Question

ntpd does not keep time sync with ntp server

Asked by: ashuji

Hi

I am trying to setup NTP to keep my servers time uptodate in sync with some global time server but ntp fails to keep the server time upto date.  

I have also read question thread http://www.experts-exchange.com/OS/Linux/Administration/Q_23271043.html and found that this issue was not resolved in that thread as well.

I do

ntpdate -u 0.pool.ntp.org

to update the servers current time and than starts ntp daemon

service ntpd start

now if i check after an hour finds that servers time is 1/2 hour behind the time server.

if do

ntpq -p

it returns :

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 ntp2.Housing.Be 128.32.206.54    2 u   23   64  377   37.694  168797. 92035.7
 mail.honeycomb. 204.246.77.77    3 u   20   64  377   32.837  199407. 118785.
 host66.205.237. 132.246.168.148  3 u   22   64  377   37.205  198493. 117393.
 beatnik.spiffie 67.128.71.65     3 u   25   64  377   35.524  104670. 59462.4
 splenda.rustyte 173.14.47.149    2 u   18   64  377   49.730  107459. 60938.8
 lime8.adamantsy 72.18.205.156    3 u   24   64  377   18.503  168752. 91608.7
 mighty.poclabs. 192.43.244.18    2 u   22   64  377   11.150  137867. 69636.6
*LOCAL(0)        .LOCL.          10 l   13   64  377    0.000    0.000   0.001

I am working on CentOS 5 (Final)
NTP package: ntp-4.2.2p1-9.el5.centos.2

Please suggest possible solution.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-10-08 at 13:02:12ID24797345
Tags

Linux - Cent OS 5

Topics

CentOS

,

Red Hat Linux

,

Linux Setup

Participating Experts
1
Points
0
Comments
26

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. VMware ESXi - NTP not Syncing
    Hi, I have a VMware ESXi V4 box and have set the NTP servers, but ESXi dosen't seem to sync?

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: fosiul01Posted on 2009-10-08 at 13:21:18ID: 25529661

what about your iptables ?? does it open for 123 udp port

"NTP servers communicate with one another using UDP with a destination port of 123. Unlike most UDP protocols, the source port isn't a high port (above 1023), but 123 also. You'll have to allow UDP traffic on source/destination port 123 between your server and the Stratum 1/2 server with which you are synchronizing."

do you see any error related to ntpd damon ??

i your ntp.conf file , comment out this line(disable like bellow)

#server 127.127.1.0     # local clock

its looks like your pc is trying to get time form the pc itself


always restart ntpd damon after any change

 

by: ashujiPosted on 2009-10-08 at 13:31:44ID: 25529754

IPTABLES is disabled on my server.  I have commented the below 2 entry for

#server 127.127.1.0
#fudge  127.127.1.0 stratum 10


ran ntpdate -u 0.pool.ntp.org
service ntpd restart

observing if it works fine now

 

by: ashujiPosted on 2009-10-08 at 13:41:09ID: 25529841

Test after 5 mins of restart ntpd:

Problem is still same:

tail /var/log/messages

Oct  8 16:28:12 server1 ntpd[547]: ntpd exiting on signal 15
Oct  8 16:28:12 server1 ntpd[4476]: ntpd 4.2.2p1@1.1570-o Tue May 19 13:58:05 UTC 2009 (1)
Oct  8 16:28:12 server1 ntpd[4477]: precision = 1.000 usec
Oct  8 16:28:12 server1 ntpd[4477]: Listening on interface wildcard, 0.0.0.0#123 Disabled
Oct  8 16:28:12 server1 ntpd[4477]: Listening on interface wildcard, ::#123 Disabled
Oct  8 16:28:12 server1 ntpd[4477]: Listening on interface lo, ::1#123 Enabled
Oct  8 16:28:12 server1 ntpd[4477]: Listening on interface eth1, fe80::20c:29ff:fe28:dabf#123 Enabled
Oct  8 16:28:12 server1 ntpd[4477]: Listening on interface lo, 127.0.0.1#123 Enabled
Oct  8 16:28:12 server1 ntpd[4477]: Listening on interface eth1, 10.13.0.241#123 Enabled
Oct  8 16:28:12 server1 ntpd[4477]: kernel time sync status 0040
Oct  8 16:28:13 server1 ntpd[4477]: frequency initialized 0.000 PPM from /var/lib/ntp/drift

[root@server1 ~]# ntpq -p
    remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
69.36.241.112   198.153.152.52   2 u   62   64   77   53.050  135065. 84103.4
alpha.sureproxy 209.51.161.238   2 u    2   64  177   31.767  64308.5 78879.0
phoenix.netserv 64.113.44.54     2 u    1   64  177   35.817  2777.28 124366.
framboise.hoopy 189.141.160.61   2 u   63   64   77   23.834  97091.3 62736.8

