[ntp:questions] Can't get time to sync with local time server

Steve Kostecke kostecke at ntp.isc.org
Thu Dec 14 22:22:08 UTC 2006


On 2006-12-14, Arty <arty-nospam at domain.tld> wrote:

> Why can't I set my time???
>
> server ntp.conf-------------
> server time.nist.gov prefer
> server pool.ntp.org
> server clock.isc.org
>
> driftfile /var/db/ntp.drift
> restrict default ignore

You've told ntpd to ignore all NTP packets form all addresses. Then you
neglected to tell ntpd that it is OK to accept NTP packets from your
time servers.

You may want to review the Restrictions HOWTO at
http://ntp.isc.org/Support/AccessRestrictions.

BTW: You're not going to be able to use 'restrict default ignore'
with a host name, such as pool.ntp.org, which resolves to multiple IP
addresses.

Here's what your ntp.conf could look like:

| # server ntp.conf
| driftfile /var/db/ntp.drift
| 
| # Allow only time service by default
| restrict default noquery nomodify notrap nopeer
| restrict 127.0.0.1 nomodify
| 
| # Remote time servers
| server time.nist.gov iburst
| server pool.ntp.org  iburst
| server clock.isc.org iburst
| 
| # Authorized clients
| # They are allowed time service and may query ntpd
| restrict 192.168.1.0 mask 255.255.255.0 notrap nopeer nomodify

A couple of notes (that have no bearing on your current synchronization
problem):

1. You ought to use pool servers from your geographical area;
pool.ntp.org can resolve to any one of larger number of time servers
workd wide. See http://ntp.isc.org/pool or http://www.pool.ntp.org for
more information.

2. According to the Rules of Engagement (http://ntp.isc.org/rules) you
should not be directly using Stratum-1 time servers unless you meet
certain criteria (such as serving time a large number of clients). You
really ought to choose from the Public Stratum-2 server list (at
http://www.ntp.org/s2 or http://ntp.isc.org/s2) or just use the pool.

3. Using only 3 remote time servers doesn't leave you with any back up
if one of them "goes bad". You ought to consider using 4 or 5 remote
time servers.

> # client ntp.conf-----------------------
> server 192.168.1.1 prefer

Using 'prefer' here is of no benefit.

> driftfile /var/db/ntp.drift

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list