chrony
This article describes how to set up and run chrony, an alternative NTP client and server that is roaming friendly and designed specifically for systems that are not online all the time.
Configuration
The smallest useful configuration file (using IP addresses instead of a hostname) would look something like:
/etc/chrony.conf
server 1.2.3.4 offline server 5.6.7.8 offline server 9.10.11.12 offline driftfile /etc/chrony.drift rtconutc rtcsync
NTP Servers
The first thing you define in your /etc/chrony.conf
is the servers your machine will synchronize to.
NTP servers are classified in a hierarchical system with many levels called strata: the devices which are considered independent time sources are classified as stratum 0 sources; the servers directly connected to stratum 0 devices are classified as stratum 1 sources; servers connected to stratum 1 sources are then classified as stratum 2 sources and so on.
It has to be understood that a server's stratum cannot be taken as an indication of its accuracy or reliability. Typically, stratum 2 servers are used for general synchronization purposes: if you do not already know the servers you are going to connect to, you should use the pool.ntp.org servers (alternate link) and choose the server pool that is closest to your location.
The following lines are just an example:
server 0.pool.ntp.org iburst server 1.pool.ntp.org iburst server 2.pool.ntp.org iburst server 3.pool.ntp.org iburst
If your computer is not connected to the internet on startup, it is recommended to use the offline option, to tell Chrony not to try and connect to the servers, until it has been given the go:
server 0.pool.ntp.org offline server 1.pool.ntp.org offline server 2.pool.ntp.org offline server 3.pool.ntp.org offline
It may also be a good idea to either use IP addresses instead of host names, or to map the hostnames to IP addresses in your /etc/hosts
file, as DNS resolving will not be available until you have made a connection.
Using NTS servers
Since version 4.0 , chrony supports NTS, a cryptographically secured variety of NTP. To use NTS, you can try the following servers:
server ptbtime1.ptb.de iburst nts server ptbtime2.ptb.de iburst nts server ptbtime3.ptb.de iburst nts server nts1.time.nl iburst nts server nts.ntp.se iburst nts server nts.sth1.ntp.se iburst nts server nts.sth2.ntp.se iburst nts server time.cloudflare.com iburst nts
Telling chronyd an internet connection has been made
If you are connected to the internet, run:
# chronyc chronyc> online 200 OK chronyc> exit
You may also be interested in the activity
option to display status:
# chronyc activity 200 OK 3 sources online 0 sources offline 0 sources doing burst (return to online) 0 sources doing burst (return to offline) 0 sources with unknown address
Chrony should now connect to the configured time servers and update your clock if needed. To tell chrony that you are not connected to the Internet anymore, execute the following:
# chronyc offline 200 OK # chronyc activity 200 OK 0 sources online 3 sources offline 0 sources doing burst (return to online) 0 sources doing burst (return to offline) 0 sources with unknown address
The online/offline status can be automatically handled by dispatcher services for networkmanager and connman, see below.
In conclusion, refer to /usr/share/doc/chrony/README
, which will point you to the right answer to any doubts you could still have. Documentation is also available online. See also the related man pages: ).
For intermittently running desktops
The configuration described here is not really suited well for intermittently running desktops. A machine running Arch Linux for five years, accumulated a 300 s error within the RTC. After a reboot it took chrony a long time to adjust this difference.
This keeps, interestingly, the RTC still out-of-date, but after each re-start, chrony adjusts the accumulated error of the RTC and the system time is quite synchronous to NTP even shortly after a start.
Usage
Starting chronyd
The package provides , see systemd for details.
Synchronising chrony hardware clock from the system clock
During boot the initial time is read from the hardware clock (RTC) and the system time is then set, and synchronised over a period of minutes once the chrony daemon has been running for a while. If the hardware clock is out of sync then the initial system time can be some minutes away from the true time. If that is the case it may be necessary to reset the hardware clock.
You can use chronyc to force the current system time to be synced to hardware:
Then exit from chronyc and the RTC and system time should be within a few microseconds of each other and should then be approximately correct on boot and fully synchronise a short time later.
Checking configured NTP servers
To check which NTP servers chrony is actually using, and how precise they are, you can use :
$ chronyc -N 'sources -a -v' .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^+ ptbnts1.ptb.de 1 6 377 50 -38us[ -13us] +/- 8723us ^* ptbnts2.ptb.de 1 6 377 49 +2061ns[ +27us] +/- 7538us ^+ nts.ntp.se 2 6 377 51 +594us[ +619us] +/- 15ms ^+ nts.sth1.ntp.se 2 6 377 51 +655us[ +680us] +/- 15ms ^+ nts.sth2.ntp.se 2 6 377 53 +991us[+1016us] +/- 15ms ^+ time.cloudflare.com 3 6 377 49 -1250us[-1250us] +/- 10ms
Notifying network state
If you have specified your pools as offline in chrony.conf
, you need to tell chrony that the network status has changed.
You can either use chronyc to notify chrony that your network configuration has changed, or you can use a dispatcher for your relevant network configuration manager.
NetworkManager
chronyd can go into online/offline mode along with a network connection through the use of NetworkManager's dispatcher scripts. You can install from the AUR.
netctl
Install from the AUR. This adds a hook to netctl which is run automatically for any connection.
dhcpcd
Create the following hook:
See