ other commands. For example, the prefix used with _loopstats_
+ and _peerstats_ generation can be configured using the
+ _statsdir_ option explained above.
+ _filename_;;
+ This string is directly concatenated to the prefix mentioned
+ above (no intervening ‘/’). This can be modified using the file
+ argument to the _filegen_ statement. No `..` elements are
+ allowed in this component to prevent filenames referring to
+ parts outside the filesystem hierarchy denoted by _prefix_.
+ _suffix_;;
+ This part is reflects individual elements of a file set. It is
+ generated according to the type of a file set.
+ `type` _typename_::
+ A file generation set is characterized by its type. The following
+ types are supported:
+
+ `none`;;
+ The file set is actually a single plain file.
+ `pid`;;
+ One element of file set is used per incarnation of a {ntpd}
+ server. This type does not perform any changes to file set
+ members during runtime, however it provides an easy way of
+ separating files belonging to different {ntpdman} server
+ incarnations. The set member filename is built by appending a
+ ‘.’ to concatenated prefix and filename strings, and appending the
+ decimal representation of the process ID of the
+ {ntpdman} server process.
+ `day`;;
+ One file generation set element is created per day. A day is
+ defined as the period between 00:00 and 24:00 UTC. The file set
+ member suffix consists of a ‘.’ and a day specification in the
+ form _YYYYMMdd_. _YYYY_ is a 4-digit year number (e.g., 1992).
+ _MM_ is a two digit month number. _dd_ is a two digit day
+ number. Thus, all information written at 10 December 1992 would
+ end up in a file named _prefix_ _filename_.19921210.
+ `week`;;
+ Any file set member contains data related to a certain week of a
+ year. The term week is defined by computing day-of-year modulo 7.
+ Elements of such a file generation set are distinguished by
+ appending the following suffix to the file set filename base: A
+ dot, a 4-digit year number, the letter _W_, and a 2-digit week
+ number. For example, information from January, 10th 1992 would
+ end up in a file with suffix _1992W1_.
+ `month`;;
+ One generation file set element is generated per month. The file
+ name suffix consists of a dot, a 4-digit year number, and a
+ 2-digit month.
+ `year`;;
+ One generation file element is generated per year. The filename
+ suffix consists of a dot and a 4 digit year number.
+ `age`;;
+ This type of file generation sets changes to a new element of
+ the file set every 24 hours of server operation. The filename
+ suffix consists of a dot, the letter _a_, and an 8-digit number.
+ This number is taken to be the number of seconds the server is
+ running at the start of the corresponding 24-hour period.
+
+ _link_ | _nolink_::
+ It is convenient to be able to access the current element of a
+ file generation set by a fixed name. This feature is enabled by
+ specifying _link_ and disabled using _nolink_. If link is
+ specified, a hard link from the current file set element to a file
+ without suffix is created. When there is already a file with this
+ name and the number of links of this file is one, it is renamed
+ appending a dot, the letter _C_, and the pid of the {ntpd} server
+ process. When the number of links is greater than one, the file is
+ unlinked. This allows the current file to be accessed by a
+ constant name.
+
+ `enable` | `disable`::
+ Enables or disables the recording function.
+ Information is only written to a file generation by specifying
+ `enable`; output is prevented by specifying `disable`.
+
+// end
diff --git a/docs/monopt.txt b/docs/monopt.txt
index c1a1b3c..472f3bb 100644
--- a/docs/monopt.txt
+++ b/docs/monopt.txt
@@ -55,258 +55,7 @@ retrospective analysis.
Unless noted otherwise, further information about these commands is on
the link:decode.html[Event Messages and Status Codes] page.
-page.
-
-`filegen` 'name' [`file` 'filename'] [`type` 'type'] [`link` | `nolink`] [`enable` | `disable`]::
- _name_;;
- Specifies the file set type from the list in the next section.
-
- `file` 'filename';;
- Specifies the filename prefix. The default is the file set type,
- such as "loopstats".
