Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

NTP configuration problem

Posted on 2002-06-06
21
Medium Priority
?
2,778 Views
Last Modified: 2008-03-17
Hello,

I am trying to configure NTP on RH Linux 7.2. My PC appears not to be synchronizing correctly.  

My /etc/ntp.conf is:
server clock.via.net
server ntp1.mainecoon.com
server ntp2.mainecoon.com
server ntp-cup.external.hp.com
server ntp.ucsd.edu
server ntp2.sf-bay.org
server time.berkeley.netdot.net
server timekeeper.isi.edu

driftfile /etc/ntp/drift

ps -aef|grep ntpd gives me:
ntp      20175     1  0 01:46 ?        00:00:00 ntpd -U ntp
root     20185 19947  0 01:49 pts/2    00:00:00 grep ntpd

Also   # ntpdate clock.via.net   gives me...

 7 Jun 01:51:55 ntpdate[20212]: the NTP socket is in use, exiting

But # ntpdate -d clock.via.net  gives me...

 7 Jun 01:52:00 ntpdate[20213]: ntpdate 4.1.0 Wed Sep  5 06:54:31 EDT 2001 (1)
transmit(209.81.9.7)
receive(209.81.9.7)
transmit(209.81.9.7)
receive(209.81.9.7)
transmit(209.81.9.7)
receive(209.81.9.7)
transmit(209.81.9.7)
receive(209.81.9.7)
transmit(209.81.9.7)
server 209.81.9.7, port 123
stratum 1, precision -28, leap 00, trust 000
refid [GPS], delay 0.19719, dispersion 0.00107
transmitted 4, in filter 4
reference time:    c0aa8f47.cfb01c92  Thu, Jun  6 2002 18:47:51.811
originate timestamp: c0aa909d.9639d5e4  Thu, Jun  6 2002 18:53:33.586
transmit timestamp:  c0aaf2b0.d90d8cb0  Fri, Jun  7 2002  1:52:00.847
filter delay:  0.19917  0.19719  0.19839  0.20483
         0.00000  0.00000  0.00000  0.00000
filter offset: -25107.3 -25107.3 -25107.3 -25107.3
         0.000000 0.000000 0.000000 0.000000
delay 0.19719, dispersion 0.00107
offset -25107.354945

 7 Jun 01:52:01 ntpdate[20213]: step time server 209.81.9.7 offset -25107.354945
 sec



How can I get my clock to sync up ok?

0
Comment
Question by:peyo
  • 10
  • 10
21 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7062009
is ntpd running? then the socket is in use, and the message is ok.
If ntpd is running, what's your prblem then?
0
 
LVL 1

Author Comment

by:peyo
ID: 7063623
ntpd is running, however the clock is not being synchronized.  In fact, the local clock is off by 6 hours and 58 minutes.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7063951
there is a limit for ntpd when it will not adjust the clock, AFAIK it's 1000 sec. You should see a corresponding message in the log files.
In this case you need to set your clock first with date and/or hwclock.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:peyo
ID: 7076304
My clock was set to nearby the correct time. However, it still appears that ntp is not synchronizing properly.

The NTP server is a known good one (other clients can successfully connect to it...).

Hopefully this output may help:
[root@linus rc3.d]# ntpq
ntpq> pe
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 10.0.23.1       0.0.0.0         16 u    -   64    0    0.000    0.000 4000.00
ntpq> as
ind assID status  conf reach auth condition  last_event cnt
===========================================================
  1 64196  8000   yes   yes  none    reject
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7076359
what is in your log files?
0
 
LVL 1

Author Comment

by:peyo
ID: 7076619
hello--which log files would you like?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7076621
/var/log/{messages,ntp}
0
 
LVL 1

Author Comment

by:peyo
ID: 7093577
Using a different ntp.conf here, I still am unable to successfully sync my time, it appears:

#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server  10.0.23.1       # local clock
fudge   10.0.23.1 stratum 10

#
# Drift file.  Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
multicastclient                 # listen on default 224.0.1.1
broadcastdelay  0.008

#
# Authentication delay.  If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on your machine.
#
authenticate no

#
# Keys file.  If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
#keys           /etc/ntp/keys


From my /var/log/messages:
Jun 13 11:16:57 linus ntpd: ntpd startup succeeded
Jun 13 11:16:57 linus ntpd[21743]: precision = 33 usec
Jun 13 11:16:57 linus ntpd[21743]: kernel time discipline status 0040
Jun 13 11:16:57 linus ntpd[21743]: 10.0.23.1 is inappropriate address for the fudge command, line ignored
Jun 13 11:16:57 linus ntpd[21743]: frequency initialized 0.000 from /etc/ntp/drift
Jun 13 11:16:57 linus ntpd[21743]: bind() fd 8, family 2, port 123, addr 224.0.1.1, in_classd=1 flags=0 fails: Address already in use
Jun 13 11:16:57 linus ntpd[21743]: ...multicast address 224.0.1.1 using wildcard socket

There is no /var/log/ntp
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7093942
> Jun 13 11:16:57 linus ntpd[21743]: 10.0.23.1 is inappropriate address for the fudge command, line ignored

Well, simply fix this, and it should work ;-)
0
 
LVL 1

Author Comment

by:peyo
ID: 7175650
I've commented out the fudge line and it still doesn't work.  

*sigh*
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7175812
please print result of:
awk '($1 !~ /^#/){print}' /etc/ntp.conf
0
 
LVL 1

Author Comment

by:peyo
ID: 7175906
Result:

server  10.0.23.1       # local clock

driftfile /etc/ntp/drift
multicastclient                 # listen on default 224.0.1.1
broadcastdelay  0.008

authenticate no

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7176607
do you have a multicast enabled kernel?
Do you know what the multicastclient really does?
I'd remove the multicastclient setting.

Can you reach the specified server?
what does ntpdate report now?
0
 
LVL 1

Author Comment

by:peyo
ID: 7177894
I don't think I have multicast enabled kernel..how would I find out?

Other PCs can sync to the server just fine.

ntpdate output:
[root@linus root]# ntpdate
25 Jul 10:03:50 ntpdate[28437]: no servers can be used, exiting

Note: I haven't seem to get ntpdate on Linux/SGIs systems to ever work.  So far, I've gotten only ntpq to report statistics back.
0
 
LVL 1

Author Comment

by:peyo
ID: 7177899
Out of curiosity, could I possibly have a firewall up that is blocking a port that NTP needs? If so, how can I determine whether a firewall is preventing connections?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7178436
ok, the ntpdate output is different now.
The firewall might be a problem, you need to allow port 123 UDP in both directions
0
 
LVL 1

Author Comment

by:peyo
ID: 7178719
i'm new to linux firewalls...how do i check to see how my firewall's ports are configured?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7179491
iptables -L -n && iptables -L -n -t nat

or

ipchains -L -n
0
 
LVL 1

Author Comment

by:peyo
ID: 7180570
Is this a good sign? If not, how would I go about fixing this?

Thanks so far.

# ipchains -L -n
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
ACCEPT     udp  ------  10.0.20.10           0.0.0.0/0             53 ->   1025:65535
ACCEPT     udp  ------  10.0.13.14           0.0.0.0/0             53 ->   1025:65535
ACCEPT     udp  ------  10.0.23.34           0.0.0.0/0             53 ->   1025:65535
ACCEPT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   80
ACCEPT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   22
ACCEPT     all  ------  0.0.0.0/0            0.0.0.0/0             n/a
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   0:1023
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   2049
REJECT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   0:1023
REJECT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   2049
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   6000:6009
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   7100
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 800 total points
ID: 7181165
> Is this a good sign?
Yes, it tells you that the firewall rejects port 123 udp ;-)

You either need to exclude this port from the rejected range 0.1023, or insert a accept rule for port 123 before.

ipchains -I input 1 -p udp -s YOUR-IP --dport 123 -j ACCEPT
ipchains -I input 1 -p udp -d YOUR-IP --dport 123 -j ACCEPT
0
 

Expert Comment

by:CleanupPing
ID: 9089017
peyo:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month7 days, 15 hours left to enroll

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question