From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 21 18:43:40 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E6203106564A
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Apr 2009 18:43:40 +0000 (UTC) (envelope-from cswiger@mac.com)
Received: from asmtpout019.mac.com (asmtpout019.mac.com [17.148.16.94])
	by mx1.freebsd.org (Postfix) with ESMTP id CEC508FC12
	for <freebsd-questions@freebsd.org>;
	Tue, 21 Apr 2009 18:43:40 +0000 (UTC) (envelope-from cswiger@mac.com)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Received: from cswiger1.apple.com ([17.227.140.124])
	by asmtp019.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01
	(built Dec
	16 2008; 32bit)) with ESMTPSA id <0KIG00FGNS0S8J70@asmtp019.mac.com> for
	freebsd-questions@freebsd.org; Tue, 21 Apr 2009 11:43:40 -0700 (PDT)
Message-id: <BCF242F6-FF5E-4A5D-BA4B-E1A8F7F0A41B@mac.com>
From: Chuck Swiger <cswiger@mac.com>
To: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net>
In-reply-to: <200904212033.51524.mel.flynn+fbsd.questions@mailing.thruhere.net>
Date: Tue, 21 Apr 2009 11:43:39 -0700
References: <200904211106.01965.mel.flynn+fbsd.questions@mailing.thruhere.net>
	<200904212023.14365.mel.flynn+fbsd.questions@mailing.thruhere.net>
	<344D9702-C894-4E54-B256-43FAB17903F1@mac.com>
	<200904212033.51524.mel.flynn+fbsd.questions@mailing.thruhere.net>
X-Mailer: Apple Mail (2.930.3)
Cc: freebsd-questions@freebsd.org
Subject: Re: Preventing ntpd from adjusting time (backwards)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2009 18:43:41 -0000

On Apr 21, 2009, at 11:33 AM, Mel Flynn wrote:
> On Tuesday 21 April 2009 20:29:18 Chuck Swiger wrote:
>> On Apr 21, 2009, at 11:23 AM, Mel Flynn wrote:
>>> Now I'm also wondering how ntpd handles securelevel 2.
>>
>> "man init" suggests that stepping the clock by more than a second is
>> disallowed:
>
> yes, so does it bail or retry till skew wins over the failed steps?

The attempt to step the clock will fail.  ntpd should continue to run,  
but the rate of skewing is typically limited to 1 second of correction  
over a time interval of 2000 seconds.  If your clock routinely drifts  
by more than 1 second every hour or so, ntpd is unlikely to be able to  
correct the time at all under securelevel 2.

If your clock drift is less, ntpd should eventually manage to sync  
time, but for extreme cases, running ntpdate periodically to forcibly  
reset the clock might be needed (and to run ntpdate after boot, you'd  
need to back down to securelevel 1).

Regards,
-- 
-Chuck