[ntp:questions] NTP Statistics
David L. Mills
mills at udel.edu
Tue Jan 29 00:21:25 UTC 2008
The best place to check the data is in the ntp_util.c file,
record_sys_stats() routine. I recently added another stat, but you might
not be using the most recent version.
The time since startup is in hours. The packets received are the total
number of packets received. The server packets received are in response
to packets sent from an association on your machine.
There are so many little trails in and out of the machine, like
control/monitor packets, etc., and so many little ways a packet can be
dropped, that the counters might not catch each and every wee thing.
Steve Pearson wrote:
> I am using ntpv4.2.0 and have a question about the system statistics
> interpretation on my NTP server.
> The ntp page on monitoring options lists 11 'system stat' fields as
> MJD date
> time past midnight
> time since restart
> packets received last hour
> server packets received last hour
> current version packets last hour
> previous version packets last hour
> access denied packets last hour
> bad length or format packets last hour
> bad authentication packets last hour
> rate exceeded packets last hour
> A sample of my daily filegen output is as follows (12 fields):
> 54493 514.622 117 12 3 12 0 0 0 0 0 0
> 54493 4118.319 118 14 2 14 0 0 0 0 0 0
> 54493 7722.012 119 13 3 13 0 0 0 0 0 0
> It is critical for me to understand the meaning of each of the stats
> to properly monitor my NTP deployment. Can someone please point me to
> more detailed descriptions or maybe just confirm and comment on my
> guesses below.
> My interpretation of the stats meaning (for my 1st line output listed
> above) is as below:
> 54493 - MJD date
> 514.622 - UTC time past midnight in seconds
> 117 - time since restart (in hours? or is this just a record count?)
> 12 - packets received last hour (NTP req packets from clients last
> 3 - Server Packets received last hour (packets from other servers??)
> 12 - current version packets last hour (NTP req packets from clients
> using same version of NTP)
> 0 - previous version packets last hour
> 0 - access denied packets last hour (not allowed to synchronize with
> 0 - bad length or format packets last hour
> 0 - bad authentication packets last hour (bad MD5 check??)
> 0 - rate exceeded packets last hour (exceeded the min poll rate or
> some such?)
> 0 - extra field not described on web????
> Most critical for me is that I understand that "packets received last
> hour" is really a count of NTP requests from clients. I want to use
> this to get a rough idea of the load on my server to use for scaling
> and monitoring.
More information about the questions