how to use ntpd

On my Linux host, I'm trying to replace the allegedly sunsetting netdate with the new and approved ntpd. I'm not having much luck. I've tried `ntpd -q` and `nptd -q -g -x`, and with plenty of -d debug arguments, but no go. My /etc/ntpd.conf file is basically the as-shipped default which is *supposed* to work as-is:

# Associate to public NTP pool servers; see http://www.pool.ntp.org/
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst

# Only allow read-only access from localhost
restrict default noquery nopeer noserve
restrict 127.0.0.1
restrict ::1

# Location of drift file
driftfile /var/lib/ntp/ntp.drift

logfile /var/log/ntp.log

Open in new window


When I run the ntpd command as shown above I get:

$ ntpd -q -d -d -d
ntpd 4.2.6p5@1.2349-o Fri Aug  2 04:48:49 UTC 2013 (1)
21 Sep 04:27:38 ntpd[896]: set_process_priority: Leave priority alone: priority_done is <2>
21 Sep 04:27:38 ntpd[896]: proto: precision = 1.000 usec
loop_config: item 1 freq 0.000000
event at 0 0.0.0.0 c01d 0d kern kernel time sync enabled
Finished Parsing!!
create_sockets(123)
21 Sep 04:27:38 ntpd[896]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
21 Sep 04:27:38 ntpd[896]: bind(16) AF_INET 0.0.0.0#123 flags 0x89 failed: Address already in use
21 Sep 04:27:38 ntpd[896]: unable to bind to wildcard address 0.0.0.0 - another process may be running - EXITING

Open in new window


This is pretty much Greek to me. What address is already in use? Where is it getting this "wildcard address 0.0.0.0"? What "other process" is it talking about?

HELP!
LVL 1
MarkAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
What host do you have?  I wonder if it's not already using NTP but not the way you're thinking.
0
MarkAuthor Commented:
I am running Arch Linux and am new to that distro. You are right. When I do ps ax I get:

220 ?        Ss     0:00 /usr/bin/ntpd -g -u ntp:ntp

So, I searched and found /etc/system/multi-user.target.wants/ntpd.service. I removed that, rebooted and tried my command `ntpd -q -g -x -d`. I get:

1 19:15:31 root@archlinux:~
> ntpd -q -g -x -d
ntpd 4.2.6p5@1.2349-o Fri Aug  2 04:48:49 UTC 2013 (1)
31 Dec 19:01:39 ntpd[229]: proto: precision = 1.000 usec
event at 0 0.0.0.0 c01d 0d kern kernel time sync enabled
Finished Parsing!!
31 Dec 19:01:39 ntpd[229]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
31 Dec 19:01:39 ntpd[229]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
31 Dec 19:01:39 ntpd[229]: Listen normally on 1 lo 127.0.0.1 UDP 123
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:01:39 ntpd[229]: Listen normally on 2 eth0 192.168.0.103 UDP 123
restrict: op 1 addr 192.168.0.103 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:01:39 ntpd[229]: peers refreshed
31 Dec 19:01:39 ntpd[229]: Listening on routing socket on fd #19 for interface updates
restrict: op 1 addr 0.0.0.0 mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr :: mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00000000 flags 00000000
31 Dec 19:01:39 ntpd[229]: restrict: error in address '::1' on line 17. Ignoring...
key_expire: at 0 associd 17802
peer_clear: at 0 next 1 associd 17802 refid INIT
event at 0 178.63.9.212 8011 81 mobilize assoc 17802
newpeer: 192.168.0.103->178.63.9.212 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 17803
peer_clear: at 0 next 2 associd 17803 refid INIT
event at 0 192.155.88.169 8011 81 mobilize assoc 17803
newpeer: 192.168.0.103->192.155.88.169 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 17804
peer_clear: at 0 next 3 associd 17804 refid INIT
event at 0 206.212.242.132 8011 81 mobilize assoc 17804
newpeer: 192.168.0.103->206.212.242.132 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
event at 0 0.0.0.0 c016 06 restart
event at 0 0.0.0.0 c012 02 freq_set ntpd -33.262 PPM
transmit: at 1 192.168.0.103->178.63.9.212 mode 3 len 48
auth_agekeys: at 1 keys 1 expired 0
transmit: at 2 192.168.0.103->192.155.88.169 mode 3 len 48
transmit: at 3 192.168.0.103->206.212.242.132 mode 3 len 48
transmit: at 66 192.168.0.103->192.155.88.169 mode 3 len 48
transmit: at 66 192.168.0.103->178.63.9.212 mode 3 len 48
transmit: at 70 192.168.0.103->206.212.242.132 mode 3 len 48
transmit: at 130 192.168.0.103->178.63.9.212 mode 3 len 48
transmit: at 131 192.168.0.103->192.155.88.169 mode 3 len 48

