Mike McMullin wrote:
On Mon, 2005-11-28 at 18:01 -0500, Bruce Marshall wrote:
On Monday 28 November 2005 05:48 pm, Bjørge Solli wrote:
Then there must be a problem with the firewall.... I've never had to open ports for NTP and no routers do either that I am aware of.
Well not according to this: <http://ntp.isc.org/bin/view/Support/TroubleshootingNTP>
Suture self..... I can find no reference to port 123 in my router setup nor in the shorewall setup I used to run.
Yet ntp is working fine.
How do you test it to make sure it's properly connected?
You have noticed the syslog messages already. In general, you can check for the state of your NTP setup with the command ntpq -c pe It tells you about all time sources, which one is used currently, and if you're synchronized. If you have a server with an asterisk in front, you're synchronized to that server. If it has a plus in front, this is a potential source of synchronization. E.g., my company time server has the output remote refid st t when poll reach delay offset jitter ============================================================================== LOCAL(0) LOCAL(0) 10 l - 64 377 0.000 0.000 0.008 *ntp2.ptb.de .PTB. 1 u 887 1024 377 44.424 0.697 0.826 +rustime01.rus.u .DCFp. 1 u 968 1024 377 38.228 -2.858 0.927 +hora.cs.tu-berl .PPS. 1 u 3 1024 377 48.561 -3.353 1.365 This means we're synchronized to PTB, and if that connection gets lost, rustime01 and hora could take over. (All three servers are stratum 1 servers and give definitive times. PTB is the reference time source for Germany.) The when column is a counter that is increased until it reaches the poll number, then the next ntp request is sent. The reach column are the octal representation of 8 bits that tell when we did reach the server in the past. This is a shift register -- if it's 377, that's best, all past requests were successful. delay, offset, and jitter (all are in milliseconds) show the difference of my time server to the reference servers. More info: http://www.meinberg.de/download/docs/other/ntp_adv.txt Concerning server selection, please read http://ntp.isc.org/bin/view/Servers/NTPPoolServers. Another tip: There is a nice Nagios plugin that checks that the time server is up and running correctly; one gets an email if it gets non-functional. Cheers, Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany