hey, i am running xntp version 3 on one of my machines and updates from various time servers work perfectly. i would like to use this server as a time server for my internal network (192.168.14.0) and have added the appropriate lines to /etc/ntp.conf: restrict default ignore restrict 192.168.14.0 mask 255.255.255.0 nomodify notrap notrust however, trying it out with ntpdate, i get an error: fishbowl:~ # ntpdate -b -p8 -u albatross 17 Jan 00:35:50 ntpdate[20159]: no server suitable for synchronization found fishbowl:~ # ntpdate albatross 17 Jan 00:35:57 ntpdate[20172]: no server suitable for synchronization found fishbowl:~ # so i went ahead and tested the server with a windoze client, running dimension 4 (prolly the best ntp client for windoze), and it states that the server (albatross) returns a wrong ntp packet. how do i enable the ntp server to be used by ntpdate on the internal network? thanks, martin [greetings from the heart of the sun]# echo madduck@!#:1:s@\@@@.net -- today's an excellent day for putting slinkies on an escalator.
MaD dUCK wrote:
i am running xntp version 3 on one of my machines and updates from various time servers work perfectly. i would like to use this server as a time server for my internal network (192.168.14.0) and have added the appropriate lines to /etc/ntp.conf:
restrict default ignore restrict 192.168.14.0 mask 255.255.255.0 nomodify notrap notrust
however, trying it out with ntpdate, i get an error:
fishbowl:~ # ntpdate -b -p8 -u albatross 17 Jan 00:35:50 ntpdate[20159]: no server suitable for synchronization found fishbowl:~ # ntpdate albatross 17 Jan 00:35:57 ntpdate[20172]: no server suitable for synchronization found fishbowl:~ #
so i went ahead and tested the server with a windoze client, running dimension 4 (prolly the best ntp client for windoze), and it states that the server (albatross) returns a wrong ntp packet.
how do i enable the ntp server to be used by ntpdate on the internal network?
Firstly, did you restart the ntp server after you changed the config file? Another problem that I can see is that you have made any entries allowing your time server (albatross) to synchronise with those other external time servers. Hence if you did restart xntpd and waited a while before trying ntpdate, you may find that albatross hasn't been able to contact a time server for a while and has decided to significantly increase its stratum number to show that it is unsynchronised. Other possibilities would be to try removing the notrap option and see if it works after that, or try removing (commenting out) both restrict lines and see if you can get the client to connect. Also check /var/log/messages and /var/log/ntp (on both client and server) to see if you can get more details. Bye, Chris -- __ _ -o)/ / (_)__ __ ____ __ Chris Reeves /\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005 _\_v __/_/_//_/\_,_/ /_/\_\
had this same error message...resolved by having to re-add the udp 123 port allowance in the routers acl. ntp requires both tcp and udp on port 123. rf -----Original Message----- From: chris@suse.com [mailto:chris@suse.com]On Behalf Of Chris Reeves Sent: Wednesday, January 17, 2001 5:38 AM To: MaD dUCK; SuSE Mailing List Subject: Re: [SLE] ntpd problems MaD dUCK wrote:
i am running xntp version 3 on one of my machines and updates from various time servers work perfectly. i would like to use this server as a time server for my internal network (192.168.14.0) and have added the appropriate lines to /etc/ntp.conf:
restrict default ignore restrict 192.168.14.0 mask 255.255.255.0 nomodify notrap notrust
however, trying it out with ntpdate, i get an error:
fishbowl:~ # ntpdate -b -p8 -u albatross 17 Jan 00:35:50 ntpdate[20159]: no server suitable for synchronization found fishbowl:~ # ntpdate albatross 17 Jan 00:35:57 ntpdate[20172]: no server suitable for synchronization found fishbowl:~ #
so i went ahead and tested the server with a windoze client, running dimension 4 (prolly the best ntp client for windoze), and it states that the server (albatross) returns a wrong ntp packet.
how do i enable the ntp server to be used by ntpdate on the internal network?
Firstly, did you restart the ntp server after you changed the config file? Another problem that I can see is that you have made any entries allowing your time server (albatross) to synchronise with those other external time servers. Hence if you did restart xntpd and waited a while before trying ntpdate, you may find that albatross hasn't been able to contact a time server for a while and has decided to significantly increase its stratum number to show that it is unsynchronised. Other possibilities would be to try removing the notrap option and see if it works after that, or try removing (commenting out) both restrict lines and see if you can get the client to connect. Also check /var/log/messages and /var/log/ntp (on both client and server) to see if you can get more details. Bye, Chris -- __ _ -o)/ / (_)__ __ ____ __ Chris Reeves /\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005 _\_v __/_/_//_/\_,_/ /_/\_\ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Hello Rick, Thursday, 18 January 2001, you wrote: RF> had this same error message...resolved by having to re-add the udp 123 port RF> allowance in the routers acl. ntp requires both tcp and udp on port 123. I'm running the SuSE firewall scripts, and found that I had to add the target time servers and the port mentioned to the trusted hosts section... Mark mailto:mcr@reason-technology.com
also sprach Rick Francis (on Wed, 17 Jan 2001 06:33:51PM -0600):
had this same error message...resolved by having to re-add the udp 123 port allowance in the routers acl. ntp requires both tcp and udp on port 123.