Open in new window


This seems to repeat forever (it has been running 1/2 hour as of this posing). I don't get this as the -q switch is supposed to "Set the time and quit".  Also, the time never appears to get set.

The hardware clock always is set to zero upon boot. You will notice the time in the command prompt is 19:15:31. That is because I am set to EST timezone and this would be 00:15:31 GMT. In fact, the actual time should have been set to 9:59AM EST -- and oh yeah, it's not Dec 31st! ntp seems to have no effect on setting time.

Any ideas? I'm thinking of going back to netdate - that was a snap to figure out!
0
Dave BaldwinFixer of ProblemsCommented:
Most time services won't resync if the hardware clock is too far off.  And I don't see that you are getting a response from the time servers either.  Your firewall needs to allow UDP port 123.

And I'm not sure your command line is right.  Here's the page for archlinux: https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

MarkAuthor Commented:
> Most time services won't resync if the hardware clock is too far off.

That what the -g switch is supposed to handle.

Actually, I took my ntp.conf setup from that exact page. And, except for adding the logfile directive, it is the as-shipped ntp.conf file.

-q means set time and quit, but it never quits

I can ping the ntp servers. 0.pool.ntp.org is 174.36.223.159

How would I check for UDP 123? The firewall does not block that port. telneting doesn't work:

telnet 0.pool.ntp.org 123
Trying 209.177.158.233...
Connection failed: Connection refused
Trying 72.8.140.222...
Connection failed: Connection refused
Trying 50.23.135.154...
Connection failed: Connection refused
Trying 54.236.224.171...

Open in new window


Here's my latest attempt

1 19:02:50 root@archlinux:~
> ntpd -q -g -d
ntpd 4.2.6p5@1.2349-o Fri Aug  2 04:48:49 UTC 2013 (1)
31 Dec 19:02:57 ntpd[248]: proto: precision = 1.000 usec
event at 0 0.0.0.0 c01d 0d kern kernel time sync enabled
Finished Parsing!!
31 Dec 19:02:57 ntpd[248]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
31 Dec 19:02:57 ntpd[248]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
31 Dec 19:02:57 ntpd[248]: Listen normally on 1 lo 127.0.0.1 UDP 123
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:02:57 ntpd[248]: Listen normally on 2 eth0 192.168.0.103 UDP 123
restrict: op 1 addr 192.168.0.103 mask 255.255.255.255 mflags 00003000 flags 00000001
31 Dec 19:02:57 ntpd[248]: peers refreshed
31 Dec 19:02:57 ntpd[248]: Listening on routing socket on fd #19 for interface updates
restrict: op 1 addr 0.0.0.0 mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr :: mask 0.0.0.0 mflags 00000000 flags 00000052
restrict: op 1 addr 127.0.0.1 mask 255.255.255.255 mflags 00000000 flags 00000000
31 Dec 19:02:57 ntpd[248]: restrict: error in address '::1' on line 17. Ignoring...
key_expire: at 0 associd 26761
peer_clear: at 0 next 1 associd 26761 refid INIT
event at 0 198.55.111.5 8011 81 mobilize assoc 26761
newpeer: 192.168.0.103->198.55.111.5 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 26762
peer_clear: at 0 next 2 associd 26762 refid INIT
event at 0 198.60.22.240 8011 81 mobilize assoc 26762
newpeer: 192.168.0.103->198.60.22.240 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
key_expire: at 0 associd 26763
peer_clear: at 0 next 3 associd 26763 refid INIT
event at 0 198.58.100.237 8011 81 mobilize assoc 26763
newpeer: 192.168.0.103->198.58.100.237 mode 3 vers 4 poll 6 10 flags 0x101 0x1 ttl 0 key 00000000
event at 0 0.0.0.0 c016 06 restart
event at 0 0.0.0.0 c012 02 freq_set kernel -33.262 PPM
transmit: at 1 192.168.0.103->198.55.111.5 mode 3 len 48
auth_agekeys: at 1 keys 1 expired 0
transmit: at 2 192.168.0.103->198.60.22.240 mode 3 len 48
transmit: at 3 192.168.0.103->198.58.100.237 mode 3 len 48
transmit: at 67 192.168.0.103->198.60.22.240 mode 3 len 48
transmit: at 67 192.168.0.103->198.58.100.237 mode 3 len 48
transmit: at 68 192.168.0.103->198.55.111.5 mode 3 len 48

