What's new

ntpMerlin Drift ppm slow

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Yes I am on a compatible version or Merlin. I am running 384.13_10.

Not sure which error you are referring to.
 
Does this look like it’s running properly? Seems too good.
From what I know, NTS isn't supported yet. Offset of 0 is suspect. What does:
Code:
/opt/etc/init.d/S77chronyd check
show?

Also:
Code:
chronyc tracking
chronyc sources
 
From what I know, NTS isn't supported yet. Offset of 0 is suspect. What does:
Code:
/opt/etc/init.d/S77chronyd check
show?

Also:
Code:
chronyc tracking
chronyc sources
First one says ALIVE


Reference ID : 7F7F0101 ()
Stratum : 10
Ref time (UTC) : Mon Jan 25 17:31:59 2021
System time : 0.000000002 seconds slow of NTP time
Last offset : +0.000000000 seconds
RMS offset : 0.000000000 seconds
Frequency : 15.003 ppm slow
Residual freq : +0.000 ppm
Skew : 0.000 ppm
Root delay : 0.000000000 seconds
Root dispersion : 0.000000000 seconds
Update interval : 0.0 seconds
Leap status : Normal



MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^- usqas2-ntp-001.aaplimg.c> 1 10 377 588 +139us[ +139us] +/- 15ms
^- uschi5-ntp-002.aaplimg.c> 1 10 377 191 +2347us[+2347us] +/- 23ms
^- usqas2-ntp-002.aaplimg.c> 1 10 377 21m +2288us[+2288us] +/- 13ms
^- uschi5-ntp-001.aaplimg.c> 1 10 377 363 +3464us[+3464us] +/- 22ms
^- time1.google.com 1 10 377 37m +1667us[+1667us] +/- 7893us
^- time4.google.com 1 10 377 477 +2378us[+2378us] +/- 17ms
^- time2.google.com 1 10 377 36 -7453us[-7453us] +/- 18ms
^- time3.google.com 1 10 377 587 +6520us[+6520us] +/- 12ms
^- mis.wci.com 2 10 377 29m +1867us[+1867us] +/- 86ms
^- tick.srs1.ntfo.org 3 10 377 63 +4703us[+4703us] +/- 125ms
^- unifi.versadns.com 2 10 377 854 +4001us[+4001us] +/- 35ms
^- ntpool0.603.newcontinuum> 2 10 371 75m +2888us[+2888us] +/- 65ms
 
This is my conf


pool time.cloudflare.com iburst nts
pool time.apple.com
pool time.google.com
! server 0.pool.ntp.org iburst
! server 1.pool.ntp.org iburst
! server 2.pool.ntp.org iburst
! server 3.pool.ntp.org iburst

pool pool.ntp.org iburst
 
This is my conf


pool time.cloudflare.com iburst nts
pool time.apple.com
pool time.google.com
! server 0.pool.ntp.org iburst
! server 1.pool.ntp.org iburst
! server 2.pool.ntp.org iburst
! server 3.pool.ntp.org iburst

pool pool.ntp.org iburst
First of all...

If you want to use Cloudflare ... use pool time.cloudflare.com:1234 iburst

You should remove ”!” , so the servers should look like this ... server 0.pool.ntp.org iburst

Then check ...

chronyc -n sources This will show the servers connected

chronyc tracking This will show some stats
 
I fixed cloudflare so now I see these stats. Looks like it is working properly now.


MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? time.cloudflare.com 0 8 0 - +0ns[ +0ns] +/- 0ns
^+ time.cloudflare.com 3 7 77 35 -1254us[-1254us] +/- 16ms
^? time.cloudflare.com 0 8 0 - +0ns[ +0ns] +/- 0ns
^* time.cloudflare.com 3 7 37 102 -4280us[-4179us] +/- 25ms
^- lofn.fancube.com 2 6 177 6 -6364us[-6364us] +/- 54ms
^- 159.203.158.197 2 6 177 35 -3572us[-3572us] +/- 65ms
^- dfw0.clover.mattnordhoff> 2 6 177 36 -3188us[-3188us] +/- 34ms
^- time.richiemcintosh.com 2 6 175 35 +91us[ +91us] +/- 44ms






Reference ID : A29FC87B (time.cloudflare.com)
Stratum : 4
Ref time (UTC) : Mon Jan 25 18:37:38 2021
System time : 0.000099915 seconds fast of NTP time
Last offset : +0.000100558 seconds
RMS offset : 0.000161644 seconds
Frequency : 13.899 ppm slow
Residual freq : +0.060 ppm
Skew : 4.572 ppm
Root delay : 0.022584749 seconds
Root dispersion : 0.003317841 seconds
Update interval : 128.1 seconds
Leap status : Normal
 
How does this look


ASUSWRT-Merlin RT-AX88U 386.1_beta5 Tue Jan 26 00:28:06 UTC 2021
Administrator@RT-AX88U-8C80:/tmp/home/root# /opt/etc/init.d/S77chronyd check
Checking chronyd... alive.
Administrator@RT-AX88U-8C80:/tmp/home/root# chronyc tracking
Reference ID : CEBD768F (mx.coreblock.io)
Stratum : 3
Ref time (UTC) : Tue Jan 26 11:01:49 2021
System time : 0.000012693 seconds slow of NTP time
Last offset : +0.000002285 seconds
RMS offset : 0.000007209 seconds
Frequency : 16.528 ppm slow
Residual freq : -0.000 ppm
Skew : 0.011 ppm
Root delay : 0.017929461 seconds
Root dispersion : 0.002737612 seconds
Update interval : 129.7 seconds
Leap status : Normal
Administrator@RT-AX88U-8C80:/tmp/home/root# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^+ linnaeus.inf.ed.ac.uk 2 8 77 236 -364us[ -353us] +/- 45ms
^+ swale.mc.man.ac.uk 2 8 377 41 -917us[ -917us] +/- 33ms
^* mx.coreblock.io 2 7 277 96 +528us[ +531us] +/- 17ms
^- 62.254.157.105 2 6 377 40 +261us[ +261us] +/- 72ms
Administrator@RT-AX88U-8C80:/tmp/home/root#
 
How does this look


ASUSWRT-Merlin RT-AX88U 386.1_beta5 Tue Jan 26 00:28:06 UTC 2021
Administrator@RT-AX88U-8C80:/tmp/home/root# /opt/etc/init.d/S77chronyd check
Checking chronyd... alive.
Administrator@RT-AX88U-8C80:/tmp/home/root# chronyc tracking
Reference ID : CEBD768F (mx.coreblock.io)
Stratum : 3
Ref time (UTC) : Tue Jan 26 11:01:49 2021
System time : 0.000012693 seconds slow of NTP time
Last offset : +0.000002285 seconds
RMS offset : 0.000007209 seconds
Frequency : 16.528 ppm slow
Residual freq : -0.000 ppm
Skew : 0.011 ppm
Root delay : 0.017929461 seconds
Root dispersion : 0.002737612 seconds
Update interval : 129.7 seconds
Leap status : Normal
Administrator@RT-AX88U-8C80:/tmp/home/root# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^+ linnaeus.inf.ed.ac.uk 2 8 77 236 -364us[ -353us] +/- 45ms
^+ swale.mc.man.ac.uk 2 8 377 41 -917us[ -917us] +/- 33ms
^* mx.coreblock.io 2 7 277 96 +528us[ +531us] +/- 17ms
^- 62.254.157.105 2 6 377 40 +261us[ +261us] +/- 72ms
Administrator@RT-AX88U-8C80:/tmp/home/root#
Looks very good, system time off in the uSecs!