-
- `type` 'typename';;
- Specifies the file set interval. The following intervals are
- supported with default `day`:
-+
---
-`none`::
- The file set is actually a single plain file.
-
-`pid`::
- One file set member is created for every incarnation of `{ntpd}`.
- The file name suffix is the string .`n`, where `n` is the process
- ID of the `{ntpd}` server process.
-
-`day`::
- One file set member is created per day. A day is defined as the
- period between 00:00 and 23:59 UTC. The file name suffix is the
- string .`yyyymmdd`, where `yyyy` is the year, `mm` the month of
- the year and `dd` the day of the month. Thus, member created on 10
- December 1992 would have suffix `.19921210`.
-
-`week`::
- One file set member is created per week. The week is defined as
- the day of year modulo 7. The file name suffix is the string
- .`yyyyWww`, where `yyyy` is the year, `W` stands for itself and
- `ww` the week number starting from 0. For example, The member
- created on 10 January 1992 would have suffix `.1992W1`.
-
-`month`::
- One file set member is created per month. The file name suffix is
- the string .`yyyymm`, where `yyyy` is the year and `mm` the month
- of the year starting from 1. For example, The member created on 10
- January 1992 would have suffix `.199201`.
-
-`year`::
- One file set member is generated per year. The file name suffix is
- the string .`yyyy`, where `yyyy` is the year. For example, The
- member created on 1 January 1992 would have suffix `.1992`.
-
-`age`::
- One file set member is generated every 24 hours of `{ntpd}`
- operation. The filename suffix is the string `.adddddddd`, where
- `a` stands for itself and `dddddddd` is the `{ntpd}` running time in
- seconds at the start of the corresponding 24-hour period.
---
-+
- `link | nolink`;;
- It is convenient to be able to access the current file set members
- by file name, but without the suffix. This feature is enabled by
- `link` and disabled by `nolink`. If enabled, which is the default, a
- hard link from the current file set member to a file without suffix
- is created. When there is already a file with this name and the
- number of links to this file is one, it is renamed by appending a
- dot, the letter `C`, and the pid of the `{ntpd}` server process. When
- the number of links is greater than one, the file is unlinked. This
- allows the current file to be accessed by a constant name.
-
- `enable | disable`;;
- Enable or disable the recording function, with default `enable`.
- These options are intended for remote configuration commands.
-
-`statistics` 'name...'::
- Enables writing of statistics records. Currently, eight kinds of
- statistics are supported: _names_ specify the file set type(s) from
- the list in the next section.
-
-`statsdir` 'directory_path'::
- Specify the directory path prefix for statistics file names.
-
-[[types]]
-== File Set Types ==
-
-`clockstats`::
- Record reference clock statistics. Each update received from a
- reference clock driver appends one line to the `clockstats` file set:
-+
-`49213 525.624 127.127.4.1 93 226 00:08:29.606 D`
-+
-[width="100%",cols="<34%,<33%,<33%"]
-|============================================
-|Item | Units |Description
-|`49213` |MJD |date
-|`525.624` |s |time past midnight
-|`127.127.4.1`|IP |reference clock address
-|_`message`_ |text |log message
-|============================================
-+
-The _`message`_ field includes the last timecode received in decoded
-ASCII format, where meaningful. In some cases a good deal of
-additional information is displayed. See information specific to each
-reference clock for further details.
-
-`cryptostats`::
- Record significant events in the Autokey protocol. This option
- requires the OpenSSL cryptographic software library. Each event
- appends one line to the `cryptostats` file set:
-+
-`49213 525.624 128.4.1.1` _`message`_
-+
-[width="100%",cols="<34%,<33%,<33%"]
-|==================================================================
-|Item |Units |Description
-|`49213` |MJD |date
-|`525.624` |s |time past midnight
-|`128.4.1.1`|IP |source address (`0.0.0.0` for system)
-|_`message`_ |text |log message
-|==================================================================
-+
-The _`message`_ field includes the message type and certain ancillary
-information. See the link:authopt.html[Authentication Options] page
-for further information.
