Greyware Automation Products, Inc.
Greyware Automation Products, Inc.   
     Home    Products    Store    Downloads    Customer Service    Site Search    
Log in  or   Create an account now -- FREE!        
Domain Time II > v5 > Installation > Changelogs - v5.x

Pricing   Buy Now

Download
30-Day Trial Version
Domain Time II
Version 5.x
Sample  Changelogs
 
Version 5.2 Changelog
Click the link to jump to the change details for that build

BuildRelease Type
5.2.b.20190331Current Version - Optional Upgrade
5.2.b.20190101Optional Upgrade
5.2.b.20181111Optional Upgrade
5.2.b.20180805Optional Upgrade
5.2.b.20180801Optional Upgrade
5.2.b.20180606Recommended Upgrade
5.2.b.20180303Recommended Upgrade
5.2.b.20180101Optional Upgrade
5.2.b.20171113Optional Upgrade
5.2.b.20170922Optional Upgrade
5.2.b.20170522Optional Upgrade
5.2.b.20170331Optional Upgrade
5.2.b.20170101Recommended Upgrade
Older 5.2 Releases2010-2016 Releases

Version 5.2 Changelog


5.2.b.20190331 Current Release - Optional Upgrade

Added preliminary support for PTP v2.1 Authentication TLVs. Several other minor enhancements mostly at customer request. One important fix for the SDK DLLs. Upgrade if you want the new functionality.

The PTP v2.1 specification is still in committee, and support for any v2.1 capabilities may need to be updated in future editions of Domain Time. Please see the Domain Time PTP v2.1. Authentication knowledgebase article for a detailed discussion of how Domain Time implements the v2.1 specification.

  • Audit Server/Manager
    • Customer request: Added pop-up explanation when starting Manager if another instance of Manager is already running in another session. Only one instance of Manager is allowed at a time.
    • Customer request: Allowed port number in SNMP target string. Examples: snmp.conteso.com:1214 or [2002:410:1:1:2a0:69ff:fe01:b0f4]:2444. If the port number is not specified, the default SNMP trap port of 162 will be used.
    • Customer request: Added "Omit non-responding machines from reports and alerts" checkbox to the Configure Alerts dialog. This checkbox prevents offline machines from generating a warning in Audit Results, Daily Reports, and log files, and is only enabled when the "An audited machine fails to respond for ___ or more audits" checkbox is unticked.
    • Changed PTP Monitor's initial multicast sweep to request CurrentDS as well as PortDS. This helps ensure, when using hybrid mode, that slave nodes incapable of unicast will show their current offsets (see next item).
    • Added Multicast-Only mode for PTP Monitor sweep type. Previous versions let you toggle between Hybrid and Unicast-Only. Hybrid mode is the default (initial messages sent by multicast, follow-up messages sent by unicast). However, this functionality is controlled by PTP Monitor's general settings, where you may choose to send follow-ups either by multicast or unicast. Hybrid mode has therefore been renamed Normal Mode. Unicast-Only mode is for Telecom nodes, and is unchanged from previous versions; all messages are sent by unicast. Multicast-Only is new. It will be grayed-out if your general settings are to use multicast for all messages. If your general settings are set to hybrid mode, then the Multicast-Only will be enabled, and, if selected, will cause PTP Monitor to use multicast for all messages to the selected node. This is useful if most of your nodes will respond to unicast, but a few of them will only respond to multicast. You may change just those nodes to use multicast while still using hybrid mode for all other nodes.
    • Added Delay Type to the right-click context menu for a PTP master. This lets you explicitly set either Peer-to-Peer or End-to-End for each master. If a master responds to management queries, the delay type will automatically be correct. For masters that don't respond to management queries, or who advertise an unexpected value, this lets you change types. Note that masters that DO respond to management queries will always set the delay type back to whatever the master claims to be correct.
    • Fixed problem with Manager not saving the Domain List for Update Server if you never click OK on the Domain List dialog.
    • Added column to PTP Monitor's display showing PTP v2.1 Authentication (if any) attached to incoming announces.
    • Added PTPCheck to right-click menu on the PTP Monitor page. This invokes PTPCheck using the IP and domain for the selected item. Useful for testing whether or not a node responds to PTP management messages.
    • Fix for case where LDAP credentials may fail to save/load properly if special characters are part of the username or password.
    • Fix for Audit Server not recognizing change in DST until after the next-scheduled audit runs.
    • Grayed-out audit group drop-down on the Add Node dialog when Audit Server isn't installed.
    • Removed base64-encoded password from SMTP logs (it will show {password} instead). Although the SMTP log folder is protected with NTFS permissions by default, an admin could inadvertently make the folder readable by ordinary users.

  • DTMonitor
    • Several internal efficiency enhancements.

  • DTReader (Audit Results Viewer)
    • Added Audit Group column to the main display.

  • DTCheck
    • Changed -leapfile to allow HTTPS or HTTP. The default leapfile source is now https://www.ietf.org/timezones/data/leap-seconds.list and is no longer retrievable by HTTP.
    • Expanded the -ptpMasters output to show PTP v2.1 authentication (if present).
    • Added -keyset parmameter to -ptplist command. The output shows which KeyIds (not the keys themselves) in use by each responding Domain Time node.
    • Changed -monitorSTA output to only show changes in the system time adjustment, and to summarize observed changes/second when monitoring finishes.

  • DTAlert
    • Customer request: Added hh:mm:ss.mss format for time display of the on-screen clock.

  • DTServer/DTClient
    • Customer request: Allowed port number in SNMP target string. Examples: snmp.conteso.com:1214 or [2002:410:1:1:2a0:69ff:fe01:b0f4]:2444. If the port number is not specified, the default SNMP trap port of 162 will be used.
    • Added support for SHA256 keys and a Security Parameter Pointer (SPP). These keys and the SPP are only used with PTP v2.1 Authentication TLVs. In order for Authentication TLVs to work correctly, you must set the SPP either to zero (wildcard) or to match the grandmaster's, and also import the SHA256 keys corresponding to each message type.
    • Added support for rejecting unsigned (or incorrectly signed) messages when using a PTP v2.1 grandmaster that supports Authentication TLVs. Outgoing Authentication TLVs may optionally be attached to E2E Delay Requests or P2P Delay Requests.
    • Added new debug category "PTP v2.1 Authentication TLV details" which is useful for diagnosing problems with Authentication TLVs.
    • Fixed bug that could, in rare circumstances, cause PTP to use unicast for delay measurement transport when multicast was explicitly selected.
    • Changed default for running the multimedia timer at maximum resolution to false for operating systems Win8/2012 and newer. This change only affects new installations. You may regain the former behavior by setting "Critical Timing Period Adjust" to True in the registry.
    • Deprecated "Critical Timing Uses Kernel Interpolator" registry setting. The kernel interpolator is always used if present.

  • DTServer
    • Added support for appending Authentication TLVs to outgoing Announces, Syncs, E2E Delay Responses, and P2P Delay Responses.
    • Added support for being a two-step PTP master.
    • Added over-the-wire encryption for secrets exchange between Master and Slave during settings replication.

  • Control Panel applet
    • Added support for creating/editing SHA256 keys, and for choosing which SHA256 keys to use with PTP v2.1 authentication.
    • Fixed inconsistency that could inadvertantly change check intervals when switching the focus of the Control Panel applet from machine to machine.
    • Removed "Continously Variable PTP" checkbox from Advanced timings. Beginning with this version, PTP phase adjustments are always continuously variable.

  • PTPCheck
    • Added compatibility for PTP v2.1 nodes that don't reply to v2.0 queries.
    • Added PTP version and PTP authentication information. Because PTPCheck does not have access to the secure keyring on the machine, it cannot authenticate the messages, but it can show the SPP and KeyId used to sign a v2.1 message.
    • Added 0xDEED "KeysetProperties" to list of management messages. Only Domain Time nodes will respond to this query. The output shows the KeyIds (not the keys themselves) in use by each responding Domain Time node.

  • SDK
    • Fix for GetDomainTimeAsFileTimeMonotonic() when running with kernel interpolation enabled (the default for Win8/2012 or newer). If you are using this function, you should replace your existing DLLs with the ones from this version.

  • Miscellaneous
    • Updated textual copyright notices to say 1995-2019.
    • Updated group policy template domtime.adm to include settings for PTP v2.1 authentication processing.


5.2.b.20190101 - Optional Upgrade

Several minor enhancements, mostly customer requests. Upgrade if you want the new features.

  • DTDrift
    • Customer request: If run under non-admin credentials, no longer prompts for elevation when viewing the Raw Data text file.

  • DTReader
    • Customer request: If run under non-admin credentials, no longer prompts for elevation when viewing the Raw Data text file.

  • NTPCheck
    • Added "NDIS transit delay" to -raw output. This line will be present only if software timestamps are enabled for the interface used to process the NTPCheck command. If present, the line indicates the number of hectonanoseconds (10ths of a microsecond) the reply took to transit the NDIS layer of the network stack.

  • DTServer
    • Changed clock-change monitor behavior if (a) server is configured to serve the time without verifying its own clock first, and (b) clock-change monitor is also enabled. The prior behavior was to ignore the clock-change monitor checkbox on the CPL, and not start the monitor if no sources were configured (since the monitor won't be able to fix any changes made by other processes). The new behavior is to start the monitor anyway, to produce behavior that correlates with the CPL settings. If admins don't want errors or warnings in this situation, they can uncheck the clock-change monitor box on the CPL.

  • DTServer/DTClient
    • Added checkbox "Enable Trend Filter (recommended)" to PTP configuration dialog. The default value is checked. If unchecked, Domain Time will not include trend data in the clock steering mechanism. Uncheck this box only if your machine is extremely stable (i.e., normally has an average delta of only a few microseconds).

  • DTAlert
    • Customer request: Added right-click "Synchronize this node" to Alert Viewer's list of nodes if the mouse is over a node. Right-clicking on an empty area of the list still brings up the standard configuration menu.
    • Changed the Always-on-Top behavior to avoid switching focus to the clock display when the list of nodes is showing.

  • Misc
    • Updated copyright notices to reflect 2019.
    • Updated patent pending numbers to reflect new filing.
    • Deprecated the never-used GetDriftRecord DT2 command.
    • Eliminated unnecessary QueryPerformaceCounter() calls in some DT2 calculations.
    • Changed Driver Timestamps output in DTServer/DTClient text log to use the adapter's "friendly" name instead of its generic name. The friendly name will appear in quotation marks, followed by adapter name as shown in the device list.
    • Switched log file output routines to use RAII for critical sections.


5.2.b.20181111 - Optional Upgrade

Preliminary support for software timestamping (at the NDIS layer) on Windows 10 and Windows Server 2019 (see section below). Significantly enhanced PTP self-tuning on Domain Time Server and Domain Time Client. Several other small changes and fixes. Upgrade if you want the new features.

  • Software Timestamps (beta support only)
    • Enabled preliminary support for software timestamps on Windows 10 and Windows Server 2019. Software timestamps account for latencies within the NDIS portion of the network stack. Software timestamps must be enabled per adapter before Domain Time can take advantage of them. You may use dtcheck -interfaces or dtcheck -adapters to see which adapters have software timestamps enabled.

      Software timestamping at the NDIS level is not yet fully supported or documented by Microsoft, so support for this feature may change as the API changes. See SoftwareTimestamping for a Powershell script to enable/disable/query software timestamping. It remains unclear whether software timestamping will be included in the forthcoming update for Server 2016. Since this feature is not yet fully documented by Microsoft, Domain Time will not enable or disable software timestamping for you.

  • Audit Server/Manager
    • Preliminary support for software timestamps on Windows 10/Server 2019.
    • Changed delta calculations for Domain Time nodes that respond, but have not set their clocks (no sources defined, all failed, test mode enabled, etc.) to use the calculated delta. The former behavior used either zero or the last-known delta, forcing admins to also check the time-since-last-set value to know whether or not the delta was fresh.
    • Fix for Manager not displaying newly-added NTP Nodes if Audit Server is not installed.

  • DTServer/DTClient
    • Preliminary support for software timestamps on Windows 10/Server 2019.
    • Self-tuning enhancements for PTP continuously-variable clock steering.
    • Changed to ignore domain cascade triggers if PTP slave.
    • Changed handling of PTP time samples if the rate is greater than 1/second.
    • Customer request: Changed Accept First PTP Timestamp to disregard date entirely and step to match first received PTP timestamp. This option remains for highly-specialized environments, and its use is discouraged.

