From: "Don Levey" <fedora-list@xxxxxxxxxxxxx>
> > Run a tcpdump while you set time using ntpdate. If ntpdate works
> > there is no sensible reason ntpd should not unless you are trying the
> > multicasting "stuff".
> >
> > {^_^}
>
> I've received word from my ISP that they are *not* blocking port 123. I
see
> on my Linksys router/firewall that my packets are going out (it's the last
> step before the cable modem). However, nothing comes back to it. Not on
> port 123, not on any other port from those hosts. The ntpdate -u gets
> results, however. Oh well.
>
> I guess I'll just need to do this manually once in a while, and then sync
up
> the rest of my machines with this one.
>
> Thanks for the help,
> -Don
Run two tcpdumps, one with ntpdate and one with ntp itself. You could run
a third one with "ntpd -q", which runs ntpd once then quits. Compare the
packets sent out. Make sure all the tests go to the same address. All three
send and receive on port 123 UDP.
If ntpdate works and "ntpd" -q does not look to your configuration file
for an error.
This is my configuration file somewhat edited to show an example of using
a DSL connectivity related DNS server's ntp. (I don't normally use it
because it tended to show a wider deviation from other sites I trusted more
than ntpd will tolerate. It never made them the peers.)
--8<--
# xntd configuration for host linux
# (expected to operate at statum 3?)
server dnsauth1.sys.gtei.net
#server dnsauth2.sys.gtei.net
#server dnsauth3.sys.gtei.net
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 3
#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
#multicastclient # listen on default 224.0.1.1
#broadcastdelay 0.008
#
# Authentication delay. If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on your machine.
#
authenticate no
#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
#keys /etc/ntp/keys
# by default, don't trust and don't allow modifications
#restrict default notrust nomodify
# these guys are trusted for time, but no modifications allowed
#restrict 128.100.0.0 mask 255.255.0.0 nomodify
#restrict 128.8.10.1 nomodify
#restrict 192.35.82.50 nomodify
# the local addresses are unrestricted
#restrict 128.100.100.7
#restrict 127.0.0.1
logfile /var/log/ntp
#logfile /dev/null
logconfig syncstatus -sysevents
#+sysevents
--8<--
This machine serves itself as well as about 10 other computers here on
the site.
{^_^}
