[ntp:questions] Re: Does this look familiar?

Maarten Wiltink maarten at kittensandcats.net
Thu Aug 7 08:32:19 UTC 2003

Mike Ayers wrote in message <3F318D7D.4060709 at earthling.net>...
>Maarten Wiltink wrote:
>> Everybody who reads here for a week has seen it.
> Darn, I must have picked the wrong week.  I've got about two weeks back,
>didn't see it.

That's possible. Summer time is different. Compliments anyway on
taking the trouble. (No compliments on the email copy.)

>> Usually, it's
>> your firewall not allowing NTP traffic, or your broadband modem
>> getting a new IP address due to DHCP lease expiration. (More
>> likely the former if restarting NTP does not help; the latter if
>> it does.)
> The latter.  OK, is there an NTP internal way to deal with this?  Or an
>external way (i.e. control program)?  Or do I simply shoot the NTP process
>restart every time my address moves?

(The following is what I've understood of the problem. I'm no expert
at this level, though.) If there is a network connection while ntpd
is started, it binds to the specific addresses then present. When your
IP address changes, those sockets stop working. If _no_ network
connection is present when starting ntpd, it binds to a blanco socket
and this continues to work even when the IP address changes later (or
so I've understood).

There are several solutions, some better than others. If you have a
strict desktop environment and turn your machine off when you don't
use it, you may well be able to start ntpd before making your Internet
connection. Restarting ntpd when it stops working is also an option.

The most elegant option in some ways is also the most work and the
hardest to configure. When that IP address changes, you can remove
and recreate the associations with all your higher-stratum servers.
But you either need hooks for detecting this, or you'd have to monitor
for it. Adding and removing server associations can be done through
ntpdc but it requires authentication to work, meaning not only that
it must be enabled, which it is by default, but you must have valid
keys present, and you don't get those by default. The beauty of this
option is mainly that it doesn't lose the knowledge the running ntpd
has built up about your base clock.

Maarten Wiltink

More information about the questions mailing list