  • Control Panel applet
    • Added checkbox to the Advanced tab for controlling use of software timestamps. This checkbox will be grayed-out unless the operating system is Windows 10/Server 2019 or later. If you have configured software timestamps on an adapter, and this box is checked, then Domain Time will use them.
    • Customer request: Changed PTP Status label from "Raw Offset" to "Current Offset" to prevent confusion.

  • DTDrift
    • Fixed typo on drop-down scale of drift graphs.
    • Fix for drift graphs reporting incorrect average interval between data points when there is more than one data point per second.
    • Added 0.0000000 instead of "None" if the largest positive delta was zero.


5.2.b.20180805 - Optional Upgrade

Change for delta calculation when using DT2-UDP or DT2-TCP over high-latency connections. Version 5.2.b.20180801 introduced significantly increased precision of delta measurements on fast local networks, but neglected to compensate for networks with high latency. Upgrade if you are using DT2-UDP or DT2-TCP over Internet or WAN connections.


5.2.b.20180801 - Optional Upgrade

Support for Windows Server 2019. One major addition (allowing DTServer to become a Telecom master), and one major enhancement (allowing Audit Server to perform pre-audit syncs in parallel). One small fix for the textual summary of drift graphs. Several other minor enhancements or improvements. Upgrade if you are experiencing problems with the prior build, or if you want the new features.

  • All
    • Changed code-signing digest algorithm from SHA1 to SHA256. This is to conform with Microsoft's requirements for newer operating systems. XP and 2003 will not be able to validate the certificate, even though it is present and you may view the details.

  • DTServer
    • Customer request: Added support to allow becoming a Telecom master node. The Telecom Profile requires nodes to be either Telecom slaves or Telecom masters; alternating roles are not permitted. Therefore, the master configuration dialog will be unavailable if Domain Time is configured as a Telecom slave. Domain Time Server has a hard limit of 256 Telecom slaves. The maximum packet delivery rate is 128 packets/second.

  • DTServer/DTClient
    • Customer request: Changed second reply to Audit Sync command (sent only by Audit Server during pre-audit synchronization, or by the stand-alone dtsync.exe utility) to have a source port of 9909. The Audit Sync command, unless you have selected not to wait for it to complete, normally generates two replies to the originator's source port. The first reply, acknowledging the command, always has a source port of 9909. The second reply, which occurs after synchronization has completed, formerly used an ephemeral port as the source port. This has been changed so that both replies use 9909 as the source port.
    • Made telecom slave subscription requests work with PTP v2.1 domains 128-239 using SdoId 0x100.
    • Changed telecom slave delay requests to fire on the tick instead of ±25% of the interval. Some telecom masters don't send replies if the full interval hasn't yet expired.
    • Limited telecom slave subscription rate choices to workable numbers instead of the entire possible range. The telecom slave subscription dialog will still warn you about sub-optimal rate choices.
    • Made telecom slave subscription only request Announces until a best master is chosen.
    • Made telecom slave failure due to active denial of a subscription request a soft fail as long as another telecom master is provisioned and sending Announces.
    • Added small delay between receiving APM power resume event (waking from hibernation or sleep) and restarting the network. Win10 can send the resume signal several seconds before it actually finishes waking up.
    • Increased look-back size of PTP filtering engine for smoother performance.
    • Added lock-free mechanism for sending PTP messages. This helps reduce jitter.

  • Control Panel applet
    • Changed wording on DTClient's Advanced page from "Enable NTP broadcast listener" to "Enable NTP listener on port 123" for clarity.
    • Added Telecom Master option on DTServer's PTP Master configuration dialog.
    • Changed Test button behavior on various dialogs when the Control Panel applet is controlling a remote machine. This is because while the Control Panel applet is showing settings from the remote machine, it it executing on the local machine. Testing connections is therefore meaningless, since a name or IP that resolves on the local machine may or may not have the same behavior on a remote machine. The availability of the Test buttons caused confusion with admins who believed the test would execute remotely. As of this version, attempting to test remotely will display a message explaining the issue rather than running the test.

  • Manager
    • Appended "(deprecated)" to Manager's Pre-Audit Tasks dialog text "Wait for all synchronizations to complete." Pre-audit sync is a holdover from the days when networks needed to be synchronized only a few times per day. We recommend not using pre-audit sync, but have made some improvements (see below) in case you still need this function.

  • Audit Server
    • Rewrote pre-audit sync to handle large numbers of nodes in parallel, reducing the time required.

  • DTDrift
    • Fix for textal summary of a drift data file. Version 5.2.b.20180606 introduced summarized microseconds (instead of milliseconds), however, negative values were miscategorized. The individual delta data points are recorded correctly; only the summary classification was incorrect.
    • Changed lookups for driftptp.dt to use drift.dtex instead of driftptp.dtex. This only affects displays of IPv6 sources.

  • NTPCheck
    • Customer request: Modified SNTP request/reply compatibility.

  • DTCheck
    • Added -ptpslaves command. This command retrieves the current list of Telecom subscribers from a Domain Time Server in the PTP Telecom Master role.
    • Changed -ptptest output to show original source IP of forwarded packets.

  • PTPCheck
    • Added instance limiter, so that only one copy of PTPCheck may run (per logged-on user).


5.2.b.20180606 - Recommended Upgrade

Significant feature enhancements for DTClient/DTServer, and for Manager/Audit Server.

Introduced Audit Groups for Audit Server. Audit groups provide much finer control over how your nodes are audited, and how Real-Time Alerts are handled. When you first upgrade Manager, all of your currently audited nodes will be placed in audit group 1, labeled "Audited," and this will be the only group available until you also upgrade Audit Server.

Added support for the PTP Telecom Profile [00-19-A7-00-01-00] (slave-only) to DTServer/DTClient, and support for monitoring Telecom (or other nodes reachable only by unicast) to Manager/Audit Server. The Telecom Profile uses unicast negotiation with Telecom-capable grandmasters. The Telecom Profile does not use multicast.

Added preliminary support for the forthcoming PTP v2.1. PTPCheck (version management message), and PTPMasters (either from the Control Panel applet or from DTCheck) will show v2.0 vs v2.1, and the incoming SdoID will be displayed. The SdoId restricts which domain numbers are valid. Incoming v2.1 packets with invalid SdoId numbers, or with invalid combinations of SdoId and domain numbers, will be rejected. Support for other v2.1 features will be incorporated in future releases.

  • Audit Server
    • Added Audit Groups. Formerly, a node was either audited or not. Audit Server now keeps eight sets of rules, called Audit Groups. Each group has its own variables and actions. When you set a node to be audited, you also choose its audit group. This allows you to set separate tolerances for nodes with different alerting requirements. You may assign meaningful names to the audit groups. For example, you could name Group 1 "Trading," and make its tolerance 100 s, whereas Group 2 might be named "Workstations," and have a 10-second tolerance, etc. The names you choose will be used for display by Manager, as well as in alerts, logs, and summaries.
    • Added audit error email recipient(s) for each audit group. When an audit alert email is raised, the alert containing all errors will always be sent to the standard TO/CC/BCC recipient(s) in the general email setup. This new option lets you also send a copy to a comma-separated list of email recipient(s) interested in audit alerts for the each specific group, containing only the error from that group.
    • Added Real-Time email recipient(s) for each audit group, similar to the operation described for audit error emails.
    • Added node IP and node name to drift data (.dt) files. This information will show on the title bar when viewing a drift graph, and in the header of a .dt file converted to .txt.
    • Corrected PTP Monitor's behavior to prevent creating IPv6 sockets and joining IPv6 multicast groups when IPv6 is not enabled.
    • Finished changing references to "NTP Servers" to "NTP Nodes" (both singular and plural) to conform with earlier updates. If you are parsing log files, daily reports, or audit result text logs, you should change your scripts to look for "NTP Node" instead of "NTP Server." Be sure to upgrade both Manager and Audit Server to obtain consistent identification of NTP nodes.
    • Changed threading model for several data collection routines to ensure more predictable performance across all supported operating systems.
    • Improved Audit Server's measurement of Domain Time nodes' deltas, provided the nodes are using PTP and have synchronized within the past two minutes. (This change also affects the deltas shown when looking at Domain Time nodes in Manager.)
    • Added --- Begin Audit Results --- and --- End Audit Results --- before and after listing audit results in Audit Server's log. This makes it easier to pick out the audit results from other messages.
    • Rationalized audit result line for each node in Audit Server's log so that all node types use the same format, enabling simpler automated log parsing.
    • Removed ± from Real-Time Alerts, Audit Alerts, and Audit Summaries. Although the ± character (0xB1) displays correctly in text log files, it does not necessarily transit email or syslog when systems are expecting only 7-bit data.
    • Changed Audit Server's Event Log Event ID 3005 (Real-time Alert generated when a node changes to error status) from a simple, "x machines had errors" to individual events for each machine.
    • Added ability for PTP Monitor to follow Telecom slaves (or any slave not reachable by multicast). Unicast-only nodes must support PTP management messages. You may test using PTPCheck to see if a node responds to unicast management messages.
    • PTP Monitor will automatically follow any Telecom masters, provided that Domain Time Server is set to use the Telecom profile. Provision Domain Time Server with the master(s) you want to monitor, and they will automatically appear in PTP Monitor's list.

  • Manager
    • Changed name of Audit Server menu item "Alerts" to "Alerts and Audit Groups."
    • Changed the column name "Audited" to "Audit Group," to reflect that the options are no longer just Yes/No, but Unaudited or one of the eight possible audit groups.
    • Changed double-click on the Audit Group column from a Yes/No toggle to cycle through unaudited and the audit groups. Changed right-click on items to allow you to choose the audit group by name.
    • Added Audit List item to Manager's tree display. When selected, the list side will show you all currently audited nodes. You may sort by audit group, IP address, Location, or Node Name. The Location column indicates from which list the audited node derives. For example, a PTP node will show its location as PTP Nodes, and an NTP node will show NTP Nodes. Right-clicking on empty space in the list will allow you to go directly to Pre- and Post-Audit Tasks, to Alerts and Audit Groups configuration, or to Audit List Management.
    • Added Transport column to the PTP Monitor list. Transport here refers to the method of monitoring: Unicast-Only (e.g., Telecom slaves), or Hybrid (discovery by multicast, and follow-ups either by multicast or unicast).
    • Added Node Name and IP Address columns to the Synchronization Logs list. Note: These two columns are updated only when new drift data is collected by Audit Server, so there may be a lag between when you rename a node and when the new name shows up in the Synchronization Logs list.
    • Added help link and icon to PTP configuration dialog to help explain PTP domain selection options.
    • Added Backup/Restore of Audit List and Audit Group settings to the File menu. Backing up the audit list not only backs up the audited state for each node, but all of the audit group settings, including settings for unaudited nodes. When you restore the audit list, you restore all of the settings as well as the audited state for each node.
    • Changed Real-Time Alert wording on Manager's configuration dialog from "Do not count the first correction after startup as excessive, regardless of magnitude" to "Do not count startup corrections as excessive, regardless of magnitude." Changed Audit Server's processing to allow more than one "startup" correction, based on how long since the reporting machine has booted. This allows time for a recently-booted machine to settle, acquire a PTP master, adjust its timing, etc., before a Real-Time alert from the machine will trigger an email or red flag in Manager's display.
    • Added PTP nodes to Manager's Batch Add function (see Batch Add for details). Batch add for PTP nodes is limited to unicast-only slaves. You may use either an IP address or a DNS name as the identifier, optionally followed by a colon and a PTP domain number. For example, ADD PTP 192.168.1.200:3 would add the PTP slave at 192.168.1.200, using domain 3. If you leave the colon and domain number off, Manager will attempt to discover the domain. If you specify a domain number that isn't one of the ones being monitored by PTP Monitor, the node won't be added. If the node already exists in the database but with a different domain number, the domain number will be updated to the one you specify.
    • Changed references to "NTP Servers" to "NTP Nodes" to conform with earlier updates. Be sure to upgrade both Manager and Audit Server to obtain consistent identification of NTP nodes.

