[ntp:questions] Re: Problem setting up ntp server
Richard B. Gilbert
rgilbert88 at comcast.net
Thu Jun 22 19:04:08 UTC 2006
John Oliver wrote:
> Googling around results in an awful lot of "It just works!" answers.
> Well, it doesn't :-)
>
> Here's the ntp.conf I'm using:
>
> restrict default nomodify notrap noquery
> restrict 127.0.0.1
>
> # -- CLIENT NETWORK -------
> restrict 192.168.101.0 mask 255.255.255.0 nomodify notrap
>
> # --- OUR TIMESERVERS -----
> server 0.pool.ntp.org iburst
> server 1.pool.ntp.org iburst
> server 2.pool.ntp.org iburst
> server time.nist.gov
>
> # --- NTP MULTICASTCLIENT ---
>
> # --- GENERAL CONFIGURATION ---
>
> # Undisciplined Local Clock.
> fudge 127.127.1.0 stratum 9
>
> # Drift file.
> driftfile /var/lib/ntp/drift
> broadcastdelay 0.008
>
> # Keys file.
> keys /etc/ntp/keys
>
>
>
> But port 123 is not available to other hosts on the same subnet. No,
> there is no iptables or any other firewall running on this host. How do
> I make it actually listen for connections?
>
Are you saying that you have a server running using the above
configuration and that clients are not able to access it?
Or is it that your server can't access its designated servers?
The first thing to do is to remove or comment out ALL restrict
statements. If that makes it work, put them back, one at a time until
you find the one that breaks it.
Show us the output of ntpq -p for your server.
Tell us how you know that port 123 is not available.
Remove the "fudge" statement or add the accompanying server statement:
server 127.127.1.0
My choice would be to remove the fudge statement and not to add the
server statement. You can think about serving your undisciplined local
clock after you get the rest of it working.
Remove the broadcast delay statement. You are neither broadcasting nor
receiving broadcasts!
My Solaris systems don't have a /var/lib. You didn't say what you are
using but if it doesn't have a /var/lib ntpd might have a problem
putting a drift file there. (I don't see why anybody would have a
/var/lib; my understanding is that /var is for things like log files,
spool files, mail files.... if "lib" means library /var seems like a
strange place for one.)
It might be helpful to add a logfile:
logfile /var/ntp/ntp.log
If you do so, be sure to create /var/ntp and set the ownership and
permissions such that ntpd can write to it and you can read it.
So the ntp.conf I'm recommending looks like:
# --- OUR TIMESERVERS -----
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server time.nist.gov
# --- GENERAL CONFIGURATION ---
# Drift file.
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
# Keys file.
keys /etc/ntp/keys
# Log file
logfile /var/ntp/ntp.log
More information about the questions
mailing list