I need to find out the NTP Clients which are syncing with my NTP Server in a Unix(Linux/Solaris) Machine. For eg. How many Stratum 2 Servers sync the time with my Stratum1 Server. Is there any way to track it?
edit by bakunin: moving the thread to where it belongs: the technical forums.
Hrm, well, it would appear that ntpd 4.2.2p1 does not log enough info. It sends log info to syslog, but that seems to report only startup/shutdown/error info (even with "debug" level captured). I added the logfile option and got a status report in the logfile every time ntpd connected to an upstream stratus server.
7 Oct 11:47:16 ntpd[32403]: synchronized to 193.79.237.14, stratum 1
But it never reported when it was used as a stratus server.
Patching the source code might be in order.
You can also turn on IP filtering/logging to log incoming packets to port 123. Both Solaris IPF and Linux iptables support this feature. It won't tell you what stratum were used, but you might be able to figure that out from the packet headers and set the filters appropriately.
Use the ntpdc command:
ntpdc -c monlist
MrC is so right! Just a few tweaks to get what you want. This monlist ALSO prints "peers", meaning Stratum 1 hosts. What I do is print the peers, and exclude those from the monlist. Observe:
# get peers
/usr/sbin/ntpdc -n -c listpeers |awk '{print $2}' >/tmp/peers.$$
# get all hosts connected to this ntp server
/usr/sbin/ntpdc -c monlist |awk '{ print $1 }' |
fgrep -v -f /tmp/peers.$$ # exclude those from the first list
rm -f /tmp/peers.$$
Afterwards, you might want to do forward IP host resolution on the list. The reason I use the -n command is because the ntpdc output chops long hostnames off at a certain column, rendering the grep trick useless.