-
-`loopstats`::
- Record clock discipline loop statistics. Each system clock update
- appends one line to the `loopstats` file set:
-+
-`50935 75440.031 0.000006019 13.778 0.000351733 0.013380 6`
-+
-[width="100%",cols="<34%,<33%,<33%"]
-|==================================
-|Item |Units |Description
-|`50935` |MJD |date
-|`75440.031` |s |time past midnight
-|`0.000006019`|s |clock offset
-|`13.778` |PPM |frequency offset
-|`0.000351733`|s |RMS jitter
-|`0.013380` |PPM |RMS frequency jitter (aka wander)
-|`6` |log~2~ s |clock discipline loop time constant
-|==================================
-
-`peerstats`::
- Record peer statistics. Each NTP packet or reference clock update
- received appends one line to the `peerstats` file set:
-+
-`48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674`
-+
-[width="100%",cols="<34%,<33%,<33%"]
-|===================================================
-|Item |Units |Description
-|`48773` |MJD |date
-|`10847.650` |s |time past midnight
-|`127.127.4.1` |IP |source address
-|`9714` |hex |status word
-|`-0.001605376`|s |clock offset
-|`0.000000000` |s |roundtrip delay
-|`0.001424877` |s |dispersion
-|`0.000958674` |s |RMS jitter
-|===================================================
-+
-The status field is encoded in hex format as described in Appendix B
-of the NTP specification RFC 1305.
-
-`protostats`::
- Record significant peer, system and [rptpcp; events. Each significant
- event appends one line to the `protostats` file set:
-+
-`49213 525.624 128.4.1.1 963a 8a` _`message`_
-+
-[width="100%",cols="<34%,<33%,<33%"]
-|====================================
-|Item |Units |Description
-|`49213` |MJD |date
-|`525.624` |s |time past midnight
-|`128.4.1.1`|IP |source address (`0.0.0.0` for system)
-|`963a` |code |status word
-|`8a` |code |event message code
-|_`message`_ |text |event message
-|====================================
-+
-The event message code and _`message`_ field are described on the
-link:decode.html[Event Messages and Status Words] page.
-
-`rawstats`::
- Record timestamp statistics. Each NTP packet received appends one line
- to the `rawstats` file set:
-+
-`56285 54575.160 128.4.1.1 192.168.1.5 3565350574.400229473 3565350574.442385200 3565350574.442436000 3565350575.154505763 0 4 4 1 8 -21 0.000000 0.000320 .PPS.`
-+
-[width="100%",cols="<34%,<33%,<33%",cold="m,d,d"]
-|==============================================================================
-|Item |Units |Description
-|56285 |MJD |date
-|54575.160 |s |time past midnight
-|128.4.1.1 |IP |source address
-|192.168.1.5 |IP |destination address
-|3565350574.400229473|NTP s |origin timestamp
-|3565350574.442385200|NTP s |receive timestamp
-|3565350574.442436000|NTP s |transmit timestamp
-|3565350575.154505763|NTP s |destination timestamp
-|0 |0: OK, 1: insert pending, 2: delete pending, 3: not synced |leap warning indicator
-|4 |4 was current in 2012 |NTP version
-|4 |3: client, 4: server, 5: broadcast|mode
-|1 |1-15, 16: not synced |stratum
-|8 |log~2~ seconds |poll
-|-21 |log~2~ seconds |precision
-|0.000000 |seconds |
-total roundtrip delay to the primary reference clock
-|0.000320 |seconds |
-total dispersion to the primary reference clock
-|PPS. |IP or text |refid, association ID
-|==============================================================================
-
-`sysstats`::
- Record system statistics. Each hour one line is appended to the
- `sysstats` file set in the following format:
-+
-`50928 2132.543 3600 81965 0 9546 56 512 540 10 4 147 1`
-+
-[width="100%",cols="<34%,<33%,<33%",]
-|==================================================
-|Item |Units |Description
-|`50928` |MJD |date
-|`2132.543`|s |time past midnight
-|`3600` |s |time since reset
-|`81965` |# |packets received
-|`0` |# |packets for this host
-|`9546` |# |current versions
-|`56` |# |old version
-|`512` |# |access denied
-|`540` |# |bad length or format
-|`10` |# |bad authentication
-|`4` |# |declined
-|`147` |# |rate exceeded
-|`1` |# |kiss-o'-death packets sent
-|==================================================
-
-`timingstats`::
- (Only available when the deamon is compiled with process time
- debugging support (--enable-debug-timing - costs performance). Record
- processing time statistics for various selected code paths.
