Problem synchronizing server time with ntpd

linux ntp ntpd
45,918

Solution 1

The problem was that the server itself was not able to synchronize with it's upstream server. the solution was to change the server configuration like this:

re-enabled the Debian pool servers instead of my single hard coded server.

server 0.debian.pool.ntp.org iburst
server 1.debian.pool.ntp.org iburst
server 2.debian.pool.ntp.org iburst
server 3.debian.pool.ntp.org iburst

I added a local clock reference, this makes the server appear synchronized to clients even when it's not, which is the desired behavior for my setup.

server 127.127.1.0
fudge 127.127.1.0 stratum 10

Once I made those changes, the server managed to synchronize itself and then the clients managed to sync with the server.

Solution 2

Many distributions these days are configuring ntpd to restrict access. If restrict lines are present in your server's /etc/ntp.conf, only hosts/networks matching those lines will be permitted to connect to ntpd. You probably need to add additional restrict lines for the hosts or networks you want to allow to sync to your server. For example, to let the client you mentioned sync, add one of the following lines:

# allow just this host
restrict 10.99.84.134 nomodify notrap

# or allow the whole /24 segment
restrict 10.99.84.0 mask 255.255.255.0 nomodify notrap

After that, restart ntpd, and your clients should be able to sync.

Solution 3

You can also say there's some sort of connectivity problem because the "reach" is still 0.

Turn off ntp for a moment, and try running ntpdate to sync it once:

ntpdate 10.99.84.134

If that fails, you definitely have a connectivity problem:

  1. verify that the two machines can talk to each other via ICMP (ping)
  2. if they can, verify that there's not a firewall setting on 10.99.84.134 preventing the connection to ntp

  3. If there's no firewall problems, verify on 10.99.84.134 that ntp is listening

    netstat -tapn | grep 123

Share:
45,918

Related videos on Youtube

Omry
Author by

Omry

Updated on September 17, 2022

Comments

  • Omry
    Omry almost 2 years

    I am trying to ntp sync one machine with another. both runs Debian lenny, and I installed the ntp package in both. I configured the server to synchronize with an external machine by putting

    server IP.ADDRESS iburst

    in it's /etc/ntp.conf file.

    I configured the client to sync with the serve by putting only the server in /etc/ntp.conf of the client.

    however, they do not seem to be synchronizing. ntpq shows that the state is INIT which - according to the docs - indicates that "The association has not yet synchronized for the first time"

    # ntpq -n
ntpq> pe
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 10.99.84.134    .INIT.          16 u  665 1024    0    0.000    0.000   0.000

    ntpq -> as shows 'reject' in the condition line:

    # ntpq
ntpq> as

ind assID status  conf reach auth condition  last_event cnt
===========================================================
  1 40102  8000   yes   yes  none    reject

    Any idea how to solve this? (I would rather not use ntpdate).

  • Omry
    Omry almost 15 years
    ntpdate can't syncrhonize. the machines can talk to one another, tested pings, and even tested netcat (sent a udp package on port 123 and it passed well). netstat shows that the server listens (but I needed to remove the -t option because ntp listens on udp port 123 and not tcp).
  • Omry
    Omry almost 15 years
    added the output of ntpq -> as to the question.
  • Greeblesnort
    Greeblesnort almost 15 years
    While I originally suspected a local firewall to be the problem, it certainly sounds like ntp itself is the culprit (per James' answer) sorry about the wrong netstat line, lizard brain sometimes types things without me noticing it's the wrong thing.
  • Greeblesnort
    Greeblesnort almost 15 years
    glad you got it sorted, although I don't know that I'm a fan of using iburst...do the debian pool servers have restriction statements elsewhere in the config?
  • Marki555
    Marki555 about 9 years
    iburst sends burst of packets only on startup, so it is considered polite to the upstream servers. burst on the other hand sends burst of packets every time upstream server is contacted and so is considered abuse by some ntp server operators.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

NTP - fix massive offset
ntpd logging debug to ntpd.log
How to force locally isolated ntpd update time
NTP not syncing automatically with my internal NTP server
How to synchronize time between a Windows client and a Linux NTP server?
System clock drifting out of sync with hwclock and ntpd
NTP configuration not recognized?
Hosting an NTP server on a standalone network
NTP running, server time is wrong on VM
Using NTP to sync a group of linux servers to a common time source