NTP - ntpq -c peers showing incorrect stratum for peers

linux ubuntu-14.04 ntp
5,878

Solution 1

refid .INIT. and stratum 16 indicates that you are not getting any responses from those servers. Check your firewall(s).

Solution 2

As already noted stratum 16 servers are unreachable. Therefore, they have no usable time information. As soon as you successfully connect to a server is stratum will be reported. It takes several time exchanges before ntp will consider using time from the server.

ntpdate -d uses a non-privileged outgoing port, while ntp will use port 123 as source and destination. It is possible to block either with firewall rules. If you don't allow established connections before you block incoming traffic to port 123, ntp will fail.

It is common to have a cstate RELATED,ESTABLISHED firewall rule at the top of a chain which accepts traffic. This simplifies the rule set as return traffic does not have be dealt with specific rules.

Share:
5,878

Related videos on Youtube

JohnK
Author by

JohnK

During the day I am a DevOps Engineer (mostly Ops) for a mobile biometric authentication company. In the evening I am a lazy bum with 2 dogs.

Updated on September 18, 2022

Comments

  • JohnK
    JohnK over 1 year

    I am running Ubuntu 14.04 as an Amazon Web Services instance. When I run ntpq -c peers on my server I get the following output:

    # ntpq -c peers
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 time-a.nist.gov .INIT.          16 u    - 1024    0    0.000    0.000   0.000
 time-b.nist.gov .INIT.          16 u    - 1024    0    0.000    0.000   0.000

    I read this to state that the 2 servers in the response are stratum 16 servers which I know to be incorrect (the nist.gov servers are stratum 1). I know there is a connection to the NIST servers because ntpdate -d time-a.nist.gov connects and shows offset fine.

    What causes the stratum to be displayed incorrectly, and what can I do to make sure the command shows the correct stratum?

    Thanks

  • JohnK
    JohnK almost 9 years
    If ntpq is not getting through the firewall then why does ntpdate -d time.nist.gov give me information?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

installing NTP on CentOS 6
uwsgi running in Docker can't find initializtion file
SH linux: Syntax error: word unexpected
Errors mei_me 0000:00:03.0: timer: connect/disconnect timeout. after upgrade to 14.04
NTP - fix massive offset
What is the ubuntu 16.04 lts server default login & password?
How to add a compiled ntpd in services on linux?
Error install nginx version 1.6.2 in Ubuntu 14.04
How can I check whether my NTP daemon has PPS support?
Unable to form a link of a file which is in sites-available to a directory sites-enabled in remote server using ansible?