Here is mine:
Reference ID : C0A801CD (RaspiServer)
Stratum : 2
Ref time (UTC) : Tue Jan 26 14:29:15 2021
System time : 0.000000570 seconds slow of NTP time
Last offset : +0.000001621 seconds
RMS offset : 0.000001881 seconds
Frequency : 1.243 ppm slow
Residual freq : +0.000 ppm
Skew : 0.035 ppm
Root delay : 0.001290430 seconds
Root dispersion : 0.000064853 seconds
Update interval : 16.2 seconds
Leap status : Normal

The Reference ID, RaspiServer, is a local Stratum 1 time server running chrony.
It's an Rpi 3 running Raspbian with a fairly low cost NEO-8M gps module.
 
After running all night it all looks good. My drift is very stable at around 15ppm. The large jump around 3pm is when I restarted the router.


Reference ID : A29FC87B (time.cloudflare.com)
Stratum : 4
Ref time (UTC) : Tue Jan 26 14:35:57 2021
System time : 0.000162643 seconds fast of NTP time
Last offset : +0.000003568 seconds
RMS offset : 0.000089506 seconds
Frequency : 14.939 ppm slow
Residual freq : +0.000 ppm
Skew : 0.014 ppm
Root delay : 0.025129212 seconds
Root dispersion : 0.002882282 seconds
Update interval : 1031.1 seconds
Screen Shot 2021-01-26 at 9.43.08 AM.png
Leap status : Normal
 
you can tighten up your ping interval in the .conf - the Poll number
Poll numbers are the exponent to which 2 is numerated in seconds 2^10 is 1024 sec, or ~17 minutes (I think 10 is default)
2^8 is 256 sec, ~4.5min. 2^6 is 64sec
more pings means more traffic, more data for bigger logs and better charting...but more frequent local adjustments and a more "time accurate" network
(I know I've been called out for being an ntp abuser and bad netizen, but I think CloudFlare/google/apple/microsoft can handle it...they might even welcome it)
the trick is finding the balance, the "enough" point so the providers aren't feeling spammed by you - one ping every minute or so from Your network server rather than every device on it shouldn't be pushing the limit too hard

 
Last edited:
A little curious on the results/differences I'm geting using chrony and time.cloudflare.com with and without NTS?

admin@RT-AX88U:/tmp/home/root# chronyc -N sources
With NTS:
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns


Without NTS:
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^- time.cloudflare.com 3 6 377 35 +12ms[ +12ms] +/- 32ms
^+ time.cloudflare.com 3 6 377 37 -2048us[-2048us] +/- 17ms
^+ time.cloudflare.com 3 6 377 35 -1994us[-1994us] +/- 17ms
^- time.cloudflare.com 3 6 377 34 +13ms[ +13ms] +/- 32ms


admin@RT-AX88U:/tmp/home/root# chronyc -N authdata
With NTS
Name/IP address Mode KeyID Type KLen Last Atmp NAK Cook CLen
=========================================================================
time.cloudflare.com NTS 0 0 0 - 0 0 0 0
time.cloudflare.com NTS 0 0 0 - 0 0 0 0
time.cloudflare.com NTS 0 0 0 - 0 0 0 0
time.cloudflare.com NTS 0 0 0 - 0 0 0 0


Without NTS
Name/IP address Mode KeyID Type KLen Last Atmp NAK Cook CLen
=========================================================================
time.cloudflare.com - 0 0 0 - 0 0 0 0
time.cloudflare.com - 0 0 0 - 0 0 0 0
time.cloudflare.com - 0 0 0 - 0 0 0 0
time.cloudflare.com - 0 0 0 - 0 0 0 0


Do I need to open port 4460 for NTS for it key exchange?
 