Open in new window


Any other ideas?
0
Dave BaldwinFixer of ProblemsCommented:
I don't know why you keep putting '-d' on the command line.  I don't see a listing for that on the archlinux page or on my Ubuntu man pages.

Try 'ntpq -p' on the command line to see if your system knows about any ntp servers that it can check.
0
frankhelkCommented:
Hmmm - the error message with the 0.0.0.0 address implies that ntpd shoud service all available network interfaces, but can't bind because some other software is already using the port.

Is there any other process using the NTP port ?

Try netstat (not sure about the command ...) to figure out what process is using port 123 ... prevent it from being started. The try again.

BTW, allow me to recommend my article about NTP ... (not exactly for that problem, but for additional info).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
frankhelkCommented:
Addendum: With
netstat -t -u -l -p

Open in new window

you'll get a list of all port assignments from processes. Use
netstat -t -u -l -p | grep "ntp"

Open in new window

for a list of all assignments related to the NTP port. If there's a process listed that's NOT ntpd, you probably have found the culprit.

(Commands tested on SLES 11.2)
0
MarkAuthor Commented:
DaveBaldwin: > I don't know why you keep putting '-d' on the command line.

My archlinux system's man page does have -d:

-d, --debug-level
              Increase output debug message level.  This option may appear an unlimited number of times.

frankhelk: before I could try your suggestions I threw in the towel. The system came pre-configured with ntpd and I thought I had disabled that (I stopped getting port conflict message), but being new to Arch I may not have done it right. My solution was to scratch install Arch and just "let it be" with the ntpd setup that came out of the box.

I will definitely be replacing my netdate with ntp on my numerous Slackware hosts, so perhaps your advice will help then.
0
MarkAuthor Commented:
Thanks for helping!
0
Dave BaldwinFixer of ProblemsCommented:
My Slackware 10.2 seems to already use 'ntpd' also.
0
MarkAuthor Commented:
Really? I've got about seven slackware 13.37 hosts set up and while 13.37 it does ship with ntpd, it isn't pre-configured. I'll give it a shot soon. Arch has a fairly complex (to me) config system, so I'm sure I messed up the way I tried to take down the pre-configured ntpd.

Slackware 10.2 is from like 2008-ish, eh?
0
Dave BaldwinFixer of ProblemsCommented:
Yes, that's about right for Slackware 10.2.  That's what my web hosting was running at the time.  I still have my first Linux system which was RedHat 9.  And I have two Ubuntu 10.04 systems because that's what my web host runs now.  I was going to install a CentOS system on another computer but I found out their 'Live' CD doesn't contain the install code.  CentOS seems to be one of the more popular distributions for hosting companies right now.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.