[ntp:questions] No synchronization !

Steve Kostecke kostecke at ntp.isc.org
Thu Nov 4 15:21:24 UTC 2004


On 2004-11-04, Izo <I at siol.net> wrote:

> Folkert van Heusden wrote:
>
>> check that your firewall allows port 123 (UDP) in both directions
>
> I have been thinking about opening the port on the firewall but it
> confused me the fact that the workstation which is behind the same
> firewall as the server actually gets synchronized - to the outside
> servers not only to my internal.

The 'ntpq -p' output in your original message does _not_ show that your
workstation is synced to any out side servers.

This shows that your server's ntpd is using the LocalCLK as a refclock
because your remote time servers are unreachable (most likely because of
the firewall problem mentioned by Folkert):

Server ntpq -p:

      remote       refid      st t when poll reach   delay   offset jitter
==========================================================================
*LOCAL(0)        LOCAL(0)     10 l   39   64  377    0.000    0.000 0.015
<snip: 4 remote time servers stuck in .INIT.>

This shows that your workstation is synced to your server (which is
using its LocalCLK as a refclock):

Workstation ntp -q:

      remote       refid      st t when poll reach   delay   offset jitter
==========================================================================
 LOCAL(0)        LOCAL(0)     10 l   43   64  377    0.000    0.000 0.001
*sammy.k106      LOCAL(0)     11 u  249 1024  377    1.975    0.150 0.821

If ntpd on your firewall is unable to contact any remote time servers it
is highly unlikely that any systems behind that firewall can contact
remote time servers.

The solution is to open port 123/UDP to, at least, allow in packets in
response to internal requests.

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Support Project - http://ntp.isc.org/



More information about the questions mailing list