| NTPQ(8) | System Manager's Manual (user) | NTPQ(8) | 
ntpq —
| ntpq | [ -flags] [-flag[value]] [--option-name[[=|
      ]value]] [ host ...] | 
ntpq utility program is used to query NTP servers to
  monitor NTP operations and performance, requesting information about current
  state and/or changes in that state. The program may be run either in
  interactive mode or controlled using command line arguments. Requests to read
  and write arbitrary variables can be assembled, with raw and pretty-printed
  output options being available. The ntpq utility can
  also obtain and print a list of peers in a common format by sending multiple
  queries to the server.
If one or more request options is included on the command line
    when ntpq is executed, each of the requests will be
    sent to the NTP servers running on each of the hosts given as command line
    arguments, or on localhost by default. If no request options are given,
    ntpq will attempt to read commands from the standard
    input and execute these on the NTP server running on the first host given on
    the command line, again defaulting to localhost when no other host is
    specified. The ntpq utility will prompt for commands
    if the standard input is a terminal device.
ntpq uses NTP mode 6 packets to
    communicate with the NTP server, and hence can be used to query any
    compatible server on the network which permits it. Note that since NTP is a
    UDP protocol this communication will be somewhat unreliable, especially over
    large distances in terms of network topology. The
    ntpq utility makes one attempt to retransmit
    requests, and will time requests out if the remote host is not heard from
    within a suitable timeout time.
Note that in contexts where a host name is expected, a
    -4 qualifier preceding the host name forces
    resolution to the IPv4 namespace, while a -6
    qualifier forces resolution to the IPv6 namespace. For examples and usage,
    see the “NTP Debugging Techniques” page.
Specifying a command line option other than
    -i or -n will cause the
    specified query (queries) to be sent to the indicated host(s) immediately.
    Otherwise, ntpq will attempt to read interactive
    format commands from the standard input.
A number of interactive format commands are executed entirely
    within the ntpq utility itself and do not result in
    NTP requests being sent to a server. These are described following.
help
    [command]?’ by itself will print a list of
      all the commands known to ntpq. A
      ‘?’ followed by a command name will
      print function and usage information about the command.addvars
    name[=value][,...]rmvars
    name[,...]clearvarsshowvarsntpq utility maintains an internal list in which
      data to be included in messages can be assembled, and displayed or set
      using the readlist and
      writelist commands described below. The
      addvars command allows variables and their
      optional values to be added to the list. If more than one variable is to
      be added, the list should be comma-separated and not contain white space.
      The rmvars command can be used to remove
      individual variables from the list, while the
      clearvars command removes all variables from the
      list. The showvars command displays the current
      list of optional variables.authenticate
    [yes|no]ntpq does not authenticate requests
      unless they are write requests. The command
      authenticate yes causes
      ntpq to send authentication with all requests it
      makes. Authenticated requests causes some servers to handle requests
      slightly differently. The command authenticate
      causes ntpq to display whether or not it is
      currently authenticating requests.cookedntpq will have
      their values reformatted for human consumption. Variables which
      ntpq could not decode completely are marked with a
      trailing ‘?’.debug
    [more|less|off]delay
    [milliseconds]drefid
    [hash|ipv4]exitntpq.host
    [name]hostnames
    [yes|no]yes is specified, host names are printed in
      information displays. If no is specified, numeric
      addresses are printed instead. The default is yes,
      unless modified using the command line -n switch.
      Without any arguments, displays whether host names or numeric addresses
      are shown.keyid
    [keyid]controlkey key number the server has been
      configured to use for this purpose. Without any arguments, displays the
      current keyid.keytype
    [digest]MD5. If ntpq was
      built with OpenSSL support, and OpenSSL is installed,
      digest can be any message digest algorithm supported
      by OpenSSL. If no argument is given, the current
      keytype digest algorithm
      used is displayed.ntpversion
    [1|2|3|4]ntpq claims in
      packets. Defaults to 3, and note that mode 6 control messages (and modes,
      for that matter) didn't exist in NTP version 1. There appear to be no
      servers left which demand version 1. With no argument, displays the
      current NTP version that will be used when communicating with
    servers.passwdpoll
    [n] [verbose]quitntpq.rawtimeout
    [milliseconds]ntpq retries each
      query once after a timeout, the total waiting time for a timeout will be
      twice the timeout value set.versionntpq program.peers
  command, which sends a series of messages, and the
  mreadlist and mreadvar
  commands, which iterate over a range of associations.
apeers[tally]remote refid assid st t
      when pool reach delay offset jitterpeers command
      except that the refid is displayed in hex format
      and the association number is also displayed.associationsind assid status conf reach auth
      condition last_event cnt| Variable | Description | 
| ind | index on this list | 
| assid | association id | 
| status | peer status word | 
| conf | yes:
          persistent,no:
          ephemeral | 
| reach | yes:
          reachable,no:
          unreachable | 
| auth | ok,yes,badandnone | 
| condition | selection status (see the selectfield of the peer status word) | 
| last_event | event report (see the eventfield of the peer status word) | 
| cnt | event count (see the countfield of the peer status word) | 
authinfoclocklist
    [associd]cl
    [associd]clockvar
    [associd]
    [name[=value]][,...]cv
    [associd]
    [name[=value]][,...]:config
    configuration command lineconfig-from-file
    filenameifstatsiostatskerninfolassociationslopeers
    [-4|-6]dstadr (associated with the given IP
    version).lpassociationslpeers
    [-4|-6]monstatsmreadlist
    associdlo associdhimrl
    associdlo associdhireadlist command
      for a range of association ids.mreadvar
    associdlo associdhi
    [name][,...]mrv
    associdlo associdhi
    [name][,...]readvar command
      for a range of association ids. This range may be determined from the list
      displayed by any command showing associations.mrulist
    [limited | kod |
    mincount=count |
    laddr=localaddr |
    sort=[-]sortorder |
    resany=hexmask |
    resall=hexmask]sort=[-]sortorder, the
      options filter the list returned by
      ntpd(8). The
      limited and kod options
      return only entries representing client addresses from which the last
      packet received triggered either discarding or a KoD response. The
      mincount=count option
      filters entries representing less than count
      packets. The laddr=localaddr
      option filters entries for packets received on any local address other
      than localaddr.
      resany=hexmask and
      resall=hexmask filter
      entries containing none or less than all, respectively, of the bits in
      hexmask, which must begin with
      0x. The sortorder defaults
      to lstint and may be addr,
      avgint, count,
      lstint, or any of those preceded by
      ‘-’ to reverse the sort order. The
      output columns are:
    lstintntpq.avgintrstrrestrict command,
          however 0x400 (kod) and 0x20 (limited) flags are cleared unless the
          last packet from this address triggered a rate control response.rL or
          K for no rate control response, rate limiting
          by discarding, or rate limiting with a KoD response,
        respectively.mvcountrportremote
        addressopeers
    [-4 | -6]dstadr (associated with the given IP version),
      rather than the refid.passociationsassociations
      command, except that it uses previously stored data rather than making a
      new query.peers[tally]remote refid st t when
      pool reach delay offset jitter[tally]select field of the
          peer status wordremotentpq
          -w option is given, in which case the full
          value will be displayed on the first line, and if too long, the
          remaining data will be displayed on the next line.refidsttu:
          unicast or manycast client, b: broadcast or
          multicast client, p: pool source,
          l: local (reference clock),
          s: symmetric (peer),
          A: manycast server, B:
          broadcast server, M: multicast serverwhen-’ if a packet has
          never been receivedpollreachdelayoffsetjitterpstats
    associdreadlist
    [associd]rl
    [associd]readvar
    [associd
    name[=value] [, ...]]rv
    [associd
    name[=value] [, ...]]reslistntpq. Authentication is required.saveconfig
    filename:config or
      config-from-file, to the NTP server host file
      filename. This command will be rejected by the
      server unless
      saveconfigdir appears
      in the ntpd(8) configuration
      file. filename can use
      date(1) format specifiers to
      substitute the current date and time, for example,
    saveconfig
      ntp-%Y%m%d-%H%M%S.conf.savedconfig. Authentication is required.sysinfosysstatstimerstatswritelist
    associdwritevar
    associd
    name=value [, ...]readlist and associations
  commands both in hexadecimal and in decoded short tip strings. The codes, tips
  and short explanations are documented on the
  Event Messages and Status Words page. The
  page also includes a list of system and peer messages, the code for the latest
  of which is included in the status word.
