Help ! Debian time drifting badly

We have debian running as a VMWARE machine.
Have installed NTP and NTPDATE  and started both
Using the Linux date command - the time is drifting badly - 15mins in an hour

The VMWARE-host is running Windows Server 64bit and is keeping perfect time

! Help !

Thanks dave
LVL 1
davesneilsonAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kyle_in_taiwanCommented:
It sounds like your NTP has been misconfigured somehow;  what it sounds like is happening is that it's misreading the time and pushing the clock to compensate for what it sees as an inaccurate clock.  What NTP does is gradually synchronize with web-based clocks (as opposed to simply resetting the time);  this is so that it can protect timer-senstive scripts from damage or undiscovered bugs.

One possibility is that you're using 12 hour time but with your AM and PM flags mis-configured.  Is the server using 24 hour or 12 hour time displays?  (i.e. -- does it say "14:30" or "2:30PM"?)

If your system clock is on AM when it should be on PM, then it could be that NTP is trying to gradually synchrnoize a 12 hour inaccuracy and thus your clocks are slowly moving through a drawn-out adjustment period.
0
davesneilsonAuthor Commented:
Thanks Kyle - it seems to be using 24 Hour  -

CONSOLE OUTPUT
Last login: Sun Oct 22 20:58:43 2006 from 192.168.0.103
spamshield:~# date
Mon Oct 23 05:56:04 NZDT 2006
spamshield:~#

NTP.CONF
# /etc/ntp.conf, configuration for ntpd

# ntpd will use syslog() if logfile is not defined
#logfile /var/log/ntpd

driftfile /var/lib/ntp/ntp.drift
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example


# pool.ntp.org maps to more than 100 low-stratum NTP servers.
# Your server will pick a different set every time it starts up.
#  *** Please consider joining the pool! ***
#  ***  <http://www.pool.ntp.org/#join>  ***
server pool.ntp.org
server ntp.massey.ac.nz
server ntp.public.otago.ac.nz
server tk1.ihug.co.nz
server ntp.iprolink.co.nz
server 192.168.0.100  #this is a windows based time server on the LAN

#server pool.ntp.org
## uncomment for extra reliability

# ... and use the local system clock as a reference if all else fails
# NOTE: in a local network, set the local stratum of *one* stable server
# to 10; otherwise your clocks will drift apart if you lose connectivity.
server 127.127.1.0
fudge 127.127.1.0 stratum 13

# By default, exchange time with everybody, but don't allow configuration.
# See /usr/share/doc/ntp-doc/html/accopt.html for details.
restrict default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1 nomodify

# Clients from this (example!) subnet have unlimited access,
# but only if cryptographically authenticated
#restrict 192.168.123.0  mask  255.255.255.0 notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet,
# de-comment the next lines. Please do this only if you trust everybody
# on the network!
#disable auth
#broadcastclient




0
davesneilsonAuthor Commented:
Kyle - if the follwing is executed, the time is set correctly for a little while...

spamshield:/etc# /etc/init.d/ntpdate  start
Running ntpdate to synchronize clock.
spamshield:/etc# date
Mon Oct 23 13:33:20 NZDT 2006   #### Kyle this is the correct time, but does not last long !
spamshield:/etc#


Thanks... Dave
0
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

kyle_in_taiwanCommented:
Have you checked the logs?  You should definitely check out /var/lib/ntp/ntp.drift.  

Type:

$ grep ntp /var/log/syslog

and show us what gets returned.

