[ntp:questions] Re: Unable to get time from NTP server

Daniel Rudy nospam at nospam.net
Thu Mar 31 19:42:08 UTC 2005


"Tom Smith" <smith at cag.lkg.hp.com> wrote in message 
news:424C4016.5020302 at cag.lkg.hp.com...
> Daniel Rudy wrote:
>> Hello,
>>
>>     I have a machine that is dedicated to providing NTP service.  When I 
>> upgrade the operating system on that machine from FreeBSD 4.10 to FreeBSD 
>> 5.3, it seems that the machine is no longer responding to time requests. 
>> I have used ntpdc to check the status of the server and I have tried to 
>> restart the server to no avail.  There just is not any response from the 
>> server at all.  I'm running the server with the following information 
>> below. There are no errors in the log, and the server is running.  Any 
>> ideas?
>>
>>
>> /usr/sbin/ntpd -c /etc/ntp.conf -p /var/run/ntpd.pid
>>
>> /etc/ntp.conf
>> server time.windows.com
>> server clepsydra.dec.com
>> server bitsy.mit.edu
>> server otc1.psu.edu
>> server time.xmission.com
>> server clock.via.net
>> server clock.isc.org
>> server ntp2.sth.netnod.se
>> server ntp2.sp.se
>> server nist1.aol-ca.truetime.com minpoll 8
>> server usno.pa-x.dec.com
>>
>> restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap kod
>> restrict 127.0.0.1 mask 255.0.0.0
>>
>>
>
> Regrettably, the meaning of "notrust" changed between NTP 4.1.* and 4.2.*,
> breaking many pre-existing ntp.conf files. You probably want to change
> that to "nopeer".
>
> Through 4.1.1:
> notrust
>     Treat these hosts normally in other respects, but never use them as
>     synchronization sources.
> nopeer
>     Provide stateless time service to polling hosts, but do not allocate
>     peer memory resources to these hosts even if they otherwise might be
>     considered useful as future synchronization partners.
>
> 4.2.0:
> notrust
>     Deny service unless the packet is cryptographically authenticated.
> nopeer
>     Deny packets which would result in mobilizing a new association.  This 
> includes
>     broadcast and symmetric active packets when a configured association 
> does not exist.


It's not specified in the man page, which is probably why I missed it.

-- 
Daniel Rudy





More information about the questions mailing list