[ntp:questions] Re: Problem setting up ntp server

Richard B. Gilbert rgilbert88 at comcast.net
Thu Jun 22 19:04:08 UTC 2006


John Oliver wrote:

> Googling around results in an awful lot of "It just works!" answers.
> Well, it doesn't :-)
> 
> Here's the ntp.conf I'm using:
> 
> restrict default nomodify notrap noquery
> restrict 127.0.0.1
> 
> # -- CLIENT NETWORK -------
> restrict 192.168.101.0 mask 255.255.255.0 nomodify notrap
> 
> # --- OUR TIMESERVERS -----
> server 0.pool.ntp.org iburst
> server 1.pool.ntp.org iburst
> server 2.pool.ntp.org iburst
> server time.nist.gov
> 
> # --- NTP MULTICASTCLIENT ---
> 
> # --- GENERAL CONFIGURATION ---
> 
> # Undisciplined Local Clock.
> fudge   127.127.1.0 stratum 9
> 
> # Drift file.
> driftfile /var/lib/ntp/drift
> broadcastdelay  0.008
> 
> # Keys file.
> keys /etc/ntp/keys
> 
> 
> 
> But port 123 is not available to other hosts on the same subnet.  No,
> there is no iptables or any other firewall running on this host.  How do
> I make it actually listen for connections?
> 

Are you saying that you have a server running using the above 
configuration and that clients are not able to access it?

Or is it that your server can't access its designated servers?

The first thing to do is to remove or comment out ALL restrict 
statements.  If that makes it work, put them back, one at a time until 
you find the one that breaks it.

Show us the output of ntpq -p for your server.

Tell us how you know that port 123 is not available.

Remove the "fudge" statement or add the accompanying server statement:
server 127.127.1.0
My choice would be to remove the fudge statement and not to add the 
server statement.  You can think about serving your undisciplined local 
clock after you get the rest of it working.

Remove the broadcast delay statement.  You are neither broadcasting nor 
receiving broadcasts!

My Solaris systems don't have a /var/lib.  You didn't say what you are 
using but if it doesn't have a /var/lib ntpd might have a problem 
putting a drift file there.  (I don't see why anybody would have a 
/var/lib; my understanding is that /var is for things like log files, 
spool files, mail files....  if "lib" means library /var seems like a 
strange place for one.)

It might be helpful to add a logfile:
logfile /var/ntp/ntp.log

If you do so, be sure to create /var/ntp and set the ownership and 
permissions such that ntpd can write to it and you can read it.

So the ntp.conf I'm recommending looks like:

# --- OUR TIMESERVERS -----
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server time.nist.gov

# --- GENERAL CONFIGURATION ---

# Drift file.
driftfile /var/lib/ntp/drift
broadcastdelay  0.008

# Keys file.
keys /etc/ntp/keys

# Log file
logfile /var/ntp/ntp.log




More information about the questions mailing list