  • Control Panel applet
    • Changed label on PTP statistics page from "Delay Mechanism" to "PTP Profile" for clarity. The value following the label is a combination of the selected profile and the delay mechanism used with it.
    • Added Telecom Options dialog for setting variables for use with the Telecom Profile. In general, the default settings are correct and should not be changed unless required by your Telecom-capable grandmaster.
    • Added "PTP Telecom unicast negotiation details" debug category to the Debug Details dialog.
    • Change PTP Domain input box to accept 0-239. The former behavior was to limit the domain to 0-127. PTP v2.1 can use domains 128-239. If you choose a domain number in the range of 128-239, Domain Time will mark its outgoing packets as PTP v2.1 using SdoId 0x100.

  • DTServer/DTClient
    • Significantly improved PTP slave tracking on Win8/2012 or higher operating systems.
    • Added support for Telecom Profile [00-19-A7-00-01-00], sometimes referred to as the Telecom 2008 Profile. This profile requires a Telecom-capable grandmaster, and you must provision the slave with a list of (up to sixteen) grandmaster IP addresses and domain numbers. Use Ipv4:domainNumber or [IPv6]:domainNumber in the list of acceptable masters. If you omit the domainNumber, the current default domain will be used. Note that an IPv6 address, if used with a domain number, requires the square brackets as shown above. You must know the domain number used by your grandmaster. Domain Time supports the Telecom Profile using Layer 3 (UDP) only.

      The Telecom Profile does not use multicast. The slave negotiates unicast Announces, Syncs, and Delay Response messages with the master (much like a DHCP lease). The delay measurement is End-to-End only. By default, Announces are every other second, while Syncs and Delay are once per second. You may change these values, as well as the lease duration period, from the Control Panel applet. Keep in mind that not all masters support all possible values. You should leave the auto-negotiation checkbox checked, so that Domain Time can negotiate values that both Domain Time and your Telecom master(s) support. Domain Time is heavily optimized for performance at one Sync per second.

      The Telecom Profile uses an alternate Best Master Clock algorithm, as defined by ITU-T G.8265.1. This algorithm selects the best master based on the master's QL (clockClass), the master's priority 2 value, and finally the local priority. Local priority is based on the order in which you provision the list of masters, with the first in the list having the highest priority.

      Domain Time will continue to respond to multicast requests while using the Telecom Profile (if the underlying network permits it), but will not recognize multicast Announces or Syncs. When using the Telecom Profile, Domain Time Server can only be a slave, never a master.

    • Fixed target port for unicast E2E delay responses when DTServer is acting as a PTP master. Previous versions did not always send replies to port 320.
    • Changed default firewall handling to enabled.
    • Enabled multicast loopback for the DT2-UDP service.
    • Changed both E2E and P2P unicast delay responses to use ephemeral source ports for lock-free operations.
    • Improved algorithm to determine if QueryPerformanceCounter is based on the TSC.
    • Changed default transport for Real-Time Alerts (status reports) from TCP to UDP. Our recommendation is to use UDP unless your network experiences problems with dropped packets. TCP is more reliable, but is more "expensive" in connection building and tear-down. TCP also requires ICMP (ping) between the reporting machine and Audit Server, and many networks have ICMP blocked.
    • Fixed startup PTP duplicate node detection to send IPv6 discovery packets only if the network settings include IPv6. Previous versions sent both IPV4 and IPv6 discovery packets even if IPv4-only was selected.
    • Fixed race condition on Windows 10 resume from standby that could prevent PTP from resuming properly.
    • Fixed problem with rejoining multicast groups on Windows 10 after resume from sleep.
    • Added a one-time popup to the Control Panel applet when first enabling PTP as a time source. If the current timings or network settings are not optimized for PTP, the popup offers to fix them for you.
    • Fix for multiple copies of firewall rules on Windows 10.
    • Customer request: Added ability for the SNMP bounds trap ("If the delta exceeds...") to be configured in either microseconds or milliseconds. The minimum bounds alert for milliseconds is 1 (default 1000, or 1 second); the minimum bounds alert value for microseconds is 100 (default 55000, or 55 milliseconds). The Domain Time II group policy for SNMP only supports milliseconds, so if the SNMP group policy is defined, only millisecond bounds limits are allowed.

  • DTAlert
    • Made Last Status column sort by magnitude rather than value. Since this column may not always have numeric values, numerics and textual information are given different weights, so that each type of information will sort together with the same sort.

  • DTDrift
    • Added display of node name and IP address (especially useful when looking at PTP drift files collected by PTP Monitor, where the filename is normally just the PTP portIdentity).
    • Added three new categories under the Clock Discipline category: Under 100 s, 100-499 s, and 500-999 s. Previously, the smallest category was Under 1 ms. Each category now also displays the number of data points within that category's range.

  • DTReader
    • Updated to handle Audit Groups and to refer to an "NTP Server" as an "NTP Node" to conform with displays by Manager and in log files.

  • PTPCheck
    • Harmonized references to Meinberg NetSync Monitor.
    • Added help link and icon to PTPCheck main dialog to help explain PTP domain selection options.
    • Added option to specify a domain number on the unicast test line. For example, 192.168.100.100:3 will add domain number 3 to the domain list (if not already present), and will test 192.168.100.100 with packets sent only to domain 3. If you don't specify a domain number, PTPCheck will test 192.168.100.100 on all domains in the domain list.
    • Added command-line option to specify an IP address[:domain]. If you specify an IP address on the command line, PTPCheck will treat it as if you had manually entered it as the unicast test address and clicked the Unicast Test button.
    • Enhanced the output of the 0x200C - Version discovery command to include whether the response was marked PTP v2.1 or not. The SdoId is also displayed.


5.2.b.20180303 - Recommended Upgrade

One important enhancement for Audit Server: Added Daily Drift CSV files as the preferred alternative to expanding .dt files to .txt files. Auto-conversion of .dt files into individaul .txt equivalents is still supported, but has limitations, and has been officially deprecated.

Daily Drift CSV files use exactly the same format for each record, regardless of source, and, as the name suggests, collect only one days' worth of data from all of your audited machines per file, making extraction and retention strategies simpler. Daily Drift files roll at either midnight local time or at midnight UTC (your choice). If you are currently using .txt file conversion and then parsing the .txt logs, we strongly encourage you to change to Daily Drift files instead.

Several minor enhancements and fixes, including addition of support for Meinberg's NetSync Monitor messaging. Upgrade to obtain the new functionality.

  • Control Panel applet
    • Changed background color handling of the PTP Status dialog so that display is consistent across all operating system versions.

  • DTServer/DTClient
    • Changed PTP master selection algorithm to discard potential masters with the wrong domain number after the admin has unchecked the Dynamic Domain checkbox. This change means that Domain Time will not attempt to calibrate an unqualified master before going directly to the listening state.
    • Made log file viewer built into the CPL a bit smarter about finding logs other than the main one (if user has changed the main log name or location).
    • Customer Request: Added increment to reported Root Dispersion in NTP reply when the time source is not PTP. The root dispersion is reset at each timeset interval, and increments slowly (best guess at the machine's drift) until the next timeset event.
    • Added "PortNumber Cache" to PTPv2 subkey. The default value is 1, and should only be changed if directed by tech support. Valid values are 1-9999 (decimal).
    • Changed label on PTP Masters dialog from "Help" to "Explain & Fix" because many customers were not aware that the Help button can usually offer an automatic solution as well as explain problems.
    • Added support for Meinberg NetSync Monitor TLV messaging (revision 5). The default is for support to be enabled. This can be disabled on the PTP configuration/advanced dialog. PTPCheck (see below) has been enhanced to test for Meinberg NetSync extensions.
    • Customer request: Changed latency display in summary/aggregate log line from milliseconds to hectonanoseconds; i.e., the same format used in trace output for indivdual samples.
    • Customer request: Added support during command-line install/upgrade to specify a template to use instead of the default dtserver.reg (Server) or dtclient.reg (Client). The template file must be of the proper type (i.e., if installing/upgrading server, the template must be a server template), and must be in the same folder with all the original installation files. The added command-line parameter is -template=template_file_name.reg. For example, to install Client remotely to machine Bar, the command would be dtclient \\Bar -install -template=mytemplate.reg, or to upgrade the local machine, the command would be dtclient -upgrade -template:mytemplate.reg. This new functionality does not change the behavior of -upgrade. An upgrade preserves all current settings unless you also pass the -reset parameter.
    • Added support for -reset when using the command line to upgrade a remote machine. This flag used to be supported only for upgrading the local machine.

  • Manager/Audit Server
    • Audit: Changed behavior of Real-Time Alert "If a Domain Time machine reports that it has lost contact with its master" so that if "Ignore it" is selected, no alerts, warnings, or errors are generated. If "Treat it as a warning" is selected, the Real-Time Alert display will change to warning, but no alerts or errors are generated.
    • Audit: Changed audit event timer to avoid conflict with audit maintenance timer.
    • Audit: Changed behavior of background Ephemera Collection to cancel if Audit starts while collection is still running.
    • Manager: Added "Auto-generate a textual version of the audit results" checkbox to the Audit Tasks dialog (default unchecked). If checked, Audit Server will auto-convert the binary .dtad audit results to a .txt version after each audit. If a .txt version exists, Manager will offer to open the .txt version directly in Notepad as well as offering to open the binary file using the Audit Viewer program. The .txt version of an audit result is what you would see if you opened the file using Audit Viewer program and selected "View All Details of Audit in Text format" from Audit Viewer's menu.
    • Manager: Added node under Audit Server for display of Daily Reports. Formerly, the only way to view Daily Reports was to choose Audit Server/Daily Reports/View from the main menu.
    • Manager: Sorted display of multiple audit schedules by time of day.
    • Manager: Added configurable number of records to convert to text (if text file conversion is enabled).
    • Manager: Changed Open Containing Folder behavior to open the folder and select the right-clicked file. If no file is selected, or if Open Containing Folder is selected from the tree side, the folder is opened with no file pre-selected.
    • Customer request: Added hostname to IP lookup for NTP DROP and NTP DEL statements in DTManager's IMPORT batch command. The former behavior required using an IP literal for dropping or deleting an NTP node. Note: Use this new option with care. A hostname may resolve to more than one IP address. NTP DROP or NTP DEL will operate on the all matching IP addresses, which may not be the intended behavior.
    • Changed PTP Monitor's drift records to show the Check Reason column as "PTPSlave" for slaves and "PTPMaster" for masters (drift records are only collected for audited slaves or masters). The former behavior was to show "Veracity Check" for both types of nodes. The new behavior allows you to distinguish masters from slaves (or changing roles) when looking only at the drift records. (Note: PTP Monitor will not change existing drift records; this change only affects records generated after upgrading.)
    • Fix for non-Domain Time PTP slaves reporting their source stratum as their own stratum instead of the source's stratum (only in Audit Results binary .dtad and expanded .txt versions).
    • Fix for Manager sometimes displaying garbage in the DNS Name column when viewing the Domain Time Nodes list.
    • Fix for PTP masters that don't support PTP management messages from being recorded as offline in audit results. As long as the master continues sending Syncs and Announces, it is online and its delta can be calculated.
    • Customer request: Added checkbox on the Audit Tasks dialog to control whether emailed audit summaries include the error list inline or as an attachment.
    • Added "PTPPortIdentity" token to list of fields available for the daily report. This field will show as "N/A" for all non-PTP nodes. Also changed the output of the Show Example button on the Daily Reports dialog to show an example whether Daily Reports are enabled or not.
    • Fix for dtdrift.exe not being updated in the system32 folder when upgrade is performed via DTPatch vs the installation files.
    • Manager: Fix for Ctrl-F (Find) not working correctly if no row was selected in the list. Removed "No more matches" message if subsequent find locates the same item again.
    • Audit: Deprecated auto-conversion of .dt binary files to text files.
    • Audit: Added Daily Drift .csv file as preferred alternative to auto-conversion to .txt files. Daily Drift .csv files are named yyyy-mm-dd.csv, using either local time or UTC, and will roll at either local midnight or UTC midnight, based on your choice of local time or UTC. The UTC field will be either Y or N to indicate if the DateTime field is UTC. The DateTime field format may be either plain "yyyy-mm-dd hh:mm:ss" or ISO 8601 format. If using ISO 8601 together with local time, the format is "yyyy-mm-ddThh:mm:ss±HH:MM"; otherwise the format is "yyyy-mm-ddThh:mm:ssZ" to indicate "Zulu" time (UTC). Note: Records in a Daily Drift .csv file are not necessarily in ascending DateTime field order, and there may be more than one record with the same DateTime field from the same node. Records are appended as the data is collected, which may mean a few hundred records from one source, then more from a second source, etc. If collation is important for your import procedure, you should sort the data first. A Daily Drift file is held open during its 24-hour collection period, but marked FILE_SHARE_READ, so the file (or portions of it) can be copied while open. Use the RowID column in your dbms import procedure to know whether or not a record is new. RowIDs start with 1 and increment by 1 for each row. Daily Drift files are flushed to disk approximately once every two minutes, and immediately after an audit completes. If you have chosen to show Daily Drift files on Manager's Synchronization Logs page, you may right-click anywhere on the list and choose to flush the Daily Drift queue on command. The Daily Drift CSV columns are fully documented in Manager's Daily Drift configuration dialog.
    • Manager: Changed column of Synchronization Logs display from Count (number of records) to Size (number of bytes).
    • Manager: Added Daily Drift .csv files to list shown on Synchronization Logs page (if selected; see below).
    • Manager: Colorized Synchronization Logs list for easier identification of log types.
    • Manager: Added Display Options... right-click menu to the tree side of the Synchronization Logs list to control which kinds of Synchronization Logs are shown in the list. The status line shows the total number of files, the number being shown, and the total byte count for all files (whether shown or not).