(If you'd prefer, you could uncommment the logfile in your configuration and restart ntp:  /var/log/ntpd)

0
davesneilsonAuthor Commented:
Hi Kyle - here they are -


/var/lib/ntp/ntp.drift.  = 0.00

$ grep ntp /var/log/syslog =

Oct 22 19:37:47 localhost ntpdate[18305]: step time server 64.34.193.47 offset 157232.003408 sec
Oct 22 19:39:22 localhost ntpdate[18310]: step time server 64.34.193.47 offset 45.278808 sec
Oct 22 19:40:16 localhost ntpd[17938]: sendto(80.74.64.1): Bad file descriptor
Oct 22 19:40:16 localhost ntpd[17938]: sendto(192.168.0.100): Bad file descriptor
Oct 22 19:42:46 localhost ntpd[18357]: ntpd 4.2.0a@1:4.2.0a+stable-2-r Fri Aug 26 10:30:12 UTC 2005 (1)
Oct 22 19:42:46 localhost ntpd[18357]: precision = 2.000 usec
Oct 22 19:42:46 localhost ntpd[18357]: Listening on interface wildcard, 0.0.0.0#123
Oct 22 19:42:46 localhost ntpd[18357]: Listening on interface wildcard, ::#123
Oct 22 19:42:46 localhost ntpd[18357]: Listening on interface lo, 127.0.0.1#123
Oct 22 19:42:46 localhost ntpd[18357]: Listening on interface eth0, 192.168.1.20#123
Oct 22 19:42:46 localhost ntpd[18357]: kernel time sync status 0040
Oct 22 19:42:46 localhost ntpd[18357]: frequency initialized 0.000 PPM from /var/lib/ntp/ntp.drift
Oct 22 19:43:15 localhost ntpd[18357]: ntpd exiting on signal 15
Oct 22 19:43:19 localhost ntpd[18368]: ntpd 4.2.0a@1:4.2.0a+stable-2-r Fri Aug 26 10:30:12 UTC 2005 (1)
Oct 22 19:43:19 localhost ntpd[18368]: precision = 3.000 usec
Oct 22 19:43:19 localhost ntpd[18368]: Listening on interface wildcard, 0.0.0.0#123
Oct 22 19:43:19 localhost ntpd[18368]: Listening on interface wildcard, ::#123
Oct 22 19:43:19 localhost ntpd[18368]: Listening on interface lo, 127.0.0.1#123
Oct 22 19:43:19 localhost ntpd[18368]: Listening on interface eth0, 192.168.1.20#123
Oct 22 19:43:19 localhost ntpd[18368]: kernel time sync status 0040
Oct 22 19:43:19 localhost ntpd[18368]: frequency initialized 0.000 PPM from /var/lib/ntp/ntp.drift
Oct 22 19:46:37 localhost ntpd[18368]: synchronized to LOCAL(0), stratum 13
Oct 22 19:46:37 localhost ntpd[18368]: kernel time sync disabled 0041
Oct 22 19:47:41 localhost ntpd[18368]: kernel time sync enabled 0001
Oct 22 19:57:21 localhost ntpd[17938]: sendto(80.74.64.1): Bad file descriptor
Oct 22 19:57:23 localhost ntpd[17938]: sendto(192.168.0.100): Bad file descriptor
Oct 22 20:18:50 localhost ntpdate[18458]: step time server 64.34.193.47 offset 1057.438487 sec
Oct 22 20:30:00 localhost ntpdate[18503]: step time server 192.245.169.15 offset 301.009886 sec
Oct 22 20:37:05 localhost ntpd[17938]: sendto(80.74.64.1): Bad file descriptor
Oct 22 20:37:06 localhost ntpd[17938]: sendto(192.168.0.100): Bad file descriptor
Oct 22 20:43:30 localhost ntpd[18368]: ntpd exiting on signal 15
Oct 22 20:57:02 localhost ntpd[2241]: ntpd 4.2.0a@1:4.2.0a+stable-2-r Fri Aug 26 10:30:12 UTC 2005 (1)
Oct 22 20:57:02 localhost ntpd[2241]: precision = 3.000 usec
Oct 22 20:57:02 localhost ntpd[2241]: Listening on interface wildcard, 0.0.0.0#123
Oct 22 20:57:02 localhost ntpd[2241]: Listening on interface wildcard, ::#123
Oct 22 20:57:02 localhost ntpd[2241]: Listening on interface lo, 127.0.0.1#123
Oct 22 20:57:02 localhost ntpd[2241]: Listening on interface eth0, 192.168.1.20#123
Oct 22 20:57:02 localhost ntpd[2241]: kernel time sync status 0040
Oct 22 20:57:02 localhost ntpd[2241]: frequency initialized 0.000 PPM from /var/lib/ntp/ntp.drift
Oct 22 21:00:23 localhost ntpd[2241]: synchronized to LOCAL(0), stratum 13
Oct 22 21:00:23 localhost ntpd[2241]: kernel time sync disabled 0041
Oct 22 21:01:28 localhost ntpd[2241]: kernel time sync enabled 0001
Oct 23 13:33:18 localhost ntpdate[4680]: step time server 80.121.153.134 offset 27142.614603 sec
Oct 23 15:03:06 localhost ntpd[2241]: ntpd exiting on signal 15
Oct 23 16:21:03 localhost ntpd[2248]: ntpd 4.2.0a@1:4.2.0a+stable-2-r Fri Aug 26 10:30:12 UTC 2005 (1)
Oct 23 16:21:03 localhost ntpd[2248]: precision = 2.000 usec
Oct 23 16:21:03 localhost ntpd[2248]: Listening on interface wildcard, 0.0.0.0#123
Oct 23 16:21:03 localhost ntpd[2248]: Listening on interface wildcard, ::#123
Oct 23 16:21:03 localhost ntpd[2248]: Listening on interface lo, 127.0.0.1#123
Oct 23 16:21:03 localhost ntpd[2248]: Listening on interface eth0, 192.168.1.20#123
Oct 23 16:21:03 localhost ntpd[2248]: kernel time sync status 0040
Oct 23 16:21:03 localhost ntpd[2248]: frequency initialized 0.000 PPM from /var/lib/ntp/ntp.drift
Oct 23 16:24:21 localhost ntpd[2248]: synchronized to LOCAL(0), stratum 13
Oct 23 16:24:21 localhost ntpd[2248]: kernel time sync disabled 0041
Oct 23 16:25:25 localhost ntpd[2248]: kernel time sync enabled 0001
spamshield:~#



