james edwards wrote: > On 8/12/06, *Philip Prindeville* <philipp_subx@xxxxxxxxxxxxxxxxxxxxx > <mailto:philipp_subx@xxxxxxxxxxxxxxxxxxxxx>> wrote: > > > Ok, well, so I can be sure that it's the broken build and not my > config, > what > should the config look like ideally? > > -Philip > > > > If the router that is offering multicast NTP time service has an IP of > 10.1.2.3 <http://10.1.2.3> > this would be the minimum config for a client. You may have to define > the source > interface for NTP on a Cisco router: > > multicastclient > restrict default ignore > restrict 224.0.1.1 <http://224.0.1.1> > restrict 10.1.2.3 <http://10.1.2.3> > server 127.127.1.0 <http://127.127.1.0> # local clock (LCL) > fudge 127.127.1.0 <http://127.127.1.0> stratum 10 # LCL is > unsynchdronized > driftfile /etc/ntp/drift > > > I think it is easier to debug this by commenting out all "restrict" > lines and seeing if it works. > If it does, your problems are with the ACL's. If it does not work the > problem is elsewhere. > > The lines for "server 127.127.1.0 <http://127.127.1.0>" and "fudge > 127.127.1.0 <http://127.127.1.0> stratum 10" allow NTP to take its > time from localhost, if outside sources cannot be queried. > /etc/ntp/ needs to be writable by user ntp. In RH's ntpd, ntpd drops > to user ntp after it starts. I find this file is often owned by root > in RH, so you will never get a drift file written and long term time > keeping will not be that good. > > NTPd requites 4 separate sources for time so its "false ticker" > algorithms will operate, allowing one source to go bad. 3 sources are > required to offer long term accurate time. > I tried pretty much this configuration, but something weird happened. It "discovered" the existence of the NTP server from the multicast packets, but ends up unicasting to the server (which defeats the purpose of having multicast set up): tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 512 bytes 08:27:35.875574 IP (tos 0x10, ttl 64, id 4480, offset 0, flags [DF], proto 17, length: 76) 192.168.1.5.ntp > 192.168.1.1.ntp: NTPv3, length 48 Client, Leap indicator: (0), Stratum 3, poll 7s, precision -20 Root Delay: 0.127807, Root dispersion: 0.016067, Reference-ID: 192.168.1.1 Reference Timestamp: 3364727190.756054997 (2006/08/16 08:26:30) Originator Timestamp: 3364727194.896906495 (2006/08/16 08:26:34) Receive Timestamp: 3364727194.897505998 (2006/08/16 08:26:34) Transmit Timestamp: 3364727255.875508010 (2006/08/16 08:27:35) Originator - Receive Timestamp: +0.000599513 Originator - Transmit Timestamp: +60.978601515 08:27:35.876638 IP (tos 0xc0, ttl 255, id 0, offset 0, flags [none], proto 17, length: 76) 192.168.1.1.ntp > 192.168.1.5.ntp: NTPv3, length 48 Server, Leap indicator: (0), Stratum 2, poll 7s, precision -16 Root Delay: 0.126724, Root dispersion: 0.005096, Reference-ID: 192.5.41.40 Reference Timestamp: 3364726610.185859486 (2006/08/16 08:16:50) Originator Timestamp: 3364727255.875508010 (2006/08/16 08:27:35) Receive Timestamp: 3364727255.876114249 (2006/08/16 08:27:35) Transmit Timestamp: 3364727255.876136243 (2006/08/16 08:27:35) Originator - Receive Timestamp: +0.000606221 Originator - Transmit Timestamp: +0.000628215 08:27:38.879714 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto 17, length: 76) 192.168.1.1.ntp > 224.0.1.1.ntp: NTPv3, length 48 Broadcast, Leap indicator: (0), Stratum 2, poll 6s, precision -16 Root Delay: 0.126724, Root dispersion: 0.005096, Reference-ID: 192.5.41.40 Reference Timestamp: 3364726610.185859486 (2006/08/16 08:16:50) Originator Timestamp: 0.000000000 Receive Timestamp: 0.000000000 Transmit Timestamp: 3364727258.879131138 (2006/08/16 08:27:38) Originator - Receive Timestamp: 0.000000000 Originator - Transmit Timestamp: 3364727258.879131138 (2006/08/16 08:27:38) 08:28:38.992387 IP (tos 0x10, ttl 64, id 4481, offset 0, flags [DF], proto 17, length: 76) 192.168.1.5.ntp > 192.168.1.1.ntp: NTPv3, length 48 Client, Leap