AFAIK chrony from entware doesn't support NTS
Code:
chronyd
needs to show +NTS for support to be included, I believe. If it shows -NTS, then no NTS
 
AFAIK chrony from entware doesn't support NTS
Code:
chronyd
needs to show +NTS for support to be included, I believe. If it shows -NTS, then no NTS
This better?

admin@RT-AX88U:/# chronyd -Q -u admin -t 3 'server time.cloudflare.com iburst nts maxsamples 1'
2021-01-26T23:12:33Z chronyd version 4.0 starting (+CMDMON +NTP +REFCLOCK -RTC +PRIVDROP -SCFILTER -SIGND +ASYNCDNS -NTS -SECHASH +IPV6 -DEBUG)
2021-01-26T23:12:33Z Disabled control of system clock
2021-01-26T23:12:33Z Missing NTS support
2021-01-26T23:12:36Z chronyd exiting

Something I need to do at the FW to allow the key exchange?
 
This better?

admin@RT-AX88U:/# chronyd -Q -u admin -t 3 'server time.cloudflare.com iburst nts maxsamples 1'
2021-01-26T23:12:33Z chronyd version 4.0 starting (+CMDMON +NTP +REFCLOCK -RTC +PRIVDROP -SCFILTER -SIGND +ASYNCDNS -NTS -SECHASH +IPV6 -DEBUG)
2021-01-26T23:12:33Z Disabled control of system clock
2021-01-26T23:12:33Z Missing NTS support
2021-01-26T23:12:36Z chronyd exiting

Something I need to do at the FW to allow the key exchange?
Your version of chrony hasn't been built with NTS support available. It needs a package update by the Entware team
 
Stats are much better since moving over to Cloudflare time servers. My ping to them is between 12-16ms.
Screen Shot 2021-01-29 at 10.18.22 AM.png
 
That's good. I thought it would help to get some closer servers. Everything we can do to fine tune our network helps.
Does anybody know if quad 9 has time servers? That's my next quest, to find and engage my allies, since they are my dns servers, if possible
 
Last edited:
That's good. I thought it would help to get some closer servers. Everything we can do to fine tune our network helps.
Does anybody know if quad 9 has time servers? That's my next quest, to find and engage my allies, since they are my dns servers, if possible
Yes, let us know if you find out about quad9 time servers. Thanks!
 
That's good. I thought it would help to get some closer servers. Everything we can do to fine tune our network helps.
Does anybody know if quad 9 has time servers? That's my next quest, to find and engage my allies, since they are my dns servers, if possible
I agree about the fine tuning.
(you're not your own DNS?) :eek:
 
I agree about the fine tuning.
(you're not your own DNS?) :eek:
no, im not running unbound jf thats what you mean. yet. i wish i understood it better. i would like to try it.
 
no, im not running unbound jf thats what you mean. yet. i wish i understood it better. i would like to try it.
Installing unbound from the command line is no different than ntpMerlin - you can do this! and the current v3.22 is probably the best one yet, in my experience on the same router as you.

if you're concerned about your ISP tracking/logging your DNS traffic, this is one way to minimize that - it only happens when unbound has to go to the Auth servers. Combined with SkyNet and diversion (blocking malicious stuff from coming in), it's a significant privacy enhancement because the amount of personal data leaking from your network slows to a virtual trickle.

Basically, your router becomes a caching DNS - if you point your devices to it, you bypass google/cloudflare/quad9 (big data).
It's fast...very fast: once you have built a "phonebook" of IP addresses to route to, a browser only has to look as far as your router for the IP. When a device goes looking for an IP address nobody on the network has visited yet In that case, it references the SAME authoritative DNS servers that big data does, without passing through their data mining mechanisms.
unbound.jpg
that's my chart right now (with 2-3 days of uptime, since upgrading to Merlin v386 ), and you'll see that the biggest spike on the chart is the 0-1 usec (under one millionth of a second - that's about 1/3rd of the drift of my ntpMerlin). the next highest one is 32-65 msec, but there are more results below that than above it (time-wise)...so DNS RTT times (on my network; yours will likely be similar or possibly better) are <65ms in most cases...and lower the more you use it.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top