[ntp:questions] NTP reachable but rejected

Moses Truong moses_truong at ntm.org.pg
Wed Dec 16 02:11:42 UTC 2009


I have an NTP server (v.4.2.2) running on CentOS5 and it sync with ntp 
servers over the internet.

On the local network, I have a variety of NTP clients running, those 
running CentOS4 with NTP daemon v4.2.0 are able to sync without a 
problem, but those running CentOS5 (ntp v4.2.2) or Ubuntu 9.10 (ntp 
v4.2.4) are not able to sync.

assID=63102 status=9014 reach, conf, 1 event, event_reach,
srcadr=172.23.68.1, srcport=123, dstadr=172.23.68.121, dstport=123,
leap=00, stratum=2, precision=-20, rootdelay=727.264,
rootdispersion=448.120, refid=128.250.33.242, reach=001, unreach=1,
hmode=3, pmode=4, hpoll=6, ppoll=6, flash=400 peer_dist, keyid=0, ttl=0,
offset=8716.317, delay=0.166, dispersion=0.031, jitter=0.858,
reftime=ced28a23.6c7cf811  Wed, Dec 16 2009  8:20:19.423,
org=ced28a5b.688a3484  Wed, Dec 16 2009  8:21:15.408,
rec=ced28a52.b12f1670  Wed, Dec 16 2009  8:21:06.692,
xmt=ced28a52.b1231994  Wed, Dec 16 2009  8:21:06.691,
filtdelay=     0.17    0.17    0.15    0.18    0.18    0.23    0.20    0.27,
filtoffset= 8716.32 8716.12 8715.92 8715.74 8715.54 8715.37 8715.16 8714.99,
filtdisp=      0.00    0.03    0.06    0.09    0.12    0.15    0.18    0.21

 From the ntp manual, flash=400 refers to

0x400 TEST11
    The autokey protocol has not verified the server or peer is
    proventic and has valid public key credentials. See the
    Authentication Options <cid:part1.03080703.06000402 at ntm.org.pg> page. 

So I'm wondering are there a way to configure the client to ignore autokey?

I've tried removing all restrict options and have a barebone ntp.conf 
with just the server and driftfile entry:

server 172.23.68.1
driftfile /var/lib/ntp/ntp.drift

But it is still rejecting the reply from the server.

Thanks for any help in advance.

moses



More information about the questions mailing list