indicator: (0), Stratum 3, poll 7s, precision -20 Root Delay: 0.127807, Root dispersion: 0.017013, Reference-ID: 192.168.1.1 Reference Timestamp: 3364727190.756054997 (2006/08/16 08:26:30) Originator Timestamp: 3364727258.879131138 (2006/08/16 08:27:38) Receive Timestamp: 3364727258.879773974 (2006/08/16 08:27:38) Transmit Timestamp: 3364727318.992358028 (2006/08/16 08:28:38) Originator - Receive Timestamp: +0.000642845 Originator - Transmit Timestamp: +60.113226845 08:28:38.993495 IP (tos 0xc0, ttl 255, id 0, offset 0, flags [none], proto 17, length: 76) 192.168.1.1.ntp > 192.168.1.5.ntp: NTPv3, length 48 Server, Leap indicator: (0), Stratum 2, poll 7s, precision -16 Root Delay: 0.126724, Root dispersion: 0.005096, Reference-ID: 192.5.41.40 Reference Timestamp: 3364726610.185859486 (2006/08/16 08:16:50) Originator Timestamp: 3364727318.992358028 (2006/08/16 08:28:38) Receive Timestamp: 3364727318.992972850 (2006/08/16 08:28:38) Transmit Timestamp: 3364727318.992994844 (2006/08/16 08:28:38) Originator - Receive Timestamp: +0.000614880 Originator - Transmit Timestamp: +0.000636874 08:28:42.861957 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [none], proto 17, length: 76) 192.168.1.1.ntp > 224.0.1.1.ntp: NTPv3, length 48 Broadcast, Leap indicator: (0), Stratum 2, poll 6s, precision -16 Root Delay: 0.126724, Root dispersion: 0.005096, Reference-ID: 192.5.41.40 Reference Timestamp: 3364726610.185859486 (2006/08/16 08:16:50) Originator Timestamp: 0.000000000 Receive Timestamp: 0.000000000 Transmit Timestamp: 3364727322.861383795 (2006/08/16 08:28:42) Originator - Receive Timestamp: 0.000000000 Originator - Transmit Timestamp: 3364727322.861383795 (2006/08/16 08:28:42) 08:29:44.113365 IP (tos 0x10, ttl 64, id 4482, offset 0, flags [DF], proto 17, length: 76) 192.168.1.5.ntp > 192.168.1.1.ntp: NTPv3, length 48 Client, Leap indicator: (0), Stratum 3, poll 7s, precision -20 Root Delay: 0.127807, Root dispersion: 0.017990, Reference-ID: 192.168.1.1 Reference Timestamp: 3364727190.756054997 (2006/08/16 08:26:30) Originator Timestamp: 3364727322.861383795 (2006/08/16 08:28:42) Receive Timestamp: 3364727322.862003028 (2006/08/16 08:28:42) Transmit Timestamp: 3364727384.113337002 (2006/08/16 08:29:44) Originator - Receive Timestamp: +0.000619185 Originator - Transmit Timestamp: +61.251953184 08:29:44.114458 IP (tos 0xc0, ttl 255, id 0, offset 0, flags [none], proto 17, length: 76) 192.168.1.1.ntp > 192.168.1.5.ntp: NTPv3, length 48 Server, Leap indicator: (0), Stratum 2, poll 7s, precision -16 Root Delay: 0.126724, Root dispersion: 0.005096, Reference-ID: 192.5.41.40 Reference Timestamp: 3364726610.185859486 (2006/08/16 08:16:50) Originator Timestamp: 3364727384.113337002 (2006/08/16 08:29:44) Receive Timestamp: 3364727384.113937661 (2006/08/16 08:29:44) Transmit Timestamp: 3364727384.113959655 (2006/08/16 08:29:44) Originator - Receive Timestamp: +0.000600661 Originator - Transmit Timestamp: +0.000622655 08:29:46.844234 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [none], proto 17, length: 76) 192.168.1.1.ntp > 224.0.1.1.ntp: NTPv3, length 48 Broadcast, Leap indicator: (0), Stratum 2, poll 6s, precision -16 Root Delay: 0.126724, Root dispersion: 0.005096, Reference-ID: 192.5.41.40 Reference Timestamp: 3364726610.185859486 (2006/08/16 08:16:50) Originator Timestamp: 0.000000000 Receive Timestamp: 0.000000000 Transmit Timestamp: 3364727386.843656480 (2006/08/16 08:29:46) Originator - Receive Timestamp: 0.000000000 Originator - Transmit Timestamp: 3364727386.843656480 (2006/08/16 08:29:46) ... And the config looks like (minus comments): restrict default nomodify notrap noquery restrict 127.0.0.1 multicastclient # listen on default 224.0.1.1 restrict 224.0.1.1 mask 255.255.255.255 nomodify notrap restrict 192.168.1.1 mask 255.255.255.255 nomodify notrap server 127.127.1.0 fudge 127.127.1.0 stratum 10 driftfile /var/lib/ntp/drift broadcastdelay 0.008 keys /etc/ntp/keys > > james > >