0
kyle_in_taiwanCommented:
This is what mine looks like:

Oct 22 11:38:58 localhost ntpd[4943]: synchronized to 80.51.167.97, stratum 2
Oct 22 12:21:00 localhost ntpd[4943]: synchronized to 192.245.169.15, stratum 1
Oct 22 12:37:22 localhost ntpd[4943]: time reset -0.205040 s
Oct 22 12:37:52 localhost ntpd[4943]: synchronized to 80.51.167.97, stratum 2
Oct 22 12:44:16 localhost ntpd[4943]: synchronized to 192.245.169.15, stratum 1
Oct 22 20:16:08 localhost ntpd[4943]: time reset -0.150098 s
Oct 22 20:16:37 localhost ntpd[4943]: synchronized to 80.51.167.97, stratum 2
Oct 22 20:20:05 localhost ntpd[4943]: synchronized to 192.245.169.15, stratum 1
Oct 23 03:31:51 localhost ntpd[4943]: time reset +0.182851 s
Oct 23 03:32:16 localhost ntpd[4943]: synchronized to 216.46.5.9, stratum 3
Oct 23 03:35:46 localhost ntpd[4943]: synchronized to 192.245.169.15, stratum 1
Oct 23 09:34:25 localhost ntpd[4943]: time reset +0.209665 s
Oct 23 09:34:43 localhost ntpd[4943]: synchronized to 192.245.169.15, stratum 1
Oct 23 13:48:45 localhost ntpd[4943]: ntpd exiting on signal 15
Oct 23 13:48:47 localhost ntpd[5016]: ntpd 4.2.2p3@1.1577-o Sat Oct 14 00:25:57 UTC 2006 (1)
Oct 23 13:48:47 localhost ntpd[5017]: precision = 1.000 usec
Oct 23 13:48:47 localhost ntpd[5017]: Listening on interface wildcard, 0.0.0.0#123 Disabled
Oct 23 13:48:47 localhost ntpd[5017]: Listening on interface wildcard, ::#123 Disabled
Oct 23 13:48:47 localhost ntpd[5017]: Listening on interface lo, ::1#123 Enabled
Oct 23 13:48:47 localhost ntpd[5017]: Listening on interface eth0, [IPv6 to local machine]#123 Enabled
Oct 23 13:48:47 localhost ntpd[5017]: Listening on interface lo, 127.0.0.1#123 Enabled
Oct 23 13:48:47 localhost ntpd[5017]: Listening on interface eth0, [IPv4 to local machine]#123 Enabled
Oct 23 13:48:47 localhost ntpd[5017]: kernel time sync status 0040
Oct 23 13:48:48 localhost ntpd[5017]: frequency initialized -210.853 PPM from /var/lib/ntp/ntp.drift


