NTP local query always times out
Solution 1
I was expecting ntpq
to query local server via 127.0.0.1, but it turns out to be querying local server via ethernet network interface.
Although I have no idea why a local ntp query would have to go through ethernet, but in configuration file I added
restrict <eht0 ip address>
And now NTP works fine.
Solution 2
On RHEL / CentOS 6 and 7, for whatever reason ntpq
tries to query the IPv6 loopback at ::1 instead of the IPv4 loopback at 127.0.0.1. With this in mind, I added this line to my /etc/ntp.conf
file:
restrict ::1
Saved the file then restarted ntpd
service ntpd restart
now the command:
ntpq -p
works as expected. (This is the same as running ntpq
in command-line mode and then issuing the peers
command.)
I prefer this solution since you do not have to enable communications with ntpd
via a potentially public Ethernet interface, which may be a security concern.
Related videos on Youtube
Howard
Updated on September 18, 2022Comments
-
Howard almost 2 years
I have a CentOS 6.4 server, it does not have any iptable rules, it runs NTP daemon as service using the following configuration:
driftfile /var/lib/ntp/drift server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server 3.pool.ntp.org restrict default ignore restrict 127.0.0.1
When I run
ntpq
to query peers, the following response is received:ntpq> peers localhost.localdomain: timed out, nothing received
dig
shows that:localhost.localdomain. 86400 IN A 127.0.0.1
Why doesn't ntp query work?
-
Howard over 10 yearsiptable is running, but there isnt any rule.
-
slayedbylucifer over 10 yearsare you able to ping
0.pool.ntp.org
and others in the list ? -
Admin about 10 yearsDo you have an entry for localhost or localhost.localdomain in /etc/hosts? The system will look here first, before checking DNS.
-
-
Tuinslak over 7 yearsIs this actually safe? Ie would that give public access somehow?
-
Thomas about 7 yearsThat just shouldn't matter, as the
pool
directive just resolves more IP addresses behind the 0.pool.ntp.org alias, where as theserver
directive just resolves one address from DNS and sticks to it.