Mark
asked on
how to use ntpd
On my Linux host, I'm trying to replace the allegedly sunsetting netdate with the new and approved ntpd. I'm not having much luck. I've tried `ntpd -q` and `nptd -q -g -x`, and with plenty of -d debug arguments, but no go. My /etc/ntpd.conf file is basically the as-shipped default which is *supposed* to work as-is:
When I run the ntpd command as shown above I get:
This is pretty much Greek to me. What address is already in use? Where is it getting this "wildcard address 0.0.0.0"? What "other process" is it talking about?
HELP!
# Associate to public NTP pool servers; see http://www.pool.ntp.org/
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
# Only allow read-only access from localhost
restrict default noquery nopeer noserve
restrict 127.0.0.1
restrict ::1
# Location of drift file
driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp.log
When I run the ntpd command as shown above I get:
$ ntpd -q -d -d -d
ntpd 4.2.6p5@1.2349-o Fri Aug 2 04:48:49 UTC 2013 (1)
21 Sep 04:27:38 ntpd[896]: set_process_priority: Leave priority alone: priority_done is <2>
21 Sep 04:27:38 ntpd[896]: proto: precision = 1.000 usec
loop_config: item 1 freq 0.000000
event at 0 0.0.0.0 c01d 0d kern kernel time sync enabled
Finished Parsing!!
create_sockets(123)
21 Sep 04:27:38 ntpd[896]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
21 Sep 04:27:38 ntpd[896]: bind(16) AF_INET 0.0.0.0#123 flags 0x89 failed: Address already in use
21 Sep 04:27:38 ntpd[896]: unable to bind to wildcard address 0.0.0.0 - another process may be running - EXITING
This is pretty much Greek to me. What address is already in use? Where is it getting this "wildcard address 0.0.0.0"? What "other process" is it talking about?
HELP!
What host do you have? I wonder if it's not already using NTP but not the way you're thinking.
ASKER
I am running Arch Linux and am new to that distro. You are right. When I do ps ax I get:
220 ? Ss 0:00 /usr/bin/ntpd -g -u ntp:ntp
So, I searched and found /etc/system/multi-user.tar get.wants/ ntpd.servi ce. I removed that, rebooted and tried my command `ntpd -q -g -x -d`. I get:
This seems to repeat forever (it has been running 1/2 hour as of this posing). I don't get this as the -q switch is supposed to "Set the time and quit". Also, the time never appears to get set.
The hardware clock always is set to zero upon boot. You will notice the time in the command prompt is 19:15:31. That is because I am set to EST timezone and this would be 00:15:31 GMT. In fact, the actual time should have been set to 9:59AM EST -- and oh yeah, it's not Dec 31st! ntp seems to have no effect on setting time.
Any ideas? I'm thinking of going back to netdate - that was a snap to figure out!
220 ? Ss 0:00 /usr/bin/ntpd -g -u ntp:ntp
So, I searched and found /etc/system/multi-user.tar
1 19:15:31 root@archlinux:~
> ntpd -q -g -x -d
ntpd 4.2.6p5@1.2349-o Fri Aug 2 04:48:49 UTC 2013 (1)
31 Dec 19:01:39 ntpd[229]: proto: precision = 1.000 usec
event at 0 0.0.0.0 c01d 0d kern kernel time sync enabled
Finished Parsing!!
31 Dec 19:01:39 ntpd[229]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
31 Dec 19:01:39 ntpd[229]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
31 Dec 19:01:39 ntpd[229]: Listen normally on 1 lo 127.0.0.1 UDP 123
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:01:39 ntpd[229]: Listen normally on 2 eth0 192.168.0.103 UDP 123
restrict: op 1 addr 192.168.0.103 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:01:39 ntpd[229]: peers refreshed
31 Dec 19:01:39 ntpd[229]: Listening on routing socket on fd #19 for interface updates
restrict: op 1 addr 0.0.0.0 mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr :: mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00000000 flags 00000000
31 Dec 19:01:39 ntpd[229]: restrict: error in address '::1' on line 17. Ignoring...
key_expire: at 0 associd 17802
peer_clear: at 0 next 1 associd 17802 refid INIT
event at 0 178.63.9.212 8011 81 mobilize assoc 17802
newpeer: 192.168.0.103->178.63.9.212 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 17803
peer_clear: at 0 next 2 associd 17803 refid INIT
event at 0 192.155.88.169 8011 81 mobilize assoc 17803
newpeer: 192.168.0.103->192.155.88.169 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 17804
peer_clear: at 0 next 3 associd 17804 refid INIT
event at 0 206.212.242.132 8011 81 mobilize assoc 17804
newpeer: 192.168.0.103->206.212.242.132 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
event at 0 0.0.0.0 c016 06 restart
event at 0 0.0.0.0 c012 02 freq_set ntpd -33.262 PPM
transmit: at 1 192.168.0.103->178.63.9.212 mode 3 len 48
auth_agekeys: at 1 keys 1 expired 0
transmit: at 2 192.168.0.103->192.155.88.169 mode 3 len 48
transmit: at 3 192.168.0.103->206.212.242.132 mode 3 len 48
transmit: at 66 192.168.0.103->192.155.88.169 mode 3 len 48
transmit: at 66 192.168.0.103->178.63.9.212 mode 3 len 48
transmit: at 70 192.168.0.103->206.212.242.132 mode 3 len 48
transmit: at 130 192.168.0.103->178.63.9.212 mode 3 len 48
transmit: at 131 192.168.0.103->192.155.88.169 mode 3 len 48
This seems to repeat forever (it has been running 1/2 hour as of this posing). I don't get this as the -q switch is supposed to "Set the time and quit". Also, the time never appears to get set.
The hardware clock always is set to zero upon boot. You will notice the time in the command prompt is 19:15:31. That is because I am set to EST timezone and this would be 00:15:31 GMT. In fact, the actual time should have been set to 9:59AM EST -- and oh yeah, it's not Dec 31st! ntp seems to have no effect on setting time.
Any ideas? I'm thinking of going back to netdate - that was a snap to figure out!
Most time services won't resync if the hardware clock is too far off. And I don't see that you are getting a response from the time servers either. Your firewall needs to allow UDP port 123.
And I'm not sure your command line is right. Here's the page for archlinux: https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon
And I'm not sure your command line is right. Here's the page for archlinux: https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon
ASKER
> Most time services won't resync if the hardware clock is too far off.
That what the -g switch is supposed to handle.
Actually, I took my ntp.conf setup from that exact page. And, except for adding the logfile directive, it is the as-shipped ntp.conf file.
-q means set time and quit, but it never quits
I can ping the ntp servers. 0.pool.ntp.org is 174.36.223.159
How would I check for UDP 123? The firewall does not block that port. telneting doesn't work:
Here's my latest attempt
Any other ideas?
That what the -g switch is supposed to handle.
Actually, I took my ntp.conf setup from that exact page. And, except for adding the logfile directive, it is the as-shipped ntp.conf file.
-q means set time and quit, but it never quits
I can ping the ntp servers. 0.pool.ntp.org is 174.36.223.159
How would I check for UDP 123? The firewall does not block that port. telneting doesn't work:
telnet 0.pool.ntp.org 123
Trying 209.177.158.233...
Connection failed: Connection refused
Trying 72.8.140.222...
Connection failed: Connection refused
Trying 50.23.135.154...
Connection failed: Connection refused
Trying 54.236.224.171...
Here's my latest attempt
1 19:02:50 root@archlinux:~
> ntpd -q -g -d
ntpd 4.2.6p5@1.2349-o Fri Aug 2 04:48:49 UTC 2013 (1)
31 Dec 19:02:57 ntpd[248]: proto: precision = 1.000 usec
event at 0 0.0.0.0 c01d 0d kern kernel time sync enabled
Finished Parsing!!