  • LMCheck
    • Changed to require run as administrator to accommodate changes in default permissions granted by Win10 and Win2016. The former behavior was to run as invoker, which fails to enumerate the network correctly unless elevated.

  • NTPCheck
    • Added -localtime switch. If specified, timestamps are expressed in the machine's current timezone, otherwise in UTC.
    • Customer request: Added -csv and -json (mutually exclusive) to command line parms. These switches may be combined with any other switches to control the format of the output. If either -csv or -json is specified, normal headers and progress messages are suppressed (but errors will still print). If -csv is specified, the first line will begin with a hashtag (#) and contain the columm header names. If -json is specifed, only the JSON output is provided. Per ISO 8601, the datetime format for both -csv and -json output is either yyyy-mm-ddThh:mm:ss.mssZ (zulu time), or yyyy-mm-ddThh:mm:ss.mss±HH:MM (if -localtime is specified). The JSON output includes the timezone name.
    • Customer request: Added -micros and -hectos switches. These switches control the output precision. By default, only milliseconds are shown (10-3 seconds). If -micros is specified, then the output precision is microseconds (10-6 seconds); if -hectos is specified, the output precision is in hectonanoseconds (tenths of a microsecond, or 10-7 seconds).

  • DTDrift
    • Added -chop command-line parm. It must be followed by the full path to a .dt file, or use the wildcard path\*.dt (much the same as for -convert). While -convert will read a .dt file and create the corresponding text version, -chop will split the .dt file into chunks named foo_Part001.dt, foo_Part002.dt, etc.
    • Added -repair command-line parm. It must be followed by the full path to a .dt file, or use the wildcard path\*.dt. The -repair switch examines the file(s) for invalid entries and removes them. Note: This is a prophylactic function; no .dt file has ever become corrupted.
    • Added -csv command-line parm. This switch is only valid with -convert, and may optionally be combined with -noheader. The switches must be followed by the full path to a .dt file, or use the wildcard path\*.dt. Example: dtdrift -convert -csv -noheader "d:\drift files\*.dt" or dtdrift -convert -csv c:\myfile.dt. The .csv file(s) will be created in the same folder as the .dt file(s).

  • PTPCheck
    • Added "effective NTP stratum" to all places where PTP's stepsRemoved value is provided. The stepsRemoved value is zero-based, while NTP strata are one-based, with a cap at 15. This addition helps administrators more accustomed to dealing with NTP nodes than with PTP nodes.
    • Expanded the 0x0001 ClockDescription to include all fields sent by the responding node. Several fields in the ClockDescription response are optional, meaningless, or redundant. By expanding the output to show all fields, you can see if a node is sending full, correct information.
    • Added right-click menu option Meinberg NetSync Monitor Test. This option sends a special unicast End-to-End delay request to the selected node with NetSync Monitor TLVs attached. If the node is NetSync Monitor-capable, it will respond with a special End-to-End delay response with NetSync Monitor TLVs attached, plus a follow-up unicast Sync (and Sync Follow-up if the target is a two-step clock). If the node responds, the Delay Response data will show you how many TLVs were attached, and the number of bytes, plus the Sync message(s).


5.2.b.20180101 - Optional Upgrade

Added Authenticode signing to all executables. Several minor fixes and enhancements, mostly for consistency in displays or behavior. Several PTP improvements. One fix for Windows Time compatibility. Added ability for DTDrift to convert binary to text from the command line. Update if you experience any of the problems described, or if you'd like the new behavior.

  • Control Panel applet
    • Added domain number to the "Allow this machine to become a PTP Master server" line of the Master Configuration dialog (DTServer only). Also added profile type(s) and delay measurement transport type(s) that will be supported. These values are drawn from the main PTP configuration page, and presented on the Master Configuration dialog to help admins understand what values will take effect if the node becomes a master. See DTServer below.
    • Fixed several small inconsistencies in PTP variables between the Control Panel applet and DTServer/DTClient. This helps ensure that admins can't use the CPL to set values that the service will override.
    • Added validity check on the list of acceptable masters on the main PTP configuration dialog.
    • Changed the effects of the Reset to Defaults button on the Broadcasts and Multicasts tab to set the multicast IPv4 TTL and IPv6 Hop Count to 4, to conform with the change in defaults introduced in 5.2.b.20171113.

  • DTServer/DTClient
    • Allowed PTP management error responses to queries sent to all domains.
    • Added support for 0xDEEE "AllowedMasterList" PTP management message query.
    • Changed all Peer-to-Peer multicasts to have a TTL of 1, regardless of TTL used by other multicasts. This is to conform with IEEE 1588-2008 requirements.
    • Removed spurious warning about not being able to determine a PTP master's delay mechanism when using Peer-to-Peer without auto-detect enabled. The warning was a side-effect of believing the auto-detect mechanism had failed when in fact it was never invoked.
    • Increase speed and reliability of profile and delay auto-detect routines.
    • Inlined a few critical PTP-related computations, and also changed them to use bit-shifting instead of multiplication/division or exponentiation.
    • DTServer: Enforced profile type and delay measurement transport type when functioning as a PTP master as well as when functioning as a PTP slave. Our recommendation continues to be to use Auto-Detect unless you have a very good reason to change.
      • Auto-Detect: Both End-to-End and Peer-to-Peer supported, either unicast or multicast
      • End-to-End Default Profile: Only End-to-End supported, either unicast or multicast
      • End-To-End Enterprise Profile: Only End-to-End supported, only unicast
      • Peer-To-Peer Default Profile: Only Peer-to-Peer, either unicast or multicast
      • Disable Link Delay Measurement: No delay requests generated by slaves, or responded to by masters
    • DTServer: Changed default value (for new installations, or when the Reset to Defaults button is clicked) of radio button introduced in 5.2.b.20171113 on the PTP Master configuration dialog to have the reply to a CurrentDS management query tell the truth. This only affects the response to a CurrentDS query when DTServer is acting as a PTP master.
    • Added checkbox on PTP advanced properties labeled "Reply to source port of unicast requests instead of port 320." IEEE 1588-2008 is ambiguous about whether replies to management messages should be sent to the PTP "General" port 320, or to the requesting node's source port. The informal convention among manufacturers is to direct all management responses to port 320, whether the request was unicast or multicast. This checkbox tells Domain Time whether to follow the informal convention for unicast requests (i.e., send the reply to the requestor's IP address, port 320), or whether to follow the convention used by most other protocols (i.e., send the reply to the requestor's IP addess and source port). Most PTP programs resolve the ambiguity by sending requests from port 320, thus ensuring that no matter which convention is followed, replies will return to port 320. Some programs, however, use ephemeral ports for unicast management queries. Check this box only if you experience interoperability problems with third-party programs that send management requests using ephemeral source ports.
    • Changed the delay request timer to be pseudo-randomized so that delay requests are not sent exactly on the tick. The range is 75% to 125% of the nominal delay request interval. For example, if the delay request interval is set to once every two seconds, delay requests will be sent no more often than every 1.5 seconds, and no less often than every 2.5 seconds, with the mean over time coinciding with 2 seconds. Decoupling the delay requests from the PPS timer helps reduce the concurrency of delay requests from multiple machines hitting the network (and therefore the grandmaster) at the same time on each tick of the protocol.
    • Changed evaluation of NTP reply when coming from Windows Time on a Windows DC version 2012r2 or above, and when the domain/forest level is 2012r2 or above. Microsoft changed the behavior of the Windows Time reply to include a value in the Key Identifier field. Prior versions of MS-SNTP required the reply's Key Identifier field to be zero in the 68-byte version of an NTP reply. Per [MS-SNTP] clients must now ignore the Key Identifier field. (In practice the value now filling the field is the requesting client's RID.)
    • Improved detection of duplicate PTP portIdentities on the network.
    • Improved detection of VM resume from saved state, and added extra debug output in the in the Clock Sync Status Notices category.
    • Changed PTP to the listening state upon power resume or VM resume from saved state.
    • Extended text log lazy write to include syslog. If checked, syslog messages will be saved and sent at each flush interval.
    • Added checkbox "Send each PTP data point to syslog (trace or debug level only)" to the syslog configuration page. If checked, and if the syslog level is set to either trace or debug, then each PTP data point will be sent to syslog. The format is "PTP sample offset ±0.0000000, mpd 0.0000000, source ipaddress" where 0.0000000 is that sample's delta and the current meanPathDelay. Syslog log collectors may parse for trace-level messages beginning with "PTP sample offset" to categorize these messages. Caution: Enabling this output can create a large number of syslog messages. This option was added for those using syslog to collect compliance data.
    • Added support for permissions changes on Win10 regarding querying services.

  • Manager/Audit Server
    • DTAudit: Added Stand-By replication for Archives subfolder(s) under Synchronization Logs main folder.
    • DTAudit: Added Stand-By replication for Real-Time Alerts history folder.
    • DTAudit: Fix for initial Stand-By replication not starting on schedule.
    • DTAudit: PTP node status change notices in the Audit Server text log file are now info or warning level instead of trace. If info level, the level column label will be "Status:" instead of "Info:" to help with log-parsing. Notices referring to PTP master changes (online, upgrade, degrade, or leap change) will begin with "PTP Master," while other messages will begin with "PTP Node," in each case followed by the portIdentity and IP address. Note that a master going offline, or transitioning to slave, will generate a warning. A PTP master coming online or changing its timeQuality will generate a status notice.
    • Manager: Added two checkboxes to the Manager interface dialog to control auto-closing of DTReader (Audit Viewer) and DTDrift (drift graph viewer) when Manager exits. In prior versions, Manager did not attempt to close instances of DTReader or DTDrift. Manager now closes them at exit. To regain the former behavior, uncheck the box(es).
    • Manager: Added checkbox "Send info-level syslog message about each slave after sweeps" to the PTP Monitor configuration dialog. If checked, data pertaining to each tracked PTP slave is sent (info-level) to syslog after each sweep. You must have Audit Server's syslog level set to Info for these messages to be sent.
    • Manager: Added "Open Containing Folder" for Real-Time Alert history folder.
    • Manager: Added drift files from archives subfolders to list of Synchronization Logs.
    • Manager: Added Real-Time Alert history folder to Advanced/Data Folders dialog. Changed file data relocation to be recursive (because drift files may now have Archives subfolders). Changed behavior to stop Audit Server briefly while files are being relocated.
    • Manager: Added F5/Refresh for PTP Nodes on Stand-By (shows most recently-replicated data). Also disabled F5/Refresh and PTP node display on Stand-By when the primary node's PTP Monitor is turned off.
    • Manager: Changed "Domain Time II Machines" and "NTP Servers" to "Domain Time Nodes" and "NTP Nodes" respectively. This change only affects displays on Manager, and was introduced at the request of several customers who found the former labels confusing.
    • Customer request: Added confirmation notice when disabling an Audit Server alert type by unchecking the menu item.
    • Customer request: Added syslog output from Audit Server. You may set up to eight IPv4 or IPv6 addresses, and choose either RFC 3164 or RFC 5424 format.
    • Manager: Added "NanoServer" or "ServerCore" to platform type display as appropriate.
    • Manager: Added a pair of radio buttons to the PTPMonitor configuration dialog so you may choose to accept a grandmaster at face value if it claims zero stepsRemoved from a primary time source such as GPS/GNSS. If "Assume Grandmasters with stepsRemoved of 0 have zero deltas" is selected, each master's delta will not be measured against the local clock, and will show as 0 s. This is the correct behavior according to IEEE1588-2008 Table 13. The other option, "Measure all Grandmasters to discover deltas (estimate 150s)," tells PTPMonitor to observe the Sync/Follow-up messages and estimate each master's delta by comparing it against the local clock, accounting for measured E2E or P2P latency. The computation of the master's delta is only an estimate because PTPMonitor only observes packets and does not attempt to syntonize or synchronize with any particular master. It may be following multiple masters in several domains simultaneously. Previous versions of Domain Time Audit Server always attempted to measure the deltas, leading to some confusion among admins who expected a grandmaster to be at least as accurate as a slave and did not realize that master deltas were estimates. The new default is to assume grandmasters are telling the truth, provided they report stepsRemoved as zero. You may regain the former behavior by choosing the second radio button. Note that masters that claim stepsRemoved of non-zero are always measured against the local clock, yielding estimated deltas.
    • Added support for permissions changes on Win10 regarding querying services.

  • Synchronization Logs (drift graphs)
    • Added ability to show sub-seconds when displaying the average interval between samples. This is useful when your PTP grandmaster is sending more than one sync packet per second and you are looking at the PTP graph. Values greater than a few seconds will be shown as days, hours, minutes, and whole number of seconds.

  • DTCheck
    • Added -allowedmasters as an optional parameter to -ptplist. If -allowedmasters is specified, DTCheck sends management message 0xDEEE instead of 0xDEEF. 0xDEEE returns the list of acceptable masters.
    • Added option to filter results of -ptplist or -ptplist -allowedmasters. Use -ptplist IpAddress or -ptplist hostname to limit output to just that one node. IpAddress may either be a dotted-quad IPv4, or fully-formed IPv6 address.
    • Added "NanoServer" or "ServerCore" to platform type display as appropriate.
    • Added -resetClockId command. Use this if you have cloned your Domain Time installation and discover duplicate PTP nodes. PTP requires that each node has a unique portIdentity; the clockIdentity portion is normally created from the NIC's MAC address, but if you clone an installation without using -prepclone, the clockIdentity will be duplicated.
    • Added support for permissions changes on Win10 regarding querying services.

  • PTPCheck
    • Changed list displayed by Discovery Management Messages dialog to be sorted by management messageId.
    • Added 0xDEEE "AllowedMasterList" to the list of management messages that can be sent. The return value is "Any" if no restrictions are in place, or the list of IPs/CIDR masks/names considered acceptable masters.
    • Added "NanoServer" or "ServerCore" to platform type display as appropriate.
    • Changed all Peer-to-Peer multicasts to have a TTL of 1, regardless of TTL used for other types of message. This is to conform with IEEE 1588-2008 requirements.

  • NTPCheck
    • Added auto-elevation for functions that need to access the symmetric secrets keyring. For example, NTPCheck "mydc.example.com key windows" or NTPCheck "myserver key 1". If the user does not have sufficient priveleges to access the keyring, the program will relaunch itself in elevated mode (prompting for an admin username/password if required). The program already did this for NTPCheck -ad.

  • DTAlert

    • Changed default permissions on Domain Time II Alert Parameters registry key so that settings are saved when run by a non-administrator.

  • DTDrift
    • Added command line parm -convert [-localtime] filespec. -localtime is optional. If not supplied, UTC will be used. filespec may be either a fully-qualified path and filename, or a path with *.dt (no other file extensions are supported). If the path or filename has spaces, you must enclose it in quotation marks. For example, dtdrift -convert "C:\Program Files\Domain Time II\Synchronization Logs\*.dt" will convert each .dt file in the named folder to its .txt equivalent. The original .dt file is not altered.

  • Miscellaneous
    • Changed synchronization log (drift graph) window to have a title bar with an icon and system menu. The former appearance was a "toolbar" window containing only a caption.
    • Fix for inconsistent setting of the hasAllowedMasterList bit in reply to PTP management messages 0xDEEF (DomainTimeProperties) and 0x201B (AcceptableMasterTableEnabled). In addition, version 5.2.b.20171113 interprets this bit incorrectly in DTCheck -ptplist and in PTPCheck's details display. Version 5.2.b.20171113's output should be considered meaningless for this particular bit. Upgrade to obtain consistent behavior in both setting the bit and in interpreting it.
    • See also addition of 0xDEEE PTP management message described in DTCheck and PTPCheck sections.
    • Changed display in places that show log2 values as 2^n, where n may range from -128 to +127 (typically -7 to +7). The former behavior was to display n as 0xNN (two hex digits), which was fine for positive values, but became confusing for negative values. In most places where a log2 value is displayed, the millisecond interval (or text saying pkts/sec) is also shown beside it. log2 values are used by NTP and by PTP, and the values usually represent a frequency in seconds. 2^0 is 1 second, or 1000 ms; 2^1 is 2 seconds, or 2000 ms; and 2^-1 is half a second, or 500 ms, and so forth.
    • Changed various numeric displays and their parenthetical meanings to be the same in all places.
    • Added "Patent Pending No. 62-597170" notice to various dialogs and text displays. This software algorithm applies to DTServer, DTClient, Audit Server, PTP Monitor, DTCheck, and PTPCheck, and may include other products in the future.


5.2.b.20171113 - Optional Upgrade

One important fix for an error introduced in 5.2.b.20170922. If you are using Domain Time II Monitor (DTMonitor) and you downloaded between Sep 22nd and Sep 27th 2017, you should upgrade to obtain this fix. Otherwise, this release is optional; upgrade if you want the new features.

Many minor changes, enhancements, and customer requests. Introduction of PTPCheck, a new utility program.

  • DTMonitor
    • Fixed invalid memory access in DTMonitor's Control Panel applet. (Only affects version 5.2.b.20170922 downloaded between Sep 22nd and Sep 27th 2017.)

  • All
    • Changed "us" to "" or "s" in logs, reports, and dialogs where possible. is the lower-case Latin Mu character, representing microseconds.

  • PTPCheck
    • New GUI-based utility program to scan/test PTP nodes for management message handling. It is a single stand-alone executable, so it may be copied to various machines on your network in order to compare views.
    • PTPCheck is installed to the system32 folder along with DTCheck and NTPCheck during installation/upgrade of either DTClient or DTServer.
    • PTPCheck is installed to the Manager folder when management tools are installed/upgraded.

  • Control Panel applet
    • Added new page, PTP Masters, accessible from the PTP Stats page. The PTP Masters page shows the same information available from DTCheck -ptpmasters, but in a graphical format. The new PTP Masters page shows all current and former masters seen by the selected node, whether being followed or not. A help button is available to explain why a particular master is not being followed. In many cases, the Help dialog will not only explain why a master isn't being followed, but offer to automatically adjust settings to allow the master.

  • DTServer/DTClient
    • Customer request: changed text-log-only trace messages (primarily the summaries of which servers among a group are selected as time sources) to be forwarded to trace-level syslog output. Sources used to correct the clock will be listed as Source *sourcename whereas sources not used will be listed as Source -sourcename; reject reason.
    • Other warning messages regarding PTP status (such as running but not yet synchronized) are now also forwarded to syslog. The former behavior was to send these messages only to the text log.
    • Added ability to use either IPv4 or IPv6 for syslog targets. The former behavior was limited to IPv4 only. If you use a DNS name instead of an address literal, IPv4 will be favored over IPv6. For example, if you use localhost as the target on a dual stack machine, the resolver will provide both 127.0.0.1 and ::1 as valid IP addresses corresponding to the localhost. Domain Time will choose the IPv4 version. To force IPv6, use an IPv6 literal or a DNS name that only resolves to an IPv6 address.
    • Added support for RFC 5424 syslog format (UDP only). The TLS option for RFC 5424 is not supported. Prior versions of Domain Time supported only RFC 3154. Syslog messages are sent from an ephemeral port to the target port 514/udp.
    • Customer request: Added "Time Sample Errors as Warnings" (REG_SZ, default "False") to the Parameters subkey.
    • Changed default IPv4 TTL and IPv6 Hop Count from 1 to 4.
    • Changed registry security settings for symmetric keys to restrict access to SYSTEM and the Administrators group.
    • When acting as PTP Master with a clockClass of 6 (Primary), DTServer now marks the TAI-UTC offset valid only if it knows the TAI-UTC offset from prior contact with a primary source. If the TAI-UTC offset if not known, DTServer clockClass 6 behaves like DTServer clockClass 248 (default) - serving UTC timestamps marked as the ptpTimescale, with a utcOffset of zero. The net effect of this change is to make DTServer's Announce messages unambiguous, mostly for the benefit of protocol analyzers, If the clockClass is 13 or 255, DTServer's timestamps will be UTC, timeScale ARBitrary, with a utcOffset of zero. The drop-down on the PTP Master configuration page has been updated to clarify which timeScale is used with which clockClass.
    • Cosmetic fix for dynamic domain statistics display updating incorrectly when admin changes the default domain using the Control Panel applet, but the selected master does not change as a result (i.e., the previously discovered best master in a non-default domain remains the best master.)
    • Added two radio buttons to the PTP Master configuration dialog. The default choice is compliance with IEEE1588-2008 Table 13 ("Updates for state decision codes M1 and M2"), which requires all fields of the currentDS be set to zero. The second radio button allows Domain Time to tell the truth about these values. The standard presumes that any clock that becomes a master is necessarily connected directly to a primary time source (GPS/GNSS, atomic clock, etc.), and will always have stepsRemoved, offsetFromMaster, and meanPathDelay of zero. This is obviously not always the case. For example, a master relying on an NTP stratum 2 device is one step removed from a primary source, and it will have an offset and a delay that are meaningful. Even if its source is an NTP stratum 1 (zero stepsRemoved from a primary time source), it will still have a meaningful offset and delay. The choice (whether to follow the standard and lie, or ignore the standard and tell the truth) only affects the reply to the CURRENT_DATA_SET management query; it does not affect clock operation or the BMC algorithm.

  • DTCheck
    • Change simple syslog listener (DTCheck -syslog) to listen for both IPv4 and IPv6 on port 514 using a single dual-stack socket. On XP/2003, dual-stack sockets are not supported, so if you have IPv6 installed, only IPv6 messages will be seen; if you don't have IPv6 installed, only IPv4 messages will be seen.
    • Added -yes to DTCheck's -leapfile command. If specified, DTCheck will update Domain Time Client or Server with the current TAI-UTC offset derived from the leap-seconds.list file. Without the -y, DTCheck will only report the information.
    • Added -ptplist command. This command only works with Domain Time machines version 5.2.b.20171111 or later. It sends two multicast 0xDEEF management queries (one IPv4, one IPv6), using an ephemeral source port directed to the IPv4/IPv6 PTP multicast addresses, with a target port of 320. Replies will have a source port of 320, and a target port of whatever ephemeral port the operating system has assigned. Your firewalls must allow this traffic in order for -ptplist to work. The outgoing TTL is fixed at 64, and the boundary hop count is fixed at 8. All Domain Time nodes within reach of the queries will respond, regardless of PTP domain number or portIdentity. Non-Domain Time nodes will not reply. The text output from this command is a list of all visible PTP nodes running Domain Time 20171111 or later, along with useful information about their configuration, current status, and so forth. The list format designed to be parseable.
    • Added -ipv4 and -ipv6 switches for use with either -ptplist or -syslog. The default is to use listen for both IPv4 and IPv6 packets. If you specify -ipv4, only IPv4 packets will be displayed. If you specify -ipv6, only IPv6 packets will be displayed. If you specify neither (or both), then both IPv4 and IPv6 packets will be displayed.

  • DTTray
    • Added PTPCheck to the Management Tools submenu (only shown if management tools are installed).

