[ntp:questions] Three NTP servers, one strange IP-address in 'refid'
E-Mail Sent to this address will be added to the BlackLists
Null at BlackList.Anitech-Systems.invalid
Tue Apr 1 21:17:42 UTC 2014
Sander Smeenk wrote:
...
> if i check 'ntpq -c lpeers' on one of the three stratum-2
> servers i see an IP-address listed as 'refid' for the 'peer'-entries
> in my configuration. This IP-address is not used in any of my
> configurations
...
No, its in ntp{1,2,3}.bit.nl's .conf, or via DHCP
or ntp{1,2,3}.bit.nl ntp servers got it via a pool command.
Why are you using ntp{1,2,3}.bit.nl / dns{1,2,3}.dns.dmz.bit.nl servers?
Why do you care what ntp{1,2,3}.bit.nl / dns{1,2,3}.dns.dmz.bit.nl
respond with for their refclock?
or the ripe ones for that matter
<http://www.ripe.net/data-tools/projects/faqs/faq-ris/i-need-a-ntp-time-server.-where-can-i-find-one>
"Install a NTP server on your local network
or look at www.ntp.org for a public NTP time server in the geographical proximity."
"Please do NOT use RRCs as NTP servers, they were not intended for this purpose."
...
> no traffic is flowing to- or from that IP either.
...
> I ran tcpdumps on the three nodes, not a single packet
> was logged while you would expect to see a few if indeed
> it is uses as a sys.peer on any of the systems.
You won't see packets between ntp{1,2,3}.bit.nl and it's upstream server(s).
Unless you can monitor the switch mirror port inside bit.nl,
or packet cap on the ntp{1,2,3}.bit.nl machine,
e.g. you are a bit.nl NOC SysAdmin?
If you were, I suspect you would already know why
their ntp server report 172.2.53.81 as their reference.
"NTP servers: ntp1.bit.nl and ntp2.bit.nl
This stratum 2 servers are synchronized with our stratum-1 server
receives the right time via GPS."
I guess it could also be a IPv6 ref mangling issue?
{Maybe they fudged 172.2.53.81 as their reference.}
FYI I see ntp{1,2,3}.bit.nl have referenced other
ATT IPs in the past e.g. 32.246.249.54.
as well as other IPs e.g. 193.0.0.228 (singtel nl)
> Also, as stated, the IP resolves to some DSL connection in
> the US and doesn't appear to provide any NTP services.
Maybe not for you?
172.2.53.81 -> adsl-172-2-53-81.dsl.aus2tx.sbcglobal.net > 172.2.53.81
Maybe a router recently port 123 blocked by the ISP
due to NTP DDOSability at the time?
> | -- dns1 --
> | remote refid st t when poll reach delay offset jitter
> | ==============================================================================
> | *tt52.ripe.net .PPS. 1 u 197 1024 377 0.493 -0.528 0.411
> | +tt12.ripe.net .GPS. 1 u 950 1024 377 13.158 0.287 0.451
> | -ntp3.tdc.fi .PPS. 1 u 1061 1024 377 41.182 0.919 0.424
> | dns2.dns.dmz.bi 172.2.53.81 2 u 421 1024 277 0.882 -0.418 0.362
> | dns3.dns.dmz.bi 172.2.53.81 2 u 547 1024 376 1.227 -0.577 0.386
> | +tt52.ripe.net .PPS. 1 u 973 1024 377 0.549 -0.547 0.470
> ...
> Publicly reachable as ntp{1,2,3}.bit.nl.
>
>
> Please note! The last three lines in the output of each server
> correspond to the 'peer ...' lines in the configuration:
> For example dns1 has:
> peer 172.17.130.32
> peer 172.17.130.33
> peer ntp4.bit.nl (== tt52.ripe.net)
>
>
> The IP shows up again in 'rv' output, f.e. on dns1/ntp1:
> | ntpq> rv
> | associd=0 status=0615 leap_none, sync_ntp, 1 event, clock_sync,
> | version="ntpd 4.2.6p3 at 1.2290-o Tue Jun 5 20:12:08 UTC 2012 (1)",
> | processor="x86_64", system="Linux/3.2.0-57-generic", leap=00, stratum=2,
> | precision=-23, rootdelay=0.662, rootdisp=31.985, refid=172.2.53.81,
> | reftime=d6e5793c.d1bbd451 Tue, Apr 1 2014 19:43:24.819,
> | clock=d6e57d27.39cb719b Tue, Apr 1 2014 20:00:07.225, peer=33335,
> | tc=10, mintc=3, offset=-0.412, frequency=61.081, sys_jitter=0.222,
> | clk_jitter=0.207, clk_wander=0.041
>
> Since dns1/ntp1 lpeers output shows its sys.peer(*) is tt52.ripe.net
> (ntp4.bit.nl, as configured) that would be the suspect for reporting
> the 172.2.53.81 IP.
tt52.ripe.net is your machines sys peer,
not ntp{1,2,3}.bit.nl sys peer.
--
E-Mail Sent to this address <BlackList at Anitech-Systems.com>
will be added to the BlackLists.
More information about the questions
mailing list