[ntp:questions] Re: Unable to get time from NTP server
Tom Smith
smith at cag.lkg.hp.com
Thu Mar 31 18:23:19 UTC 2005
Daniel Rudy wrote:
> Hello,
>
> I have a machine that is dedicated to providing NTP service. When I
> upgrade the operating system on that machine from FreeBSD 4.10 to FreeBSD
> 5.3, it seems that the machine is no longer responding to time requests. I
> have used ntpdc to check the status of the server and I have tried to
> restart the server to no avail. There just is not any response from the
> server at all. I'm running the server with the following information below.
> There are no errors in the log, and the server is running. Any ideas?
>
>
> /usr/sbin/ntpd -c /etc/ntp.conf -p /var/run/ntpd.pid
>
> /etc/ntp.conf
> server time.windows.com
> server clepsydra.dec.com
> server bitsy.mit.edu
> server otc1.psu.edu
> server time.xmission.com
> server clock.via.net
> server clock.isc.org
> server ntp2.sth.netnod.se
> server ntp2.sp.se
> server nist1.aol-ca.truetime.com minpoll 8
> server usno.pa-x.dec.com
>
> restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap kod
> restrict 127.0.0.1 mask 255.0.0.0
>
>
Regrettably, the meaning of "notrust" changed between NTP 4.1.* and 4.2.*,
breaking many pre-existing ntp.conf files. You probably want to change
that to "nopeer".
Through 4.1.1:
notrust
Treat these hosts normally in other respects, but never use them as
synchronization sources.
nopeer
Provide stateless time service to polling hosts, but do not allocate
peer memory resources to these hosts even if they otherwise might be
considered useful as future synchronization partners.
4.2.0:
notrust
Deny service unless the packet is cryptographically authenticated.
nopeer
Deny packets which would result in mobilizing a new association. This includes
broadcast and symmetric active packets when a configured association does not exist.
More information about the questions
mailing list