Re: ntpd not keeping time -fw
hi ya debian
since ntpdate does sync w/ clock.psu.edu
and xntpd does not, you will need to fix your firewall rules
c ya
alvin
On Wed, 29 Jan 2003 debian@clouded.org wrote:
> # ntpdate -udb clock.psu.edu
...
> 29 Jan 16:38:43 ntpdate[23213]: no server suitable for synchronization found
>
>
> # ntptrace -dv clock.psu.edu
...
> otc2.psu.edu: *Timeout*
...
> And here's just plain 'ole ntpdate:
>
> # ntpdate clock.psu.edu
> 29 Jan 16:39:56 ntpdate[23274]: step time server 128.118.25.3 offset -55.557580 sec
..
> So it looks like running ntpdate without options works, while running with
> those options does not. I've double-checked the firewall ruleset and it is
> exactly the same as other boxes with ntp running just fine.
deesnt mean that its right for that box..
kernel issues, ipchains/iptable issues, xntp versions, etc
> For some reason, though, on the problem box I found this:
> Jan 29 16:40:30 haze kernel: Packet log: input DENY eth0 PROTO=17 128.118.25.3:123 64.61.10.115:32962 L=76 S=0
>
> So I changed the rules for ntp hosts to allow udp:123 to anywhere and now
> the above commands return this:
..
> # ntpdate -udb clock.psu.edu
..
> 29 Jan 17:41:21 ntpdate[24452]: step time server 128.118.25.3 offset -29.626950 sec
> # ntptrace -dv clock.psu.edu
...
> refid ntp2.usno.navy.mil delay 0.01788, dispersion 0.00000 offset -29.872159
...
> So now nothing is being blocked by the firewall (except for
> ntp2.usno.navy.mil) and ntp still isn't sync'ing time on the box. I even
you have to wait ... say several hours to see if you can get regular
log messages in /var/log/xntpd
- mine defaults to once/hr for xntp sync'ing
c ya
alvin
..
> > more ntp jibberish ( urls to other docs too )
> > http://www.Linux-Consulting.com/NTP/NTP.Commands.txt
Reply to: