NTP - ntpq -c peers showing incorrect stratum for peers
Solution 1
refid .INIT. and stratum 16 indicates that you are not getting any responses from those servers. Check your firewall(s).
Solution 2
As already noted stratum 16 servers are unreachable. Therefore, they have no usable time information. As soon as you successfully connect to a server is stratum will be reported. It takes several time exchanges before ntp
will consider using time from the server.
ntpdate -d
uses a non-privileged outgoing port, while ntp
will use port 123 as source and destination. It is possible to block either with firewall rules. If you don't allow established
connections before you block incoming traffic to port 123, ntp
will fail.
It is common to have a cstate RELATED,ESTABLISHED
firewall rule at the top of a chain which accepts traffic. This simplifies the rule set as return traffic does not have be dealt with specific rules.
Related videos on Youtube
JohnK
During the day I am a DevOps Engineer (mostly Ops) for a mobile biometric authentication company. In the evening I am a lazy bum with 2 dogs.
Updated on September 18, 2022Comments
-
JohnK over 1 year
I am running Ubuntu 14.04 as an Amazon Web Services instance. When I run ntpq -c peers on my server I get the following output:
# ntpq -c peers remote refid st t when poll reach delay offset jitter ============================================================================== time-a.nist.gov .INIT. 16 u - 1024 0 0.000 0.000 0.000 time-b.nist.gov .INIT. 16 u - 1024 0 0.000 0.000 0.000
I read this to state that the 2 servers in the response are stratum 16 servers which I know to be incorrect (the nist.gov servers are stratum 1). I know there is a connection to the NIST servers because ntpdate -d time-a.nist.gov connects and shows offset fine.
What causes the stratum to be displayed incorrectly, and what can I do to make sure the command shows the correct stratum?
Thanks
-
JohnK almost 9 yearsIf ntpq is not getting through the firewall then why does ntpdate -d time.nist.gov give me information?