It appears that this line:
Oct 22 20:57:02 localhost ntpd[2241]: ntpd 4.2.0a@1:4.2.0a+stable-2-r Fri Aug 26 10:30:12 UTC 2005 (1)

Signifies when the software was installed (i did a major upgrade last weekend).  But i might be wrong about that.


These look like the money, though:

step time server 64.34.193.47 offset 157232.003408 sec
step time server 64.34.193.47 offset 1057.438487 sec
step time server 80.121.153.134 offset 27142.614603 sec

It looks like the servers are returning big offsets with your local clock, and ntp is trying to compensate for them.

What does your ntp.conf file look like?



0
kyle_in_taiwanCommented:
Also, i'd suggest you look at this page (it should be in the same place on your machine):

file:////usr/share/doc/ntp-doc/html/debug.html

It suggests typing:

$ nptq -n

which then goes to:

ntpq>

and you should then enter "pe" to see a table that describes the ntp hosts you're contacting, and the time information they're returning.  Mine looks like this:

ntpq> pe
     remote             refid                   st t when poll reach   delay   offset     jitter
==============================================================================
+64.34.193.47      67.19.103.173    3 u    54  128  377  402.490  -16.795 111.955
-80.121.153.135  194.42.48.120     3 u  104  128  337  713.352   87.413   54.424
+64.235.105.7     198.82.1.201       3 u  108  128  333  438.954  -10.233 117.768
*208.201.242.2   69.25.96.11         2 u    44  128  177  419.209   19.454  101.433
0
davesneilsonAuthor Commented:
NTP.CONF
# /etc/ntp.conf, configuration for ntpd

# ntpd will use syslog() if logfile is not defined
#logfile /var/log/ntpd

driftfile /var/lib/ntp/ntp.drift
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example


# pool.ntp.org maps to more than 100 low-stratum NTP servers.
# Your server will pick a different set every time it starts up.
#  *** Please consider joining the pool! ***
#  ***  <http://www.pool.ntp.org/#join>  ***
server pool.ntp.org
server ntp.massey.ac.nz
server ntp.public.otago.ac.nz
server tk1.ihug.co.nz
server ntp.iprolink.co.nz
server 192.168.0.100  #this is a windows based time server on the LAN

#server pool.ntp.org
## uncomment for extra reliability

# ... and use the local system clock as a reference if all else fails
# NOTE: in a local network, set the local stratum of *one* stable server
# to 10; otherwise your clocks will drift apart if you lose connectivity.
server 127.127.1.0
fudge 127.127.1.0 stratum 13

# By default, exchange time with everybody, but don't allow configuration.
# See /usr/share/doc/ntp-doc/html/accopt.html for details.
restrict default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1 nomodify

# Clients from this (example!) subnet have unlimited access,
# but only if cryptographically authenticated
#restrict 192.168.123.0  mask  255.255.255.0 notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet,
# de-comment the next lines. Please do this only if you trust everybody
# on the network!
#disable auth
#broadcastclient

0
kyle_in_taiwanCommented:
My immediate suspicion is that your ntp client isn't able to contact external hosts, probably because of something that's happening in the firewall.  I noticed these lines:

Oct 22 19:40:16 localhost ntpd[17938]: sendto(80.74.64.1): Bad file descriptor
Oct 22 19:40:16 localhost ntpd[17938]: sendto(192.168.0.100): Bad file descriptor

are repeated at every re-start, and also this:

Oct 22 20:57:02 localhost ntpd[2241]: frequency initialized 0.000 PPM from /var/lib/ntp/ntp.drift
Oct 22 21:00:23 localhost ntpd[2241]: synchronized to LOCAL(0), stratum 13

The "frequency" comment means that your CPU drift hasn't yet been properly measured, so the ntp client doesn't know how to compensate for cpu time drift.  The "sync'ed to LOCAL" looks like your client can't contact any external hosts;  "stratum 13" indicates that your clock is being set to a very unreliable source (hosts that have access to atomic or radio clocks, for instance, are classified as "stratum 1";  it's suggested that no-one use anything lower than a stratum 2).  These are indicative of circumstances where your client cannot connect to an external host, and so it looks around for one on the local network (or even itself).  One workaround for this is to make sure that the client-queries are always configured with the "iburst" tag.  Seeing that you're using sarge -- which is an old distribution -- it may be that you need to configure something like that by hand.
0
kyle_in_taiwanCommented:
Cross-posted there.
0
kyle_in_taiwanCommented:
My ntp.conf (from Debian Etch):

# /etc/ntp.conf, configuration for ntpd

driftfile /var/lib/ntp/ntp.drift
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example

# pool.ntp.org maps to more than 300 low-stratum NTP servers.
# Your server will pick a different set every time it starts up.
#  *** Please consider joining the pool! ***
#  *** <http://www.pool.ntp.org/join.html> ***
server 0.debian.pool.ntp.org iburst
server 1.debian.pool.ntp.org iburst
server 2.debian.pool.ntp.org iburst
server 3.debian.pool.ntp.org iburst

# By default, exchange time with everybody, but don't allow configuration.
# See /usr/share/doc/ntp-doc/html/accopt.html for details.
restrict default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1 nomodify

# Clients from this (example!) subnet have unlimited access,
# but only if cryptographically authenticated
#restrict 192.168.123.0  mask  255.255.255.0 notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet,
# de-comment the next lines. Please do this only if you trust everybody
# on the network!
#disable auth
#broadcastclient


Notice the "iburst" flags at the end of the server declarations;    this SuSE page points out that this can cause problems:

"The solution is to make NTP more persistent when probing the remote time server. This is done by appending the flags burst and iburst to the remote server; burst tells NTP to send a burst of eight packets to the remote server instead of one when the server is reachable, and iburst tells it to do the same when the server is not reachable. The result is faster and more reliable synchronizations."
(http://www.novell.com/coolsolutions/feature/15345.html)

I'm not sure if that's got any relevance to your current problem, but from what i can tell the main problem is that your client isn't successfully contacting the external servers, and after looking at our config files that -- and the particulars of your server choices -- seem to be the only differences.

Unfortunately, i have no experience whatsoever with Windows time servers, so i am utterly unqualified for any speculation about those possibilities.
0
davesneilsonAuthor Commented:
Thanks Kyle - will try iburst  - appreciate the help :)
0
davesneilsonAuthor Commented:
Have set to your servers - no difference, like you say not contacting the servers, perhaps the debian box (is that a VOX when its virtual :)   )    has outbound firewall rules ??  (its not our firewall)
0
davesneilsonAuthor Commented:
Erm..... have just found that udp 123 needs to be opened to the box - cough cough...    I guess this will fix it  :(
0
kyle_in_taiwanCommented:
;-)  Good on ya.  

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
davesneilsonAuthor Commented:
Thanks for all the help - the points are yours
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.