  • Manager/Audit Server
    • Allowed PTP Monitor to display management error messages (trace level).
    • Added PTPCheck to the Utilities menu.
    • Fix for PTP Monitor drift files occasionally having data point timestamps of zero.
    • Change for IPv4 broadcast discovery. Symptom: If you had IPv4 Broadcast Discovery enabled on Manager's Network Discovery dialog, and had selected the Primary subnet only radio button, but had changed the default broadcast address from 255.255.255.255 to a different broadcast address, Manager and Audit Server would continue to use 255.255.255.255. This was reflected in the log. As of this version, Manager and Audit Server will use the specified broadcast address instead of the default.
    • Change for NTPQ behavior when scanning list of known NTP servers. NTPQ will only be solicited upon first adding an NTP server, or when a specific server is refreshed from Manager's list. NTPQ will be skipped for Audit scans, startup scans, and refresh of the entire list. (NTPQ can provide additional information about an NTP Server, e.g., its operating system and processor. Most organizations have disabled NTPQ due to security flaws in ntpd's handling of control messages. The queries sent by Manager and Audit Server cannot result in amplification attacks or other security violations.)
    • Exposed number of minutes between background drift collection on Synchronization Log dialog. This was formerly a registry-only setting.
    • Added ability to collect NTP drift stats more frequently than the normal collection interval. If background drift collection is enabled, you may now choose to collect NTP stats at the same interval as DT2 and PTP, or at a much shorter interval.
    • Changed Firmware column of PTP Monitor to reflect x86 or x64 accurately. Under certain circumstances, an x86 machine could be reported as x64, even though the Hardware column correctly says Win32.

  • Synchronization Logs (drift graphs)
    • Changed the max number of records kept by Audit Server to 604800, enough for one data point per second for one full week (just over 12MB of binary data). If you have disabled the size limit for drift files, a file that grows larger than the maximum will be moved into an "Archives/yyyymmdd" subfolder, and then the file restarted. A warning message will appear in Audit Server's text log. If the file cannot be archived, an error message will appear in the text log and the older data will be lost.
    • The graphical viewer for drift graphs will no longer open files larger than 604800 records.
    • Audit Server will no longer attempt to create textual versions of drift files with more than 64K records (approximately 6MB). A warning message will appear in Audit Server's log.
    • Customer request: Added new bracket to the Clock Discipline breakout in the textual version of all drift graphs, range 10-49 ms.

  • PTP Enterprise Profile
    • Internet Draft "PTP Enterprise Profile" has assigned an IETF profile ID of [00-00-5E-00-01-00] to the still-developing Enterprise profile. Domain Time uses this profile number in response to management requests, and in dialogs. For clarity, Domain Time refers to this profile as "End-to-End Enterprise Profile."


5.2.b.20170922 - - Optional Upgrade

Added SHA1 hash support for symmetric key authentication. Fixed a few inconsequential bugs. Added several customer requests for additional capabilities. Added several other enhancements. Upgrade if you experience any of the problems described, or if you want the new functionality.

  • All
    • Added support for SHA1 symmetric keys as well as MD5. This is primarily for FIPS 140-2 conformance. SHA1 keys are always exactly forty hex characters (0-9 and A-F) long, producing a 20-byte binary key. MD5 keys are ASCII text; different implementations of the NTP daemon have allowed different maximum key lengths. In general, an MD5 key should be composed only from 7-bit ASCII-printable text, excluding space, tab, and the # character. MD5 keys should be at least 8 characters long, and should not exceed 20 characters. Some versions of NTP daemons allow lengths of 32, while others have a maximum of 8 or 16. You will need to choose MD5 keys that are interoperable with all of your various devices and daemons.

      SHA1 keys work with NTP, DT2-UDP, DT2-TCP, and DT2-HTTP, including NTP broadcast and DT2-UDP broadcast. Domain Time Servers or Clients must be upgraded before they will recognize SHA1 entries as SHA1. Older versions of Domain Time will treat an SHA1 hash like a very long MD5 key (which won't verify). Added "SHA1" or "MD5" to all logs (where possible) to indicate the type of key used.

  • DTClean
    • Customer request: Added /yes option to perform silent clean. The graphical interface still shows, but the buttons are clicked automatically.

  • Manager/Audit Server
    • Customer request: Added option to send PTP Monitor E2E or P2P delay requests by multicast instead of unicast (to help with hardware devices that don't support hybrid mode).
    • Customer request: Added option to send PTP Monitor follow-up messages by multicast instead of unicast. Use this option only if your PTP nodes cannot reply to a unicast request. The default behavior of PTP Monitor is to "sweep" the networking using mulitcast, then send individual follow-up messages to each node using unicast. Using multicast for follow-ups may significantly increase network traffic.
    • Corrected long-standing misbehavior on Manager after installing to or upgrading a remote machine. The prior behavior was to check that the remote machine's service had started and would reply to a DT2 query, but discard the contents of the reply. The new behavior is to use the contents of the reply to update the Domain Time II Machines list with the returned information (version, operating system, status, etc). This may lead to newly installed or upgraded machines showing "NoSync" in the Alarm column. This is the correct status immediately after starting the service, because the machine, although up and responding, has not yet synchronized its clock. Use F5 (or right-click and select Refresh) after installing/upgrading. This change allows you to determine if a machine can or cannot obtain the time. A machine that persists in the "NoSync" state after a few seconds likely is having trouble.
    • Added checkbox labeled "Log messages if Audit Server's log is in trace or debug mode" to the PTP Monitor configuration dialog. If checked, and if Audit Server's log is set to either trace or debug, Audit Server will log (trace level) all incoming and outgoing management message activity.
    • Customer request: Added checkbox "Show Non-Responding DT2 Machines" to Manager's View menu. If checked, the Domain Time II Machines list will show both the results of the current scan and any known DT2 machines in the cache. Machines from the cache that didn't respond to scan will show "Unknown" in the Alarm column. Menus and DEL key handling updated to allow removal of machines from the Domain Time II Machines list. Deleting from the Domain Time II Machines list is the same as selecting "Remove from Cache" from the Domains and Workgroups list.
    • Changed the NTP list to show "Unknown" in the Alarm column if a machine does not respond to scan (to match the behavior of DT2 machines). The NTP list always shows all NTP servers, whether they respond to a scan or not. This change helps call your attention to machines that are not currently responding.
    • Deprecated "ReferenceProtocol" and "ReferenceServer" parameters from the Daily Report. These are holdovers from version 4.1 and are not particularly meaningful. The full reference time, including all of the sources, protocols, offsets, and strata used for an audit are listed at the top of the Daily Report (in the comments) and in the main Audit log file as part of the audit summary. Since the reference time applies to all machines audited, and may consist of multiple sources and protocols, it does not have a separate per-machine meaning.
    • Fix for symmetric key keyring not being pre-loaded for the Reference Time dialog if prior selection was "Use this machine's clock."
    • On the Help menu, added item for Version History, which opens a browser window to the complete product history for Domain Time.
    • Fix for trace-level output from Audit Server regarding received PTP messages: Source and target portIdentities/IPs were switched in the log output. This did not affect the program logic, but made the trace log difficult to interpret.
    • Changed behavior of Manager's startup scan (Options/Network Options/Scan Options) to honor the checkbox for "If a known NTP server does not respond to startup scan, try to contact it directly." The former behavior was to ignore this flag on startup, but honor it if you pressed F5 (or right-clicked and selected Refresh) while examining the NTP Servers list. This may mean a longer startup time for Manager if your NTP machines cannot all be queried by broadcast/multicast. You may uncheck the box to regain original startup speed. Added a new checkbox to the same dialog, "If a known NTP server does not respond to F5/Refresh, try to contact it directly," which controls the behavior of NTP followups when viewing the NTP list. You may still right-click/Refresh an individual NTP machine to update just that one machine's status. Note that these changes do not affect Audit Server, which always sends follow-ups to unresponding machines.

  • DTServer/DTClient
    • Changed trace and debug logging to make it easier to identify rejected broadcast/multicast NTP packets.
    • Changed wording from "the server is not known" to "not on list of configured sources" when ignoring an NTP or DT2 broadcast source.
    • Fixed case where a broadcast source was listed more than once with differing protocols (for example, 172.16.30.30 trusted for NTP only, and the same IP also trusted for DT2-UDP only). Symptom: If NTP was listed first, but a DT2 broadcast packet arrived (or vice versa), the packet would be rejected for not matching the listed protocol.
    • Changed saved list of recent broadcast servers to discard any more than a month old. This list is only used by the Control Panel applet when helping an admin choose from among recently-seen broadcasters.
    • Changed wording on CPL when entering an MD5 key from "The password secret is longer than supported by all ntpd implementations" to "The password secret is too long for many older ntpd implementations." The former wording suggested that no ntpd implementation would accept a long password, whereas the message was meant to warn that not all will. The reference implementation of NTPv3 limits the length to eight characters, whereas NTPv4 extends the length to 16 (http://doc.ntp.org/4.2.2/keygen.html). Domain Time itself has never had an upper limit, and, in the wild, admins often use secrets with lengths of 20 or greater.
    • Added VM Guest detection for running as a VM under Amazon's AWS-EC2 hypervisor.
    • Customer request: Added Accept First PTP Timestamp (REG_SZ, default False) to Parameters key. If set to True and if the first PTP timestamp received is unacceptable (outside allowed range), then the clock will be STEPPED to match the first PTP timestamp received. Use of this setting is highly discouraged; it is there solely for isolated systems without reliable CMOS clocks on the motherboard.
    • Customer request: Added Min Success Interval (seconds) to the Parameters key. This is a REG_DWORD value. The default is 5. You should not change it.
    • Customer request: Domain Time no longer counts the first correction after service startup in the cumulative drift counter. The first correction is often large, and not representative of the overall performance of the machine over time.
    • Customer request: Server and Client now support multiple syslog targets. You may list up to eight IPv4 addresses on the syslog server line. Separate targets with a space. For maximum backward compatibility with older versions of Domain Time, avoid using a DNS name if you list more than one target. If all of your machines have been upgraded, then you may use either DNS names or IPv4 addresses.
    • Fix for DT2-HTTP reporting "unauthenticated" regardless of whether a symmetric key or Windows authentication was used. This problem only affected the log output, not whether authentication was used.
    • Added buffer size check when a Domain Time Server in master mode replicates settings to its slaves. The buffer cannot overflow, and therefore cannot be exploited, but adding the size check ensures that responses larger than the allowed buffer are not truncated mid-entry.
    • PTP: Added compensatory control for when a Domain Time Server is set to become a PTP master, but PTP's "No Master Detect Timeout" is set to a number of seconds lower than required for the first time check to complete (e.g., 2 seconds). Symptom: DTServer would remain in the PTP Listening state until a sync trigger was applied. The default No Master Detect Timeout is 8 seconds, but admins who want a quicker convergence often change it to 4. Domain Time allows the timeout to be any value between 2 and 3600 (inclusive).
    • Added number of days remaining to the startup banner on eval copies.

  • Control Panel applet
    • Added Browse... buttons to import/export dialogs for symmetric keys, time sources, and broadcast souces.
    • Changed symmetric keys dialog to show SHA1 vs MD5 password types.
    • Changed symmetric keys dialog list to sort in numeric order for the key number column, and in text order for the other columns.
    • Changed maximum symmetric key number ("keyid") from 65535 to 65534 to comply with ntpd version 4.2.x. Some implementations of NTP, including prior versions of ntpd, use a range of 1 to 65535 (inclusive). Since the keyid is a 32-bit unsigned integer, there is no technical reason it could not be a much larger number.
    • Changed symmetric keys dialog broadcast key dropdown to sort numerically instead of alphabetically.
    • Added choice of line terminators (LF or CRLF) to key export dialog. The former behavior was to create the file using only LFs, on the assumption that exporting a file was primarily so it could be imported into a Linux machine. This is still the default, but you may now choose CRLF if desired. Note that key file import is not affected by the type of line termination. It has always been able to handle either CRLF or plain LF line terminators.
    • Changed key import routine to recognise both SHA1 and MD5 key types. The former behavior was to ignore any key type not marked MD5.
    • On the Correction Limits page, removed Minimum Correction ("Deltas smaller than ___ milliseconds will not cause a correction....) because any value other than the default value of 1 has been deprecated for over a decade. The presence of the setting and its wording suggested that deltas of less than 1 millisecond could not be corrected, whereas it really only applies to situations where slewing is diabled. Stepping the clock has an OS-dependent uncertainty, so Domain Time will not step a correction of less than 1 millisecond. Removed the same setting from the recommendations page on Domain Time Server operating in Master mode.
    • On the Support page, changed Online Documentation Index link to go to the overall Domain Time index page instead of the client or server index page.
    • On the Support Page, added link to Version History, which opens a browser window to the complete product history for Domain Time.
    • On the server test results dialog, restored the green/red/yellow indicator at the bottom-left corner. The code for displaying the indicator had been inadvertently commented out.
    • On the PTP Master configuration dialog, added prompts to ensure the admin chooses legitimate timeout and priority values.