-+
-`53876 36.920 10.0.3.5 1 0.000014592 input processing delay`
-+
-[width="100%",cols="<34%,<33%,<33%",]
-|====================================
-|Item |Units |Description
-|`53876` |MJD |date
-|`36.920` |s |time past midnight
-|`10.0.3.5` |IP |server address
-|`1` |# |event count
-|`0.000014592`|s |total time
-|_`message`_ |text |code path description (see source)
-|====================================
+include::mon-commands.txt[]
'''''
diff --git a/ntpd/ntp.conf.txt b/ntpd/ntp.conf.txt
index 7524a10..347143c 100644
--- a/ntpd/ntp.conf.txt
+++ b/ntpd/ntp.conf.txt
@@ -88,7 +88,7 @@ include::../docs/assoc-commands.txt[]
include::../docs/assoc-options.txt[]
-=== Auxiliary Commands ===
+=== Association Auxiliary Commands ===
include::../docs/assoc-auxcommands.txt[]
@@ -96,54 +96,6 @@ include::../docs/assoc-auxcommands.txt[]
include::../docs/auth-commands.txt[]
-=== Error Codes ===
-
-The following error codes are reported via the NTP control and
-monitoring protocol trap mechanism.
-
-101::
- (bad field format or length) The packet has invalid version, length or
- format.
-102::
- (bad timestamp) The packet timestamp is the same or older than the
- most recent received. This could be due to a replay or a server clock
- time step.
-103::
- (bad filestamp) The packet filestamp is the same or older than the
- most recent received. This could be due to a replay or a key file
- generation error.
-104::
- (bad or missing public key) The public key is missing, has incorrect
- format or is an unsupported type.
-105::
- (unsupported digest type) The server requires an unsupported
- digest/signature scheme.
-106::
- (mismatched digest types) Not used.
-107::
- (bad signature length) The signature length does not match the current
- public key.
-108::
- (signature not verified) The message fails the signature check. It
- could be bogus or signed by a different private key.
-109::
- (certificate not verified) The certificate is invalid or signed with
- the wrong key.
-110::
- (certificate not verified) The certificate is not yet valid or has
- expired or the signature could not be verified.
-111::
- (bad or missing cookie) The cookie is missing, corrupted or bogus.
-112::
- (bad or missing leapseconds table) The leapseconds table is missing,
- corrupted or bogus.
-113::
- (bad or missing certificate) The certificate is missing, corrupted or
- bogus.
-114::
- (bad or missing identity) The identity key is missing, corrupt or
- bogus.
-
== Monitoring Support ==
{ntpdman} includes a comprehensive monitoring facility suitable
@@ -157,238 +109,7 @@ analysis.
=== Monitoring Commands ===
-`statistics` _name..._::
- Enables writing of statistics records. Currently, eight kinds of
- _name_ statistics are supported.
-
- `clockstats`;;
- Enables recording of clock driver statistics information. Each
- update received from a clock driver appends a line of the following
- form to the file generation set named _clockstats_:
-+
------------------------------------------------
-49213 525.624 127.127.4.1 93 226 00:08:29.606 D
------------------------------------------------
-+
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next field shows the
-clock address in dotted-quad notation. The final field shows the
-last timecode received from the clock in decoded ASCII format, where
-meaningful. In some clock drivers a good deal of additional
-information can be gathered and displayed as well. See information
-specific to each clock for further details.