31 Dec 19:02:57 ntpd[248]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
31 Dec 19:02:57 ntpd[248]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
31 Dec 19:02:57 ntpd[248]: Listen normally on 1 lo 127.0.0.1 UDP 123
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:02:57 ntpd[248]: Listen normally on 2 eth0 192.168.0.103 UDP 123
restrict: op 1 addr 192.168.0.103 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:02:57 ntpd[248]: peers refreshed
31 Dec 19:02:57 ntpd[248]: Listening on routing socket on fd #19 for interface updates
restrict: op 1 addr 0.0.0.0 mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr :: mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00000000 flags 00000000
31 Dec 19:02:57 ntpd[248]: restrict: error in address '::1' on line 17. Ignoring...
key_expire: at 0 associd 26761
peer_clear: at 0 next 1 associd 26761 refid INIT
event at 0 198.55.111.5 8011 81 mobilize assoc 26761
newpeer: 192.168.0.103->198.55.111.5 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 26762
peer_clear: at 0 next 2 associd 26762 refid INIT
event at 0 198.60.22.240 8011 81 mobilize assoc 26762
newpeer: 192.168.0.103->198.60.22.240 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 26763
peer_clear: at 0 next 3 associd 26763 refid INIT
event at 0 198.58.100.237 8011 81 mobilize assoc 26763
newpeer: 192.168.0.103->198.58.100.237 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
event at 0 0.0.0.0 c016 06 restart
event at 0 0.0.0.0 c012 02 freq_set kernel -33.262 PPM
transmit: at 1 192.168.0.103->198.55.111.5 mode 3 len 48
auth_agekeys: at 1 keys 1 expired 0
transmit: at 2 192.168.0.103->198.60.22.240 mode 3 len 48
transmit: at 3 192.168.0.103->198.58.100.237 mode 3 len 48
transmit: at 67 192.168.0.103->198.60.22.240 mode 3 len 48
transmit: at 67 192.168.0.103->198.58.100.237 mode 3 len 48
transmit: at 68 192.168.0.103->198.55.111.5 mode 3 len 48
Any other ideas?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Addendum: With
(Commands tested on SLES 11.2)
netstat -t -u -l -p
you'll get a list of all port assignments from processes. Use
netstat -t -u -l -p | grep "ntp"
for a list of all assignments related to the NTP port. If there's a process listed that's NOT ntpd, you probably have found the culprit.(Commands tested on SLES 11.2)
ASKER
DaveBaldwin: > I don't know why you keep putting '-d' on the command line.
My archlinux system's man page does have -d:
-d, --debug-level
Increase output debug message level. This option may appear an unlimited number of times.
frankhelk: before I could try your suggestions I threw in the towel. The system came pre-configured with ntpd and I thought I had disabled that (I stopped getting port conflict message), but being new to Arch I may not have done it right. My solution was to scratch install Arch and just "let it be" with the ntpd setup that came out of the box.
I will definitely be replacing my netdate with ntp on my numerous Slackware hosts, so perhaps your advice will help then.
My archlinux system's man page does have -d:
-d, --debug-level
Increase output debug message level. This option may appear an unlimited number of times.
frankhelk: before I could try your suggestions I threw in the towel. The system came pre-configured with ntpd and I thought I had disabled that (I stopped getting port conflict message), but being new to Arch I may not have done it right. My solution was to scratch install Arch and just "let it be" with the ntpd setup that came out of the box.
I will definitely be replacing my netdate with ntp on my numerous Slackware hosts, so perhaps your advice will help then.
ASKER
Thanks for helping!
My Slackware 10.2 seems to already use 'ntpd' also.
ASKER
Really? I've got about seven slackware 13.37 hosts set up and while 13.37 it does ship with ntpd, it isn't pre-configured. I'll give it a shot soon. Arch has a fairly complex (to me) config system, so I'm sure I messed up the way I tried to take down the pre-configured ntpd.
Slackware 10.2 is from like 2008-ish, eh?
Slackware 10.2 is from like 2008-ish, eh?
Yes, that's about right for Slackware 10.2. That's what my web hosting was running at the time. I still have my first Linux system which was RedHat 9. And I have two Ubuntu 10.04 systems because that's what my web host runs now. I was going to install a CentOS system on another computer but I found out their 'Live' CD doesn't contain the install code. CentOS seems to be one of the more popular distributions for hosting companies right now.