[root@server1 ~]# date
Thu Oct  8 16:34:43 EDT 2009


[root@server1 ~]# ntpdate -q 0.pool.ntp.org
server 69.56.251.238, stratum 2, offset 215.382147, delay 0.05571
server 64.22.86.210, stratum 2, offset 215.423780, delay 0.04845
server 67.222.149.177, stratum 3, offset 215.535682, delay 0.04462
server 149.20.54.21, stratum 2, offset 215.663269, delay 0.07198
server 169.229.70.183, stratum 3, offset 215.840622, delay 0.06856
8 Oct 16:35:23 ntpdate[5070]: step time server 64.22.86.210 offset 215.423780 sec


 

by: fosiul01Posted on 2009-10-08 at 13:44:13ID: 25529875

omm dont update forcefully with this command

ntpdate -u 0.pool.ntp.org


just restart the ntpd server, see how its goes

if pool.ntp.org is down there it will not be able to syncronized

 

by: ashujiPosted on 2009-10-08 at 13:57:51ID: 25530008

0.poo.ntp.org does not seems to be down as if I run

ntpdate 0.pool.ntp.org

I successfully udpates the system time.

I have just restart ntpd and it has not update time after restart, below are the log after or ntpd restart:

tail -f /var/log/messages
Oct  8 16:46:23 server1 ntpd[5897]: ntpd 4.2.2p1@1.1570-o Tue May 19 13:58:05 UTC 2009 (1)
Oct  8 16:46:23 server1 ntpd[5898]: precision = 1.000 usec
Oct  8 16:46:23 server1 ntpd[5898]: Listening on interface wildcard, 0.0.0.0#123 Disabled
Oct  8 16:46:23 server1 ntpd[5898]: Listening on interface wildcard, ::#123 Disabled
Oct  8 16:46:23 server1 ntpd[5898]: Listening on interface lo, ::1#123 Enabled
Oct  8 16:46:23 server1 ntpd[5898]: Listening on interface eth1, fe80::20c:29ff:fe28:dabf#123 Enabled
Oct  8 16:46:23 server1 ntpd[5898]: Listening on interface lo, 127.0.0.1#123 Enabled
Oct  8 16:46:23 server1 ntpd[5898]: Listening on interface eth1, 10.13.0.241#123 Enabled
Oct  8 16:46:23 server1 ntpd[5898]: kernel time sync status 0040
Oct  8 16:46:24 server1 ntpd[5898]: frequency initialized 0.000 PPM from /var/lib/ntp/drift



ntpq -p
    remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
ns1.your-site.c 206.246.118.250  2 u   58   64    3   25.999  526821. 33701.3
twik.stonekitty 198.153.152.52   2 u   58   64    3   56.791  494012. 32814.1
mighty.poclabs. 192.43.244.18    2 u   56   64    3   25.976  527637. 33190.2
kulish.com      128.138.188.172  2 u   56   64    3   64.763  494873. 32756.9


 

by: ashujiPosted on 2009-10-08 at 14:00:39ID: 25530032

here below is /etc/ntp.conf :

cat /etc/ntp.conf
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server pool.ntp.org


#server 169.229.70.64
#server 199.199.208.25
#server 205.237.100.66
#server 65.18.173.237
#server 75.144.70.35
#server 0.centos.pool.ntp.org
#server 1.centos.pool.ntp.org
#server 2.centos.pool.ntp.org


#broadcast 192.168.1.255 key 42         # broadcast server
#broadcastclient                        # broadcast client
#broadcast 224.0.1.1 key 42             # multicast server
#multicastclient 224.0.1.1              # multicast client
#manycastserver 239.255.254.254         # manycast server
#manycastclient 239.255.254.254 key 42  # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
#server 127.127.1.0     # local clock
#fudge  127.127.1.0 stratum 10

# Drift file.  Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8


 

by: fosiul01Posted on 2009-10-08 at 14:04:06ID: 25530065

you said, when you run this command

ntpdate 0.pool.ntp.org

then system time update properly

after executing this command
ntpdate 0.pool.ntp.org

whats the output of
ntpq -p

past the output here

also, can you just past the ntp.conf file here

 

by: fosiul01Posted on 2009-10-08 at 14:12:00ID: 25530141

sorry did not see your  ntp.conf before

thats looks allright to me..

sent the output for this comments:
after executing this command
ntpdate 0.pool.ntp.org

whats the output of
ntpq -p

also

instaed of Domain, will you be able to try syncronized by Ip address

so the ip address of 0.pool.ntp.org would be

89.250.138.90

 

by: ashujiPosted on 2009-10-08 at 14:12:46ID: 25530148

ntp.conf has been pasted above,

[root@server1 ~]# service ntpd stop
Shutting down ntpd:                                        [  OK  ]

[root@server1 ~]# ntpdate 0.pool.ntp.org
8 Oct 17:11:24 ntpdate[6790]: step time server 72.18.205.156 offset 814.871815 sec

[root@server1 ~]# ntpq -p
ntpq: read: Connection refused

[root@server1 ~]# service ntpd start
Starting ntpd:                                             [  OK  ]

[root@server1 ~]# ntpq -p
    remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
broadbandjam.ne .RMOT.          16 u    -   64    0    0.000    0.000   0.000
mighty.poclabs. .INIT.          16 u    -   64    0    0.000    0.000   0.031
dev1-c.nym009.i .INIT.          16 u    -   64    0    0.000    0.000   0.031


 

by: ashujiPosted on 2009-10-08 at 14:16:43ID: 25530184

Please ignore ntpq -p result in my last reply, that was the result when i used different time servers (of north america - 0.north-america.pool.ntp.org)

ntpq results with above given ntp.conf (0.pool.ntp.org) file is as below:

ntpq -p
    remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
outcry.puttynut 18.7.21.144      3 u    1   64    1   31.512  54959.5   0.001
ip-72-167-54-20 .INIT.          16 u    -   64    0    0.000    0.000   0.001
mighty.poclabs. .INIT.          16 u    -   64    0    0.000    0.000   0.001
67.222.149.177  .INIT.          16 u    -   64    0    0.000    0.000   0.001


 

by: fosiul01Posted on 2009-10-08 at 14:31:54ID: 25530333

omm this out put does not look good aswell

ntpq -p
    remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
outcry.puttynut 18.7.21.144      3 u    1   64    1   31.512  54959.5   0.001
ip-72-167-54-20 .INIT.          16 u    -   64    0    0.000    0.000   0.001
mighty.poclabs. .INIT.          16 u    -   64    0    0.000    0.000   0.001
67.222.149.177  .INIT.          16 u    -   64    0    0.000    0.000   0.001


there should be * for showing the active connection....

i am stuck now... you sure you dont have any other firewall on the network which is not allowing ntp request....

have  you tryed to update ntp packages ??

 

by: ashujiPosted on 2009-10-08 at 14:34:41ID: 25530359

I am using IPCOP as firewall, but IPTABLES is disabled on server.  Please let me know what changes are required on firewall ?

 

by: fosiul01Posted on 2009-10-08 at 14:41:46ID: 25530438

ommm i am using ipcop aswell in my office you can  make Ipcop as ntp server and then use internal server to to syncronized from ipcop


in ipcop there should be an option call , make this server for time server..


 

by: fosiul01Posted on 2009-10-08 at 14:47:27ID: 25530511

in ipcop
under Service->time server

set up those filed with time server address

then check mark for allow internal server to update time from this ipcop

this should work for ipcop and internal server will update time from ipcop

 

by: ashujiPosted on 2009-10-08 at 14:53:37ID: 25530582

OK

I have set IPCOP as time server:

First I stopped NTPD daemon.

than ran

ntpdate <IPCOP IP>

This update the server time.

Now removed all ntp servers from ntp.conf and added below line:

server <IPCOP IP>

service ntpd start

below is the result of ntpq -p after few minutes of restarting ntpd:

ntpq -p
    remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
10.13.0.1       LOCAL(0)        11 u    8   64    3    0.576  24317.4 22111.9


 

by: ashujiPosted on 2009-10-08 at 14:57:05ID: 25530613

My IPCOP was alrady configured as time server with options you suggested.

 

by: fosiul01Posted on 2009-10-08 at 15:01:25ID: 25530652

ommm

i dont know now!!!

try to update ntp package by yum see if this does make any change

is this only this pc, or other pc can update from ntp server??

 

by: ashujiPosted on 2009-10-08 at 15:02:31ID: 25530661

All systems in my network.

 

by: fosiul01Posted on 2009-10-08 at 15:09:51ID: 25530722

in that case there is something blocking ntp request .

what about IPcop, is this synchronizing from time server??

 

by: ashujiPosted on 2009-10-08 at 15:11:34ID: 25530736

Please suggest what need to be done in IPCOP firewall to allow communication with external time servers.

 

by: ashujiPosted on 2009-10-08 at 15:12:05ID: 25530748

Yes, time on IPCOP is uptodate.

 

by: fosiul01Posted on 2009-10-08 at 15:15:23ID: 25530773

so you saying, IPcop is not syncronized as well ?

i will have to check tomorrow, as i am not in office , here is 11.30 Pm

you can always create another question .. see you might get solution from other Experts  but mention them that you have ipcop firewall , other wise they go through all over this again without knowing the fact.

i will keep you update tomorrow when i will be in office, i cant remember those setting on top of my head

sorry for this

 

by: ashujiPosted on 2009-10-08 at 15:28:32ID: 25530877

I meant IPCOP is correctly syncing time with global time servers and TIME on IPCOP server is up to date.  But this server is not able to sync time with IPCOP.

 

by: ashujiPosted on 2009-10-09 at 14:27:54ID: 25539021

You know what was the issue.  I missed to tell you that this Linux was running over a VM created on VM Ware server.  For time to work well it needs el5vm kernel to be running.  Here is the exact solution.

http://www.derekschwab.com/category/virtualization


 

by: fosiul01Posted on 2009-10-14 at 01:26:25ID: 25568235

Thats Great you got your solution.

and sorry i could not able to help you any further

 

by: ashujiPosted on 2009-10-14 at 06:41:34ID: 25570321

Fosiul01

You helped a lot in investigating the setup and because of your help now I know how to completelty understand and troubleshoot NTP issues.

Thanks a ton.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...