  • Miscellaneous
    • Some 15-year+ old routines inexplicably thought that because there were 60 seconds in a minute, and 60 minutes in an hour, there must also be 60 hours in a day. We have educated these routines. The error only affected a few displays, not any timing calculation or function.

  • DTCheck
    • Added -leapfile command. This fetches and parses the default leap-seconds.list file from http://www.ietf.org/timezones/data/leap-seconds.list. If you want to use a different source, use -leapfile:http://location. Only HTTP is supported. The file, if successfully fetched, is placed in the system32 folder. If the file in system32 does not exist, or is older than the version on the server, it will be updated. If the file in system32 is the same as or newer than the version on the server, the file in system32 will not be updated. In either case, the output shows the last leap second and its TAI-UTC offset, as well as the next leap second to come (if one has been scheduled). Domain Time does not use the leap-seconds.list file. This command is present only to let you check the current TAI-UTC offset and any scheduled leap seconds. Since it writes to the system32 folder, you must run DTCheck with admin privileges for this command.


5.2.b.20170522 - Optional Upgrade

One important fix for Manager. Several minor improvements elsewhere. NOTE: If you upgrade the Management Tools, you should also upgrade Audit Server. Mismatched versions may produce unwanted results (see description of changes below).

  • Real-Time Alerts
    • Widened the precision of remembered deltas from milliseconds (10^-3) to hectonanoseconds (10^-7, or tenths of a microsecond). The information was already being sent to Audit Server in hectonanoseconds, and displayed to that precision in the log files, but was being truncated to milliseconds in Audit Server's database and in emailed Real-Time Alert messages. The truncation was a holdover from 2009 (version 5.1), when all reports were limited to milliseconds. This change allows you to see sub-millisecond deltas that are being sent by Client or Server without having to examine the log file.

      Also changed the threshold scale for raising alerts from milliseconds to microseconds. The threshold is kept internally as microseconds, and expressed in alert emails or logs as ±s.nnnnn second(s) when practical. For example, if your threshold is 1.5 seconds, the program will display "±1.5 seconds"; for 15 milliseconds, the program will display "±0.015 seconds"; for 100 microseconds, it will display "±100 microseconds," and so forth. Changed Manager to allow you to express the threshold as seconds, milliseconds, or microseconds.

      Note: If you upgrade Audit Server but do not upgrade Manager and Alert Viewer, Manager and Alert Viewer will display incorrect values in the delta column. The display will be correct if you upgrade Manager and Alert Viewer without also upgrading Audit Server, but a mismatch between Audit Server and Manager is not supported. Alert Viewer, which can connect to multiple Audit Servers, will display the precision supported by each of its servers (as long as you upgrade Alert Viewer).

  • Stratum Reporting
    • Changed drift graph stratum to display the source's stratum rather than the machine's stratum. This change affects NTP and PTP graphs; DT2 graphs already displayed the source's stratum. This change is for consistency among protocols, and only affects graphs displayed in Manager or by the stand-alone DTDrift program.
    • Changed Audit Viewer's reporting of strata to match what's shown in the drift graph. Audit Viewer already reported the correct stratum on the summary dialog page, but did not use each source's stratum in either the details dialog or the textual report.

  • Email
    • Fixed quoted-printable encoding to prevent inserting a soft CRLF between the CR and LF of a hard CRLF. Symptoms: None known; this fix is to ensure strict compliance with RFC2821 and RFC2045.
    • Added workaround for non-conformant SMTP smarthosts. Symptom: Email session would terminate with a timeout after sending the email data but before seeing a 235 from the smarthost. These non-conformant servers are expecting an extra CRLF at the end of data.
    • Changed charset from US-ASCII to Windows-1252 to support 8-bit characters.

  • Manager
    • Widened display of real-time alert deltas as noted above under Real-Time Alerts.
    • Changed display of strata as noted above in Stratum Reporting.
    • Changed real-time alert threshold from milliseconds to your choice of seconds, milliseconds, or microseconds, as noted above.
    • Added checkbox to Real-Time Alert configuration dialog to allow choice of whether to raise alerts for all machines or only audited machines.
    • Fix for Manager freezing when NTP list is emptied. Symptom: Manager would pop up a blank message box (no text or buttons), and wait for you to click on the non-existent button to continue. The problem only exists in versions 5.2.b.20170101 and 5.2.b.20170331.
    • Added optimization for computer name enumeration in AD forests. If enumeration fails due to global catalogue errors, you may disable this optimization by changing the registry value Optimize Computer Enumeration to False in Manager's Parameters subkey.
    • Added History... to right-click menu for items in the real-time alert list. Also added F6 accelerator key to perform the same function.
    • Added real-time alert history settings to Real-Time Alert configuration dialog.
    • Added Email Setup... to Audit Server menu for convenience (the same dialog is available from locations where you enable or disable email).
    • Added "Time Traceable" and "Frequency Traceable" fields in detail view of PTP nodes. For masters, this is their own traceability status. Time traceability propagates to slaves, but frequency traceability for slave is implementation-dependent and may not be meaningful.
    • Colorized PTP node detail display to match other protocol detail displays.
    • Changed default for View - Show Grid Lines to false (only affects new installs).

  • Real-Time Alert Viewer
    • Fixed the audio alert to honor the state of the checkmark on the pop-up menu. Symptoms: Sounds were continuing to play when the checkmark was unchecked.
    • Widened display of real-time alert deltas as noted above.

  • Audit Server
    • Widened display of real-time alert deltas as noted above.
    • Added abiltity to customize the subject line in email alerts and summaries (only for this version or newer). To change, edit the HKLM\Software\Greyware\Domain Time II Audit Server\Logs and Alerts\SMTP key and change any of the Email Subject... values. Changes take effect upon service restart.
    • Ignoring excessive deltas upon receipt of a Status Report (Real-Time Alert) from a machine that has just resumed from standby is now treated as if the machine had just booted.
    • Changed wording on alert dialog from "after boot" to "after startup" to reflect the above change.
    • Added ability to skip raising an alert for unaudited machines.
    • Added code to skip updating Status Report delta when a Status Report is only a notification of PTP status change. Symptom: The "Last Status" column in Manager would change to zero for approximately five seconds after a PTP master was lost or gained.
    • Changed "PTPv2" to just "PTP" in audit debug logs.
    • Added real-time alert history folder and logfiles for each reporting machine.
    • Changed real-time alert logging to show deltas on machines that are in the PTP-lost-master state.

  • PTP Monitor
    • Changed display for masters who are zero "stepsRemoved" from a primary source to show an effective NTP stratum of 1 instead of 0.

  • DTServer/DTClient
    • Added ability to track number of seconds since a resume-from-standby event. This data is sent in Status Reports (Real-Time Alerts) so that Audit Server can decide whether or not to ignore excessive startup deltas. A recent resume from standby also counts as a "startup" event for the purposes of overriding the min/max correction allowed. This change allows laptops or similar devices that use sleep or hybernate to resume synchronization and avoid being flagged as out of tolerance when they resume operation.
    • Increased IOCP worker thread count to help prevent starvation of UDP service requests while TCP teardown is occupying a worker.
    • DTServer: Changed error message to "Access Denied" when DT2-HTTP is disabled for the type of access requested. Also streamlined HTTP request processing to reduce transaction duration.
    • Added secondary audit server value to the domtime.adm GPO. To obtain this functionality, you need to update the GPO with the new domtime.adm file, and set the value secondary audit server value using your normal policy editor. You must also update any DTClient or DTServer set to use the policy (previous versions will ignore the new value).
    • Corrected auditdata command response to include all time sources (up to eight) if multiple sources were used to steer the clock. If multiple samples from the same source are used, only the first sample from that server is included. Previous versions did not always show the individual source data.
    • Added source's stratum (if known) to the auditdata command response. This value is displayed by DTCheck or the Audit Viewer.
    • Added caller's IP/port and listening IP/port to debug-level messages for TCP hang-ups due to inactivity or error.
    • Improved overall socket server shutdown time for very busy DTServers with many concurrent TCP connections.

  • DTUpdate
    • Fixed logic error in the Domain Time II Update Server service which allowed installation to newly-discovered machines when the Administrator had selected only upgrades, not new installations.

  • DTCheck
    • Added each source's stratum (if known) to the output of dtcheck -cmd=auditdata when multiple sources were used by the queried machine.
    • Changed -ptpmasters output for two-step clocks to add count of missing Sync Follow-ups. An occasional Sync without its Follow-up is not an error, but a sufficient number in a row can lead a slave to abandon a master.
    • Changed -ptpmasters output for one-step clocks to omit showing zero Sync Follow-ups received.

  • DTDrift
    • Changed display of strata as noted above in Stratum Reporting.

  • DTTray
    • Reduced redundant registry reads.

  • DTLockdn & DTClean
    • Fixed code that disabled filesystem redirection and then failed to re-enabled it. This affects only 32-bit versions of the programs when running on 64-bit operating systems. Symptoms: None. In all cases, the programs perform correctly. This change is for consistency's sake, in case the programs are ever rewritten to operate recursively.


5.2.b.20170331 - Optional Upgrade

This version adds new features to Audit Server, especially for large networks where an audit can take a significant amount of time to complete. Added a fix for sleep problems on Windows 10 machines. Updated Denial-of-Service (DoS) protection algorithm. Several other minor enhancements and features at customer request. Upgrade if you are affected by any of the problems fixed, or if you want the new functionality.

  • All
    • Fixed problem with weekly text log rollover. Symptom: Log would roll at the first Sunday, then never again, unless you switched to monthly or daily, then back to weekly.

  • Manager
    • Changed wording on Audit Server/Alerts/Configure page to say "anomalous test results" instead of "anomalous scan results" because the double-check occurs for both NTP and DT2 sources after obtaining a result, whether it was obtained from either a scan or a directed query.
    • Added Cancel Audit menu option to cancel a running audit.
    • Disabled critical timing processor lock on machines with invariant TSCs.
    • Added checkbox to Audit Server/Audit Tasks dialog: "Scan the network before contacting individual machines" (default checked). If checked, Audit Server will use Manager's scan settings to collect data by multicast/broadcast before attempting to check with each machine. If unchecked, Audit Server will skip the initial scan.
    • Added checkbox to Audit Server/Audit Tasks dialog: "Use multicast to locate DT2 machines that may have changed IPs or names" (default checked). This checkbox exposes an existing registry setting that controls how Audit Server locates machines that may have changed NetBIOS names or IP addresses since the last audit.
    • Added version mismatch warning to the Conflicts and Problems display. If Audit Server is installed and is not the same version as Manager, a notice will appear advising you to upgrade the incorrect component.

  • Real-Time Alert Viewer
    • Added ability to play sounds when the overall status changes to red or yellow. You may turn this functionality on or off by checking/unchecking the right-click menu item titled, "Audio Alert Enabled." To change the .wav files played for each type of alert, edit the registry: HKEY_LOCAL_MACHINE\Software\Greyware\Domain Time II Alert\Parameters, and change the "Realtime Alert Sound Error" and "Realtime Alert Sound Warning" values to whatever you want. The full file path and name must be provided.

  • Audit Server
    • Added method for Manager to signal that a currently-running audit should be cancelled.
    • Added dynamic scan timeout value based on size of the recordset being audited.
    • Split unicast follow-ups to non-responding audited machines into multiple threads.
    • Disabled critical timing processor lock on machines with invariant TSCs.
    • Added ability to skip initial audit scan and do only unicast queries.
    • Split auto-acknowledge of Real-Time Alerts into a separate task; this change prevents auto-acknowledgement from being starved for CPU on busy Audit Servers.
    • PTP Monitor Logging
      • Added trace-level log event if a PTP master upgrades or downgrades its time quality.
      • Added trace-level log event if a PTP master changes its leap status flags.

  • Audit Viewer
    • Added DNS name, if known, on display and reports of NTP servers. Prior behavior was to say either "N/A" or the IP address in the name field.

  • DTServer/DTClient
    • Added work-around for Windows 10 machines with sleep function enabled. Symptom of problem: When sleep mode exits, the main thread may not resume. This is due to the Windows 10 kernel not sending matching pairs of APM up/down events to the service handler.
    • Added trace-level log messages for APM signals.
    • Changed default interpolator behavior to avoid unneeded cycles when using the kernel interpolator (Windows 8 or above).
    • Changed Denial-of-Service (DoS) behavior to not restart DoS timer with hits from poisoned sources during the rehabilitation window. The former behavior required n second to pass without any hits from a poisoned source before absolution would be granted. The new behavior grants absolution n seconds after the first excess. This makes the DoS protection more of a rate limiter than a block.

  • PTP Master Mode
    • Corrected inconsistency between announced and queried time quality, so that queries via management messages are dynamic using the same algorithm used for announces when Domain Time Server is operating as a PTP master.


5.2.b.20170101 - Recommended Upgrade

Introduced PTP Monitor, a component of Audit Server integrated with Manager. Several minor bug fixes; many performance enhancements. Added support for the "PTP Enterprise Profile." Added preliminary support for PTPv3 (subject to modification as the specification evolves).

  • All
    • Changed log file and dialog mentions of "variance" to "delta" where the value being referenced is a simple ±Δ (delta). The term "variance" is now used only it its strict mathematical sense (squared deviation from a set's mean). The former use of "variance" to mean "delta" was a holdover from when variances were exposed directly.
    • Changed most messages and prompts to say PTP instead of PTPv2. Messages specific to v2 (IEEE 1588-2008) as opposed to v3 (forthcoming) will have v2 or v3 appended when v3 is released and supported. Since much of v3 will be interoperable with v2 in terms of message types and formats, the version number is important only when a difference must be distinguished for debugging purposes. Certain instances of PTPv2 will be retained for backward compatibility (such as the names of keys and values in the registry).
    • Changed PTP node portIdentity textual representations to use a period instead of a colon to separate the clockIdentity from the portNumber. (There is no standard for textual representations of portIdentities. An 80-bit hex string is difficult for humans to read, so we split the clockIdentity into three portions using dashes, and separate the portNumber from the rest using a period.)

  • Manager
    • Introduced PTP Monitor, a component of Audit Server that works in conjunction with Manager.
    • Changed internal audit delta value for alerts from milliseconds to microseconds. Manager shows a radio button to allow selection of seconds, milliseconds, or microseconds. The value will be converted to microseconds when the dialog is closed. Internal time is still kept in hectonanoseconds (tenths of a microsecond).
    • Added check for wsnmp32.dll before allowing install to or upgrade of a remote machine. All versions of Windows from XP up have this DLL installed, execpt for Windws Server 2016 Nano Server, where it is optional. The admin must install SNMP trap support on Nano Server before installing Domain Time.
    • Changed default display precision for deltas and latencies from milliseconds to microseconds. This value is still adjustable from the Options/Appearance/Format Options/Significant digits dropdown. Several customers were unaware that the number of significant digits displayed was adjustable, and thought that Manager was only able to measure to the millisecond.
    • Changed the default sort order for deltas to use absolute value (magnitude). This may be changed on the same dialog box as the number of significant digits.
    • Added multicast interface enumeration to scanner functions used by Audit Server, Manager, and Monitor.
    • Added tooltips over list column headers to make it easier to read a column header's label without widening the column (with additional information for columns with obscure or potentially-confusing labels).
    • Added right-click item "Details" on lists to switch to the corresponding tree node's details view.
    • Added "Leap" column to Domain Time II Machines list.
    • Added "(UTC±HH:MM)" after timezone name in Domain Time II Machines details view.
    • Fixed slow redraw when deleting Audit Results or Synchronization Logs. Also fixed count of items shown on the status bar to reflect remaining items after deletion.
    • Fix for scan receive timeout resetting to 1500 on Manager's Options/Network Options/Network Discovery page. This value affects both Manager and Audit Server. Also applied fix to ensure that values entered are within the minimum and maximums allowed.
    • Fixed Alarm column on the Domain Time II Machine's list to reflect "NoSync" if a Domain Time machine has not been able to set its clock since startup. This information is already available via Audit Server's Real-Time Alerts and reports, but was not shown in the machine's list.
    • Added "PortIdentity" column to command-line DTMan EXPORT column, showing blank if the entry is not a PTP node, else showing the node's PortIdentity. For PTP nodes that are slaves, the existing PTPStatus column will show the master's IP address if available, else it will show the master's PortIdentity.
    • Fix for long Manager startup time when database size is large.
    • Improved Manager's exclusion of unwanted Organizational Units (OUs) to include both AD enumeration and tree/list display. The former behavior was to include all machines in the database, and excluded unwanted ones from the display.
    • Added number of elements and memory used by each of the major indices to the System Information page.
    • Added secondary sort by common name (DNS name for NTP servers) when sorting by other columns, so that machines in the same group are listed alphabetically within that group.
    • Changed display name for domtimed Domain Time II role from "Full Client" to "Linux Client" to make them sort separately from Windows clients.

  • Audit Server
    • Introduced PTP Monitor, a component of Audit Server that works in conjunction with Manager.
    • Fix for scan receive timeout resetting to 1500 in error.
    • Added info-level timing information for each phase of an audit. This helps identify which phase (if any) is consuming too much time for users with a very large number of machines being audited.
    • Added "lazy" write to the text log output (same mechanism as available for DTClient/DTServer). This helps improve accuracy of time-sensitive operations that must log their output.

  • Audit Viewer
    • Added "Delta" column.
    • Added NTP stratum (or equivalent) to display of a machine's time source. Strata only apply to NTP servers, but an effective stratum may be determined in most situations. In cases where there is no equivalent, or the information is missing, the stratum is not displayed.
    • Added UTC±HH:MM where applicable.
    • Added support for PTP Nodes (as opposed to Domain Time machines using PTP to obtain the time). Note that you may audit by more than one protocol (NTP, DT2, or PTP, or any combination); each shows up as a separate entry in the audit list.
    • Added support for showing last correction in sub-milliseconds (if provided by DTClient or DTServer; previous versions reported deltas to the hectonanosecond, but corrections only in milliseconds).

  • DTServer/DTClient
    • Added dynamic reset of outgoing socket TTL (IPv4) and hop count (IPv6) when changed on the Control Panel applet (former versions required a service restart).
    • Added links in all users start menu, similar to those created by installing management tools.
    • Fix for negative delta not firing SNMP trap for bounds exceeded.
    • Added shared memory section for PTP statistics (used by DTCheck and the Control Panel applet).
    • Added ability to keep NTP4-style loopstats and peerstats files, including symlinks to the current file, plus several other internal changes for ntpq and nptd-compatibility. Please see ntpd Compatibility for details.
    • Increased the maximum number of drift records kept by each machine. This provides a longer span of history; this is particularly important for PTP drift, which can accumulate one or more points per second.
    • Added socket drain for TCP connections after sending FIN but before closing socket. This helps prevent spurious connection reset errors on the peer.
    • Added non-zero values roughly equivalent to ntpd's concepts of root delay and root dispersion to NTP reply packets (DTServer only). Note that Domain Time does not keep internal statistics in the same fashion as ntpd, so there are no exact equivalents.
    • Added poll value to nearest power of two to NTP reply packets; this value was formerly fixed at the default interval, whereas now it reflects the anticipated number of seconds between time checks. Note that Domain Time does not calculate or maintain polling intervals in the same fashion as ntpd, so the poll interval reported is approximate. In particular, the state machine itself has a value, but not individual time sources. Domain Time is not restricted to ntpd's minimum, maximum, or power-of-two intervals, but reports as if it were for ntpd compatibility.
    • Changed precision value in NTP reply packets (DTServer only) from -23 to -22. 2^-23 (0.000000119 seconds) is the nearest approximation of Domain Time's actual granularity, but 2^-22 (0.000000238 seconds) is closer to the standard deviation representing Domain Time's best-case ability to measure the clock.
    • Changed default value for "Enumerate multicast interfaces..." and "Initiate rebind and resync..." to true.
    • Fixed log message format error after applying leap-second. The bug was introduced in version 5.2.b.20160922, and only affected machines running at trace-level or debug-level text log output.
    • Changed "Service Notify Time Change" log messages from debug level to trace level.
    • Added PTP grandmaster's offsetScaledLogVariance (oslv) to log lines that display the master's general attributes. This value is a four-digit hex number.
    • Added error-level output to log if PTP calibration fails due to invalid timestamps from the grandmaster. This information is also available in debug mode if the PTP packet rejection category is enabled, and will fire with every rejected packet. The new error-level information does not fire with each Sync packet, and does not require debug mode.

  • Control Panel applet
    • Further simplified and clarified the wording for Delay Transport on the Control Panel applet's PTP configuration dialog.
    • Added checkbox and configuration link for PTP to DTServer's "Serve the Time" page. This is a shortcut to the same PTP configuration dialogs on the "Obtain the Time" page, but put on the Serve the Time page for convenience. Unlike other protocols, PTP will be either a slave or a master depending on the overall network conditions.
    • Added checkboxes on the Logs and Status page for enabling NTP4 loopstats and peerstats. Added display of the NTP Stats folder. This display will be "N/A" for earlier versions of Domain Time, and "Not set yet" if you haven't enabled loopstats or peerstats. The folder path, if not set manually, is determined the first time Domain Time collects loopstats or peerstats. Close and reopen the Control Panel applet in order to see the path after first enabling loopstats or peerstats.
    • Removed Refresh and Autorefresh control from PTP Stats display when operating on the local machine using shared memory. The title bar includes either "shared memory" or "network" for your reference.
    • Added dropdown selection for "End-to-End Enterprise Profile" on the PTP configuration page. See PTP Profiles for details.

  • PTP
    • Added support for slaves choosing a master from among multiple domains, whether or not the Enterprise Profile is selected. This is controlled by a checkbox labeled "Dynamic (allow any domain when slave)" on the PTP Options page. On the PTP Status page, older versions will display "Domain Number" and the domain number. Newer versions will display either "Dynamic Domain" and the domain number currently in use, or "Operating Domain" and the domain number chosen on the Options page. See Dynamic Domain on the PTP Profiles page.
    • Shortened or eliminated the delay time for recalibration when switching from one master to another if multiple masters are advertising simultaneously (for example, when a master in domain 0 and another in domain 1, are both visible to the slave, and the slave has Dynamic Domain available, it will have already pre-qualified both masters, and be able to switch without reentering the listening state when the master it has chosen goes offline).
    • Added support for management GET of the PTP fault log.
    • Added support for management COMMAND to clear the PTP fault log.
    • Increased incoming buffer size to accommodate receipt of large fault log packets.
    • Changed reply to management requests sent to all domains (0xFF) to indicate the clock's true operating domain instead of copying the incoming request's domain. Note that management requests addressed to all domains are not part of the PTPv2 specification (although they will likely be part of v3); this functionality is included in Domain Time in emulation of PTP's "all clock identities" and "all clock ports" concepts. Domain Time does not send these requests, but will respond appropriately if so queried. Prior versions responded from domain 0xFF, as required by a strict interpretation of PTPv2.

  • DTCheck
    • Added prompt before -test and other options that may affect the clock, requiring confirmation before beginning the procedure. Added -yes parameter to skip the confirmation.
    • Added -driftfiles parameter to fetch drift files. If no machine name or IP address is specified, the local machine is targeted. The files are placed in the current directory. Example: dtcheck 10.1.2.3 -driftfiles

  • NTPCheck
    • Added display of precision, poll, root delay, and root dispersion to -raw output. Note that sources providing a zero for root delay or root dispersion is valid but undefined; the value is either omitted (typical with appliances and previous version of Domain Time) or too small to represent in the fixed-point field provided. NTPCheck will display root delay and root dispersion, but only convert to seconds and fractions of a second if non-zero values are provided.

  • Setup
    • Added automatic backup of audit server database during upgrade.


Next Proceed to the Older v5.2 history page

 

Next Proceed to the Planning page
Back Back to the Requirements page

My Account  |   Contact Us  |   Feedback to Greyware  |   Privacy Policy  |   Printer-Friendly Version
 
Copyright © 1995-2019 Greyware Automation Products, Inc.  All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.