[ntp:questions] Re: Unable to get time from NTP server

Tom Smith smith at cag.lkg.hp.com
Thu Mar 31 18:23:19 UTC 2005


Daniel Rudy wrote:
> Hello,
> 
>     I have a machine that is dedicated to providing NTP service.  When I 
> upgrade the operating system on that machine from FreeBSD 4.10 to FreeBSD 
> 5.3, it seems that the machine is no longer responding to time requests.  I 
> have used ntpdc to check the status of the server and I have tried to 
> restart the server to no avail.  There just is not any response from the 
> server at all.  I'm running the server with the following information below. 
> There are no errors in the log, and the server is running.  Any ideas?
> 
> 
> /usr/sbin/ntpd -c /etc/ntp.conf -p /var/run/ntpd.pid
> 
> /etc/ntp.conf
> server time.windows.com
> server clepsydra.dec.com
> server bitsy.mit.edu
> server otc1.psu.edu
> server time.xmission.com
> server clock.via.net
> server clock.isc.org
> server ntp2.sth.netnod.se
> server ntp2.sp.se
> server nist1.aol-ca.truetime.com minpoll 8
> server usno.pa-x.dec.com
> 
> restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap kod
> restrict 127.0.0.1 mask 255.0.0.0
> 
> 

Regrettably, the meaning of "notrust" changed between NTP 4.1.* and 4.2.*,
breaking many pre-existing ntp.conf files. You probably want to change
that to "nopeer".

Through 4.1.1:
notrust
     Treat these hosts normally in other respects, but never use them as
     synchronization sources.
nopeer
     Provide stateless time service to polling hosts, but do not allocate
     peer memory resources to these hosts even if they otherwise might be
     considered useful as future synchronization partners.

4.2.0:
notrust
     Deny service unless the packet is cryptographically authenticated.
nopeer
     Deny packets which would result in mobilizing a new association.  This includes
     broadcast and symmetric active packets when a configured association does not exist.



More information about the questions mailing list