Information resulting from protocol machine state transitions is displayed using an informal set of ASCII strings called kiss codes. The original purpose was for kiss-o'-death (KoD) packets sent by the server to advise the client of an unusual condition. They are now displayed, when appropriate, in the reference identifier field in various billboards.
readlist
  billboard. Not all variables are displayed in some configurations.
statusversionprocessorsystemleapstratumprecisionrootdelayrootdisprefidreftimeclockpeertcmintcoffsetfrequencysys_jitterclk_wanderclk_jittertaileapsecexpireWhen the NTPv4 daemon is compiled with the OpenSSL software library, additional system variables are displayed, including some or all of the following, depending on the particular Autokey dance:
hostidentflagsdigestsignatureupdatecertuntilreadlist
  billboard for each association. Not all variables are displayed in some
  configurations.
associdstatussrcadrsrcportdstadrdstportleapstratumprecisionrootdelayrootdisprefidreftimerecreachunreachhmodepmodehpollppollheadwayflashkeyidoffsetdelaydispersionjitterbiasxleavebias variable is calculated when the first broadcast
  packet is received after the calibration volley. It represents the offset of
  the broadcast subgraph relative to the unicast subgraph. The
  xleave variable appears only for the interleaved
  symmetric and interleaved modes. It represents the internal queuing, buffering
  and transmission delays for the preceding packet.
When the NTPv4 daemon is compiled with the OpenSSL software library, additional peer variables are displayed, including the following:
flagshostflagssignatureinitsequenceinitkeytimestampidentclocklist
  billboard for each association with a reference clock. Not all variables are
  displayed in some configurations.
associdstatusdevicetimecodepollnoreplybadformatbaddatafudgetime1fudgetime2stratumrefidflags-4,
    --ipv4Force resolution of following host names on the command line to the IPv4 namespace.
-6,
    --ipv6Force resolution of following host names on the command line to the IPv6 namespace.
-c
    cmd,
    --command=cmdThe following argument is interpreted as an interactive format command and is added to the list of commands to be executed on the specified host(s).
-d,
    --debug-level-D
    number,
    --set-debug-level=number-i,
    --interactiveForce ntpq to operate in interactive mode. Prompts will be written to the standard output and commands read from the standard input.
-n,
    --numericOutput all host addresses in dotted-quad numeric format rather than converting to the canonical host names.
--old-rvBy default, ntpq now suppresses the associd=... line that precedes the output of readvar (alias rv) when a single variable is requested, such as ntpq -c "rv 0 offset". This option causes ntpq to include both lines of output for a single-variable readvar. Using an environment variable to preset this option in a script will enable both older and newer ntpq to behave identically in this regard.
-p,
    --peersPrint a list of the peers known to the server as well as a summary of their state. This is equivalent to the 'peers' interactive command.
-r
    keyword,
    --refid=keyword
hash ipv4
    
    or their numeric equivalent.
    The default keyword for this option is:
      
       ipv4
Set the default display format for S2+ refids.
-w,
    --wideDisplay the full value of the 'remote' value. If this requires more than 15 characters, display the full value, emit a newline, and continue the data display properly indented on the next line.
-?,
    --help-!,
    --more-help->
    [cfgfile], --save-opts
    [=cfgfile]-<
    cfgfile,
    --load-opts=cfgfile,
    --no-load-opts--version
    [{v|c|n}]NTPQ_<option-name> or NTPQThe environmental presets take precedence (are processed later than) the configuration files. The homerc files are "$HOME", and ".". If any of these are directories, then the file .ntprc is searched for within those directories.
| June 23 2020 | NetBSD 10.0 |