[ntp:questions] Re: Connect problem 4.1.2-4 redhat server

t_pascal at my-deja.com t_pascal at my-deja.com
Mon Aug 15 16:49:37 UTC 2005


t_pascal at my-deja.com wrote:
> >Please see http://ntp.isc.org/Support/AccessRestrictions for information
> >about how to control access to your ntpd.
> >
>
> This was a good resource, and I was hopeful it would fix a strange
> problem I have.
>
> Server:  RedHat ES3, ntp 4.1.2-4, address 192.168.100.a
> Per the suggestion in the document, I tried this "restrict 192.168.0.0
> mask 255.255.0.0 nomodify"
>
> Client1:  RedHat 7.3 kernel 2.4.30, ntp 4.1.1-2 address 192.168.100.b
> Client2:  RedHat ES3, ntp 4.1.2-4, address 192.168.101.c
> Client3:  RedHat 7.3 kernel 2.4.30, ntp 4.1.1-2 address 192.168.101.d
>
> Server connects to external (internet) servers and synchs well via
> firewall.
> Client1 connects to Server perfectly and syncs well, with or without
> "notrust" option.
> Client2 cannot connect to Server at all, tried every number of options
> and settings.  NOT A ROUTING or FIREWALL ISSUE, believe me.  Packets
> are received on Server, but nothing happens.
> Client3 can sync the time with ntpdate, but not with ntpd.  This is
> some further proof that there is no routing or firewall issue, but
> makes the problem extremely strange.
>
Sorry to self-followup, but I reversed Client2 and Client3.  Basically,
the two versions cooperate fully on the same subnet.  The 4.1.2 server
will reply to a 4.1.2 client via ntpdate ONLY (across a different
subnet).  The 4.1.1 clients are totally ignored across subnets (but
work fine on the same subnet as noted).

> Any help, other the version numbers?  I am using standard RedHat issued
> software for the ES servers, but I suppose I can downgrade to 4.1.1 (if
> that will help?)  Or do I upgrade?  Note that upgrading to 4.1.2-4 on
> the 7.3 servers would break them.  :(
>
I wasn't clear enough here.  Downgrading my clients to 4.1.1 would only
work on the same subnet.  Upgrading clients to 4.1.2 on different
subnets only gets a reply to ntpdate and would prefer to use ntpd to
discipline the clocks.




More information about the questions mailing list