-
- `cryptostats`;;
- This option requires the OpenSSL cryptographic software library. It
- enables recording of cryptographic public key protocol information.
- Each message received by the protocol module appends a line of the
- following form to the file generation set named _cryptostats_:
-+
----------------------------------
-49213 525.624 127.127.4.1 message
----------------------------------
-+
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next field shows the
-peer address in dotted-quad notation, The final message field
-includes the message type and certain ancillary information. See the
-'Authentication Options' section for further information.
-
- `loopstats`;;
- Enables recording of loop filter statistics information. Each update
- of the local clock outputs a line of the following form to the file
- generation set named _loopstats_:
-+
------------------------------------------------------------
-50935 75440.031 0.000006019 13.778190 0.000351733 0.0133806
------------------------------------------------------------
-+
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next five fields show
-time offset (seconds), frequency offset (parts per million - PPM),
-RMS jitter (seconds), Allan deviation (PPM) and clock discipline
-time constant.
-
- `peerstats`;;
- Enables recording of peer statistics information. This includes
- statistics records of all peers of a NTP server and of special
- signals, where present and configured. Each valid update appends a
- line of the following form to the current element of a file
- generation set named _peerstats_:
-+
----------------------------------------------------------------------------------
-48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674
----------------------------------------------------------------------------------
-+
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next two fields show
-the peer address in dotted-quad notation and status, respectively.
-The status field is encoded in hex in the format described in
-Appendix A of the NTP specification RFC 1305. The final four fields
-show the offset, delay, dispersion and RMS jitter, all in seconds.
-
- `rawstats`;;
- Enables recording of raw-timestamp statistics information. This
- includes statistics records of all peers of a NTP server and of
- special signals, where present and configured. Each NTP message
- received from a peer or clock driver appends a line of the following
- form to the file generation set named _rawstats_:
-+
----------------------------------------------------------------------------------
-50928 2132.543 128.4.1.1 128.4.1.20 3102453281.584327000 3102453281.58622800031 02453332.540806000 3102453332.541458000
----------------------------------------------------------------------------------
-+
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next two fields show
-the remote peer or clock address followed by the local address in
-dotted-quad notation. The final four fields show the originate,
-receive, transmit and final NTP timestamps in order. The timestamp
-values are as received and before processing by the various data
-smoothing and mitigation algorithms.
-
- `sysstats`;;
- Enables recording of {ntpd} statistics counters on a periodic basis.
- Each hour a line of the following form is appended to the file
- generation set named _sysstats_:
-+
----------------------------------------------------------
-50928 2132.543 36000 81965 0 9546 56 71793 512 540 10 147
----------------------------------------------------------
-+
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The remaining ten fields
-show the statistics counter values accumulated since the last
-generated line.
-
- Time since restart `36000`::
- Time in hours since the system was last rebooted.
- Packets received `81965`::
- Total number of packets received.
- Packets processed `0`::
- Number of packets received in response to previous packets sent
- Current version `9546`::
- Number of packets matching the current NTP version.
- Previous version `56`::
- Number of packets matching the previous NTP version.
- Bad version `71793`::
- Number of packets matching neither NTP version.
- Access denied `512`::
- Number of packets denied access for any reason.
- Bad length or format `540`::
- Number of packets with invalid length, format or port number.
- Bad authentication `10`::
- Number of packets not verified as authentic.
- Rate exceeded `147`::
- Number of packets discarded due to rate limitation.
-
- `statsdir` _directory_path_;;
- Indicates the full path of a directory where statistics files should
- be created (see below). This keyword allows the (otherwise constant)
- _filegen_ filename prefix to be modified for file generation sets,
- which is useful for handling statistics logs.
-
- `filegen` _name_ [`file` _filename_] [`type` _typename_] [`link` | `nolink`] [`enable` | `disable`];;
- Configures setting of generation file set name. Generation file sets
- provide a means for handling files that are continuously growing
- during the lifetime of a server. Server statistics are a typical
- example for such files. Generation file sets provide access to a set
- of files used to store the actual data. At any time at most one
- element of the set is being written to. The type given specifies
- when and how data will be directed to a new element of the set. This
- way, information stored in elements of a file set that are currently
- unused are available for administrational operations without the
- risk of disturbing the operation of {ntpd}. (Most important: they can
- be removed to free space for new data produced.)
