[ntp:questions] NTP reachable but rejected
Moses Truong
moses_truong at ntm.org.pg
Wed Dec 16 02:11:42 UTC 2009
I have an NTP server (v.4.2.2) running on CentOS5 and it sync with ntp
servers over the internet.
On the local network, I have a variety of NTP clients running, those
running CentOS4 with NTP daemon v4.2.0 are able to sync without a
problem, but those running CentOS5 (ntp v4.2.2) or Ubuntu 9.10 (ntp
v4.2.4) are not able to sync.
assID=63102 status=9014 reach, conf, 1 event, event_reach,
srcadr=172.23.68.1, srcport=123, dstadr=172.23.68.121, dstport=123,
leap=00, stratum=2, precision=-20, rootdelay=727.264,
rootdispersion=448.120, refid=128.250.33.242, reach=001, unreach=1,
hmode=3, pmode=4, hpoll=6, ppoll=6, flash=400 peer_dist, keyid=0, ttl=0,
offset=8716.317, delay=0.166, dispersion=0.031, jitter=0.858,
reftime=ced28a23.6c7cf811 Wed, Dec 16 2009 8:20:19.423,
org=ced28a5b.688a3484 Wed, Dec 16 2009 8:21:15.408,
rec=ced28a52.b12f1670 Wed, Dec 16 2009 8:21:06.692,
xmt=ced28a52.b1231994 Wed, Dec 16 2009 8:21:06.691,
filtdelay= 0.17 0.17 0.15 0.18 0.18 0.23 0.20 0.27,
filtoffset= 8716.32 8716.12 8715.92 8715.74 8715.54 8715.37 8715.16 8714.99,
filtdisp= 0.00 0.03 0.06 0.09 0.12 0.15 0.18 0.21
From the ntp manual, flash=400 refers to
0x400 TEST11
The autokey protocol has not verified the server or peer is
proventic and has valid public key credentials. See the
Authentication Options <cid:part1.03080703.06000402 at ntm.org.pg> page.
So I'm wondering are there a way to configure the client to ignore autokey?
I've tried removing all restrict options and have a barebone ntp.conf
with just the server and driftfile entry:
server 172.23.68.1
driftfile /var/lib/ntp/ntp.drift
But it is still rejecting the reply from the server.
Thanks for any help in advance.
moses
More information about the questions
mailing list