[ntp:questions] what is refid in ntpq -pn
hans.mayer.08 at gmail.com
Sat May 13 19:46:28 UTC 2017
On 7 May 2017, at 00:12, Steven Sommars <stevesommarsntp at gmail.com> wrote:
> If using the IPv6 address family, it is the first four octets of the MD5 hash of the IPv6 address.
OK, now I understand, this makes sense. I am using dual stack on my application server as well as on all ntp server. And I am using DNS names in ntp.conf. I see similar refid's because all my application server have identical 4 ntp upstream server.
But hard to verify. Has somebody a tool to convert an IPv6 in usual notation to change into 32 hex-chars without ":" character ?
On 8 May 2017, at 06:50, Brian Inglis <Brian.Inglis at SystematicSw.ab.ca> wrote:
> ntpq -wp localhost remotehost
Many thanks. This I didn't know. It's similar to "ntptrace" but more detailed.
On 9 May 2017, at 09:35, Harlan Stenn <stenn at ntp.org> wrote:
> If you're trying to backtrace the timing chain, use 'ntpq -c apeers' and then feed the association ID to:
> ntpq -c 'rv XXXX'
> to get the srcadr for that association.
Yes, you are right. I see the same "IPv4" address as refid. But now I know it's a MD5 hash. But here it could be shown as real IPv6. There is enough space.
Many thanks for all replies.
I always thought "refid" for command "ntpq -pn" shows the next upstream server for the remote server listed below "remote". But now I have my concerns.
Lets explain my situation:
I have 4 application server. Lets call them a1 till a4. And I have 4 internal ntp server ntp1 till ntp4. These are stratum 2 server. All of them ( appl and ntp ) are running ntp version 4.2.8p10
Each application server has 4 server config lines and 2 peer config lines in ntp.conf.
The 4 lines with server are my 4 ntp server ntp1 till ntp4 and the peer lines are the neighbours. For example a2 has a peering with a1 and a3. I call it the neighbours. And so on until the loop is closed.
If I check with ntpq -pn I see 6 lines for each application server. The lines where ntp1 till ntp4 are listed have as "refid" IP addresses which are typical one of my own stratum 1 server or an external one, but with well known IP.
And now the mystery. The lines where the neighbours ( for example a1 and a3 ) are listed shows as "refid" complete foreign IP addresses. I checked these IP's in the peerstats file of the application server but can't find it. I can't find it in the ntp server too. So where is it coming from ?
Actually it can never be happen that a neighbour has a different group of entries. As each neighbour has the same upstream server and the same neighbours.
Currently I see the following IP's: 220.127.116.11 18.104.22.168 22.214.171.124
If I query with ntpdate or ntpdig none of them is coming back with a time information ?
If I look for unique IP addresses in the peerstats file of the last 10 days I have exactly 6 items. And all of them belong to my network.
I am not new to ntp. I did deal a lot with ntp. But this is a mystery for me.
Any hint or tip is welcome how-to dig deeper in this issue.
More information about the questions