-+
-Note that this command can be sent from the
-{ntpqman} program running at a remote location.
-+
- `name`::
- This is the type of the statistics records, as shown in the
- _statistics_ command.
- `file` _filename_::
- This is the file name for the statistics records. Filenames of set
- members are built from three concatenated elements _prefix_,
- _filename_ and _suffix_:
-
- _prefix_;;
- This is a constant filename path. It is not subject to
- modifications via the _filegen_ option. It is defined by the
- server, usually specified as a compile-time constant. It may,
- however, be configurable for individual file generation sets via
- other commands. For example, the prefix used with _loopstats_
- and _peerstats_ generation can be configured using the
- _statsdir_ option explained above.
- _filename_;;
- This string is directly concatenated to the prefix mentioned
- above (no intervening ‘/’). This can be modified using the file
- argument to the _filegen_ statement. No `..` elements are
- allowed in this component to prevent filenames referring to
- parts outside the filesystem hierarchy denoted by _prefix_.
- _suffix_;;
- This part is reflects individual elements of a file set. It is
- generated according to the type of a file set.
- `type` _typename_::
- A file generation set is characterized by its type. The following
- types are supported:
-
- `none`;;
- The file set is actually a single plain file.
- `pid`;;
- One element of file set is used per incarnation of a {ntpd}
- server. This type does not perform any changes to file set
- members during runtime, however it provides an easy way of
- separating files belonging to different {ntpdman} server
- incarnations. The set member filename is built by appending a
- ‘.’ to concatenated prefix and filename strings, and appending the
- decimal representation of the process ID of the
- {ntpdman} server process.
- `day`;;
- One file generation set element is created per day. A day is
- defined as the period between 00:00 and 24:00 UTC. The file set
- member suffix consists of a ‘.’ and a day specification in the
- form _YYYYMMdd_. _YYYY_ is a 4-digit year number (e.g., 1992).
- _MM_ is a two digit month number. _dd_ is a two digit day
- number. Thus, all information written at 10 December 1992 would
- end up in a file named _prefix_ _filename_.19921210.
- `week`;;
- Any file set member contains data related to a certain week of a
- year. The term week is defined by computing day-of-year modulo 7.
- Elements of such a file generation set are distinguished by
- appending the following suffix to the file set filename base: A
- dot, a 4-digit year number, the letter _W_, and a 2-digit week
- number. For example, information from January, 10th 1992 would
- end up in a file with suffix _1992W1_.
- `month`;;
- One generation file set element is generated per month. The file
- name suffix consists of a dot, a 4-digit year number, and a
- 2-digit month.
- `year`;;
- One generation file element is generated per year. The filename
- suffix consists of a dot and a 4 digit year number.
- `age`;;
- This type of file generation sets changes to a new element of
- the file set every 24 hours of server operation. The filename
- suffix consists of a dot, the letter _a_, and an 8-digit number.
- This number is taken to be the number of seconds the server is
- running at the start of the corresponding 24-hour period.
-
- _link_ | _nolink_::
- It is convenient to be able to access the current element of a
- file generation set by a fixed name. This feature is enabled by
- specifying _link_ and disabled using _nolink_. If link is
- specified, a hard link from the current file set element to a file
- without suffix is created. When there is already a file with this
- name and the number of links of this file is one, it is renamed
- appending a dot, the letter _C_, and the pid of the {ntpd} server
- process. When the number of links is greater than one, the file is
- unlinked. This allows the current file to be accessed by a
- constant name.
-
- `enable` | `disable`::
- Enables or disables the recording function.
- Information is only written to a file generation by specifying
- `enable`; output is prevented by specifying `disable`.
+include::../docs/mon-commands.txt[]
== Access Control Support ==
More information about the vc
mailing list