[ntp:questions] Re: synchronization failed
kostecke at ntp.isc.org
Mon Nov 1 20:40:23 UTC 2004
On 2004-11-01, Vincent Blondel <vincent.blondel at chello.be> wrote:
> FreeBSD (Public Server)
> server ntp1.belbone.be prefer
> server ntp2.belbone.be
> driftfile /var/db/ntp.drift
> restrict 192.168.1.16 mask 255.255.255.240 notrust nomodify notrap
notrust means "ignore packets which are not cryptographicly
authenticated" _and_ only applies to associations in which your ntpd is
the client. notrust is meaningless in this context.
You should add 'iburst' to your server lines so that you get faster
server ntp1.belbone.be iburst prefer
server ntp2.belbone.be iburst
Then start ntpd on this machine and 'watch ntpq -p' until you see a '*'
in the left column (that indicates which remote time server you are
synced to). If you see iburst you should see the '*' in ~15-30 seconds.
Once your public server is synced to a remote time server you are ready
to serve time to your corporate machines.
> Mandrake (Corporate Machine)
> restrict default noquery notrust nomodify
notrust is meaningless here because it applies only to the association
with 192,168.1.19, which you've exempted from the default restriction.
> restrict 127.0.0.1
> restrict 192.168.1.16 mask 255.255.255.240
> restrict 192.168.1.19
> server 192.168.1.19
> driftfile /etc/ntp.drift
> logfile /var/log/ntp.log
> error messages on the console (when I run ntpdate)
> host found : sbegfxab
> 1 Nov 18:45:50 ntpdate: no server suitable for synchronization
ntpdate is deprecated. Please consider starting ntpd with the '-g'
If you must use ntpdate make sure that it is being invoked with a valid
time server hostname (e.g. 'ntpdate ntp1.belbone.be').
ntpd will abort if your system clock is more than 1000 seconds off
unless you use the '-g' option or sucessfully invoke ntpdate before
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Support Project - http://ntp.isc.org/
More information about the questions