Re: time sync with ntp not working correctly? - solved

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I Think I found the missconfigured parts :-)! Thanks for pointing me into the right direction.

"notrust" and "restrict" where misconfigurred!

Now the clients have:

restrict IP mask 255.255.255.255 nomodify notrap noquery
server IP

The server:

restrict IP mask 255.255.255.0 notrust nomodify notrap
...

Regards

Götz Reinicke


John DeDourek wrote:
Note the column called "reach".  On the server it has 377.
That's the octal (base 8) representation of an 8-bit quantity.
(377 = 11111111 binary).  Periodically a machine running ntp
sends a time query to its configured servers.  When it gets a
reply it shifts a 1 into the right of "reach"; no reply, it
shifts a 0.  Thus on the server, the last eight queries to
its servers got a reply: 11111111.  On the clients 00000000;
that's obviously bad.  So the clients are not getting responses
to their queries.

Two usual problems:
-- Either the queries or the responses to the clients are not
   getting through the network; most commonly firewall issues;
   occasionally network problems like routing; check the latter
   by ping.  The former requires an investigation of the firewall
   setup
-- Bad ntp configuration on the server (refusing to accept queries)
   or on the clients (refusing to accept responses).  You
   unfortunately didn't shows us the ntp configuration on the two
   machines.  Most common problem is that the meaning of "restrict
   notrust" changed between older and newer versions of ntp.  If
   you are reading old guidlines, or have upgraded to the newer
   ntp and used the configuration files from the old one, that
   could be the problem.  Have a quick look at /etc/ntp.conf;
   if the word "notrust" appears on any "restrict" lines, try
   editing it out (saving a copy of the old configuration first).
   If you just copied an old configuration file over the new one
   after upgrading (and happened to save the original installed
   configuration, which I highly recommend), a good procedure would
   be to go back to the ntp.conf installed by the upgrade and edit
   your own server lines in (making changes as appropriate).  In
   any case, we would need to see the configuration files to
   comment further.


Götz Reinicke wrote:

Hi,

today I checked the time on some servers and found that they differ by a couple off minutes. Without teh ntpd running a "ntpdate gaugin" syncs the clock.
<...>

--
Götz Reinicke
IT Koordinator - IT OfficeNet

Tel. +49 (0) 7141 - 969 420
Fax  +49 (0) 7141 - 969 55 420
goetz.reinicke@xxxxxxxxxxxxxxx

Filmakademie Baden-Württemberg
Mathildenstr. 20
71638 Ludwigsburg
www.filmakademie.de


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux