NTP Statistics

From: Steve Pearson <throindarts@xxxxxxxxx>
Date: Mon, 28 Jan 2008 12:58:35 -0800 (PST)

Hi,
I am using ntpv4.2.0 and have a question about the system statistics
interpretation on my NTP server.

The ntp page on monitoring options lists 11 'system stat' fields as
follows.
http://www.eecis.udel.edu/~mills/ntp/html/monopt.html

MJD date
time past midnight
time since restart
packets received last hour
server packets received last hour
current version packets last hour
previous version packets last hour
access denied packets last hour
bad length or format packets last hour
bad authentication packets last hour
rate exceeded packets last hour

A sample of my daily filegen output is as follows (12 fields):
54493 514.622 117 12 3 12 0 0 0 0 0 0
54493 4118.319 118 14 2 14 0 0 0 0 0 0
54493 7722.012 119 13 3 13 0 0 0 0 0 0

It is critical for me to understand the meaning of each of the stats
to properly monitor my NTP deployment. Can someone please point me to
more detailed descriptions or maybe just confirm and comment on my
guesses below.

My interpretation of the stats meaning (for my 1st line output listed
above) is as below:

54493 - MJD date
514.622 - UTC time past midnight in seconds
117 - time since restart (in hours? or is this just a record count?)
12 - packets received last hour (NTP req packets from clients last
hour)
3 - Server Packets received last hour (packets from other servers??)
12 - current version packets last hour (NTP req packets from clients
using same version of NTP)
0 - previous version packets last hour
0 - access denied packets last hour (not allowed to synchronize with
me???)
0 - bad length or format packets last hour
0 - bad authentication packets last hour (bad MD5 check??)
0 - rate exceeded packets last hour (exceeded the min poll rate or
some such?)
0 - extra field not described on web????

Most critical for me is that I understand that "packets received last
hour" is really a count of NTP requests from clients. I want to use
this to get a rough idea of the load on my server to use for scaling
and monitoring.

thanks,
Steve
.

Follow-Ups:
- Re: NTP Statistics
  - From: David L. Mills
- Re: NTP Statistics
  - From: Harlan Stenn

Prev by Date: Re: very slow convergence of ntp to correct time.
Next by Date: Re: very slow convergence of ntp to correct time.
Previous by thread: HBG down?
Next by thread: Re: NTP Statistics
Index(es):
- Date
- Thread

Relevant Pages

Re: NTPD concurrent clients limit
... See the papers referenced on the NTP project page. ... The most interesting case was finding the abusers in a flood of 3000 packets per second with three load-balanced servers. ... I'm testing an embedded linux device, which implement an NTP server, ... based on the ntpd demon. ...
(comp.protocols.time.ntp)
Re: servers address in ntp payload?
... >> I have take a look at ntp_request.h and I found that ntp doesn't put ... >> address of the remote server being used in the request. ... the clock or sending out its own spurious packets. ... validate once you have an agreed-upon authentication. ...
(comp.protocols.time.ntp)
Re: NTPD concurrent clients limit
... See the papers referenced on the NTP project page. ... interesting case was finding the abusers in a flood of 3000 packets per ... I'm testing an embedded linux device, which implement an NTP server, ... based on the ntpd demon. ...
(comp.protocols.time.ntp)
Re: NTP Drifts +ve and -ve
... so the local clock drifts 60 milliseconds from the time server. ... Dropped packets are quite unlikely to be the problem, ... More likely is that the NTP daemon is being preempted between taking the ...
(comp.protocols.time.ntp)
Re: solaris 9 IPQoS examples?
... If you are receiving big packets, ... if you're trying to do ntp!). ... as a limit on its outgoing packet size. ... I believe, on the ifconfig line in asppp.cf too, to set the MTU ...
(comp.unix.solaris)