time sync with ntp not working correctly? - solved
Götz Reinicke
goetz.reinicke at filmakademie.de
Tue Feb 1 15:13:05 UTC 2005
Hi,
I Think I found the missconfigured parts :-)! Thanks for pointing me
into the right direction.
"notrust" and "restrict" where misconfigurred!
Now the clients have:
restrict IP mask 255.255.255.255 nomodify notrap noquery
server IP
The server:
restrict IP mask 255.255.255.0 notrust nomodify notrap
...
Regards
Götz Reinicke
John DeDourek wrote:
> Note the column called "reach". On the server it has 377.
> That's the octal (base 8) representation of an 8-bit quantity.
> (377 = 11111111 binary). Periodically a machine running ntp
> sends a time query to its configured servers. When it gets a
> reply it shifts a 1 into the right of "reach"; no reply, it
> shifts a 0. Thus on the server, the last eight queries to
> its servers got a reply: 11111111. On the clients 00000000;
> that's obviously bad. So the clients are not getting responses
> to their queries.
>
> Two usual problems:
> -- Either the queries or the responses to the clients are not
> getting through the network; most commonly firewall issues;
> occasionally network problems like routing; check the latter
> by ping. The former requires an investigation of the firewall
> setup
> -- Bad ntp configuration on the server (refusing to accept queries)
> or on the clients (refusing to accept responses). You
> unfortunately didn't shows us the ntp configuration on the two
> machines. Most common problem is that the meaning of "restrict
> notrust" changed between older and newer versions of ntp. If
> you are reading old guidlines, or have upgraded to the newer
> ntp and used the configuration files from the old one, that
> could be the problem. Have a quick look at /etc/ntp.conf;
> if the word "notrust" appears on any "restrict" lines, try
> editing it out (saving a copy of the old configuration first).
> If you just copied an old configuration file over the new one
> after upgrading (and happened to save the original installed
> configuration, which I highly recommend), a good procedure would
> be to go back to the ntp.conf installed by the upgrade and edit
> your own server lines in (making changes as appropriate). In
> any case, we would need to see the configuration files to
> comment further.
>
>
> Götz Reinicke wrote:
>
>> Hi,
>>
>> today I checked the time on some servers and found that they differ by
>> a couple off minutes. Without teh ntpd running a "ntpdate gaugin"
>> syncs the clock.
<...>
--
Götz Reinicke
IT Koordinator - IT OfficeNet
Tel. +49 (0) 7141 - 969 420
Fax +49 (0) 7141 - 969 55 420
goetz.reinicke at filmakademie.de
Filmakademie Baden-Württemberg
Mathildenstr. 20
71638 Ludwigsburg
www.filmakademie.de
More information about the fedora-list
mailing list