Domain Time II Client for Linux (DTLinux) Version 5.2
Domain Time II Client for Linux (DTLinux) is an easily-configured multi-protocol (PTP, NTP, and DT2) daemon that obtains time from various
time sources (such as GPS/GNSS clocks, PTP Masters, Internet time servers, etc.) and matches the system clock to them
with extreme accuracy and precision. Keeps full transaction logging and drift records that are easily
audited by Domain Time II Audit Server
or exported to other monitoring utilities.
As powerful as DTLinux is on its own, you can take full advantage of its capabilities by connecting to it from
Domain Time II Manager which provides remote configuration,
graphical drift displays, the ability to push out configuration templates to multiple DTLinux machines, and more.
See the Managing DTLinux Remotely page for details.
Configuring and Controlling DTLinux
Once installed, the DTLinux daemon will start automatically as a system service when the machine boots.
You may use systemctl to control the service, i.e.
systemctl start dtlinux.service
| Start the service |
systemctl stop dtlinux.service
| Stop the service |
systemctl restart dtlinux.service
| Stop and restart the service |
systemctl reload dtlinux.service
| Reload the service configuration |
systemctl status dtlinux.service
| Show the service status |
The dtlinux.conf file
All settings used by DTLinux are read from the dtlinux.conf
configuration file located in the /etc/opt/domtime/ folder. The Configuration page
discusses the contents of this file in more detail.
You may edit the dtlinux.conf file directly on the machine itself, or you may use Domain Time II Manager (as of v5.2.b.20201116) to connect to the
machine and configure it remotely. See the Managing DTLinux Remotely page for details.
Notes:
- If you manually make changes to the /etc/opt/domtime/dtlinux.conf file on the machine, you must tell dtlinux to reload the settings. You can do this using
systemctl reload dtlinux.service or by sending a HUP signal, i.e.
kill -SIGHUP <pid>
If you configure DTLinux remotely using Manager, there is no need to reload or HUP the service after making changes.
If you want to duplicate the settings from one DTLinux machine to another, you have two options:
- Manually copy the dtlinux.conf and dtlinux.keys files.
- Copy the /etc/opt/domtime/dtlinux.conf file from machine A to replace machine B's /etc/opt/domtime/dtlinux.conf file.
- Copy the /etc/opt/domtime/dtlinux.keys file from machine A to replace machine B's /etc/opt/domtime/dtlinux.keys file.
- Use
systemctl reload dtlinux.service or send a HUP signal on machine B to load the new configuration.
Important: If you have specified a network adapter name in machine A's dtlinux.conf file (network:adapterName in the
Network Settings section of dtlinux.conf), you must either manually set this value on machine B to match
the correct adapter name or leave the setting blank to let DTLinux auto-discover an interface.
Use dtcheck -adapters on machine B to see the available interfaces.
- Use Manager to create a template and apply it one or more other machines (see the Templates section of
Managing DTLinx Remotely for details):
- Connect to machine A and use Templates -> Create New Template from the Control Panel menu to create and save a new
template containing the settings you want to duplicate. We recommend you edit the template to be sure the
network:adapterName (see Network Settings section of dtlinux.conf) is
blank to let DTLinux auto-discover an interface when the template is applied to a new system.
- Use Manager's Reset Configuration command to push out the settings to one or more other dtlinux machines.
- Ensure the keyring on the Manager machine matches the keyring in use on DTLinux This is configured in Domain Time II Server on the Manager machine (see Symmetric Keys).
Then, use Manager's Reset Keyring command to push out the keyring to one or more other dtlinux machines.
The dtlinux program
Although the dtlinux executable runs primarily as background system service, there are several commands you
may issue from the command-line (You may execute it from any location; the program is mapped to your path):
man dtlinux at the command-line.
The dtcheck utility
dtcheck is a handy multi-function utility that can act on the local machine and also remotely against other Domain Time components on the network.
It can do useful things like trigger a synchronization, display synchronization statistics, show available network adapters, display active PTP Masters on the network, convert drift logs to either
text or CSV-formatted files, backup/restore the configuration, and more. Enter this command to see the full list of options and syntax:
dtcheck -help
You may also view the man page for dtcheck by entering man dtcheck at the command-line.
Best Practices
Here are some suggestions for getting the best performance and security out of DTLinux:
- Make a backup copy of your dtlinux.config file before making changes so that you can revert if necessary. You may
also select the File -> Create Backup of Configuration File option from the Control Panel menu when connected remotely from
Manager. You may also use the dtcheck -backup command from the command line.
- Make minimal changes to the configuration settings. The defaults are optimized for most applications, particularly the PTP settings.
Only change settings that you completely understand.
- Configure dtlinux to use at least one DT2 or NTP timesource (three is even better), even if you will be synchronizing using PTP.
PTP takes a significant amount of time to correct large time variances, particularly those that occur just after boot.
Having active non-PTP timesources will bring the system into rough synchronization quickly at startup so that PTP can
synchronize at high accuracy sooner. It also provides a robust fallback in case PTP sync is lost at some point.
See the NTP and DT2 Time Sources section of the dtlinux.conf file.
- Use a hardware-timestamping capable NIC if possible. DTLinux will automatically take advantage of the additional accuracy
available using this feature. If hardware-timestamping isn't available, less-accurate software-timestamping will be used.
- If using PTP, set the loop:checkInterval to 60 seconds. This provides sufficient time to collect enough PTP samples
for statistical analysis and filtering. Values smaller than 60 may result in not having enough valid samples to synchronize.
See the Loop Variables section of the dtlinux.conf file.
- Consider restricting remote configuration of DTLinux to individual machines or specific network subnets. By default, DTLinux
will accept connections from Domain Time II Manager located on RFC 1918 private networks. You can restrict this (or deny it
entirely) using the Domain Time II Security section of the dtlinux.conf file.
- The simplest way to obtain synchronization performance information from DTLinux is by using Domain Time Audit Server.
This allows you to collect synchronization information to a central repository, raise alerts, and easily meet regulatory requirements. However,
you can output synchronization records directly from DTLinux using NTP-style loopstats and peerstats, or PTP data may be kept in a CSV file.
These options are enabled in the Loop Variables section of the dtlinux.conf file and the output files are kept in the folders specified in the
Logs and Folders section of dtlinux.conf.
You may also use the dtcheck program to convert Domain Time binary synchronization files (*.dt) to either text or CSV files.
Issue the dtcheck -help command at the console for the correct syntax.
Proceed to the Installation Instructions page
|