i had udp only in the first place so now i added tcp for 123 as well, but that does not solve the problem. check out the debug output: root@fishbowl:/home/madduck # ntpdate -d albatross 19 Jan 00:46:58 ntpdate[12420]: ntpdate 4.0.99f Sat Jul 29 13:00:15 GMT 2000 (1) transmit(192.168.14.1) receive(192.168.14.1) transmit(192.168.14.1) receive(192.168.14.1) transmit(192.168.14.1) receive(192.168.14.1) transmit(192.168.14.1) receive(192.168.14.1) transmit(192.168.14.1) server 192.168.14.1, port 123 stratum 16, precision -17, leap 11, trust 000 refid [0.0.0.0], delay 0.02615, dispersion 0.00000 transmitted 4, in filter 4 reference time: 00000000.00000000 Thu, Feb 7 2036 7:28:16.000 originate timestamp: be11fe8f.b33c8000 Fri, Jan 19 2001 0:45:19.700 transmit timestamp: be11fef2.81275ee9 Fri, Jan 19 2001 0:46:58.504 filter delay: 0.02628 0.02617 0.02615 0.02615 0.00000 0.00000 0.00000 0.00000 filter offset: -98.8046 -98.8047 -98.8047 -98.8047 0.000000 0.000000 0.000000 0.000000 delay 0.02615, dispersion 0.00000 offset -98.804723 19 Jan 00:46:58 ntpdate[12420]: no server suitable for synchronization found root@fishbowl:/home/madduck # [greetings from the heart of the sun]# echo madduck@!#:1:s@\@@@.net -- "i believe that the moment is near when by a procedure of active paranoiac thought, it will be possible to systematize confusion and contribute to the total discrediting of the world of reality." -- salvador dali
MaD dUCK wrote:
also sprach Rick Francis (on Wed, 17 Jan 2001 06:33:51PM -0600):
had this same error message...resolved by having to re-add the udp 123 port allowance in the routers acl. ntp requires both tcp and udp on port 123.
i had udp only in the first place so now i added tcp for 123 as well, but that does not solve the problem.
NTP uses udp port 123 as standard - AFAIK it doesn't use TCP 123 at all (but I may be wrong).
check out the debug output:
root@fishbowl:/home/madduck # ntpdate -d albatross 19 Jan 00:46:58 ntpdate[12420]: ntpdate 4.0.99f Sat Jul 29 13:00:15 GMT 2000 (1) transmit(192.168.14.1) receive(192.168.14.1) transmit(192.168.14.1) server 192.168.14.1, port 123 stratum 16, precision -17, leap 11, trust 000
The above line is probably your problem - your server is reporting itself as being stratum 16. Your client computer may well be a lower stratum than the server, hence the client is unwilling to take the time from a more inaccurate time source... As I mentioned earlier, your restrict rules may be preventing your time server from accessing the time from the external servers, so you need to alter your restrict rules. Try adding the following rule for each external server (where <server ip> is replaced by the IP address of the server): restrict <server ip> nomodify This should get the server resynchronised and it's stratum number will fall to its proper value.
refid [0.0.0.0], delay 0.02615, dispersion 0.00000 transmitted 4, in filter 4 reference time: 00000000.00000000 Thu, Feb 7 2036 7:28:16.000 originate timestamp: be11fe8f.b33c8000 Fri, Jan 19 2001 0:45:19.700 transmit timestamp: be11fef2.81275ee9 Fri, Jan 19 2001 0:46:58.504 filter delay: 0.02628 0.02617 0.02615 0.02615 0.00000 0.00000 0.00000 0.00000 filter offset: -98.8046 -98.8047 -98.8047 -98.8047 0.000000 0.000000 0.000000 0.000000 delay 0.02615, dispersion 0.00000 offset -98.804723
19 Jan 00:46:58 ntpdate[12420]: no server suitable for synchronization found root@fishbowl:/home/madduck #
Bye, Chris -- __ _ -o)/ / (_)__ __ ____ __ Chris Reeves /\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005 _\_v __/_/_//_/\_,_/ /_/\_\
participants (4)
-
Chris Reeves -
MaD dUCK -
Mark Robinson -
Rick Francis