[ntp:questions] Problems with NTP
david.barton at eldon.co.uk
Tue Jan 18 16:05:47 UTC 2005
I'm trying to set up an internal time-server to sync time across 12-15
servers running time-critical apps. These servers don't need accurate
time, they just all need to have the SAME time (to within about
My first thought was to peer all the servers (which are an isolated
network with no access to the internet OR our local intranet) and let
them sort themselves out. Then it was decided that the clients that
use these servers (which are on our intranet) need to have the same
time as the servers.
I built a Red Hat 9 Linux box (lets call it ELD-TERASTORE (ET) for
that is it's name) and dual homed it to the isolated network 18.104.22.168
and the intranet 10.202.0.0. I installed ntp on the box and set it to
peer with our Domain Controller to get time (the DC gets time from a
pair of GPS-based NTP boxes in the US). All this is internal, we have
no open access to the internet.
Here is my ntp.conf file on ET;
server 10.202.200.15 prefer
restrict default ignore
restrict 10.202.200.15 noquery notrap
restrict 127.0.0.1 nomodify
restrict 22.214.171.124 mask 255.255.255.0 nomodify nopeer
restrict 10.202.0.0 mask 255.255.0.0 nomodify nopeer
I have not had any experience of NTP before and I've only had time for
a brief look at the official documentation.
Anyway, the servers in question can query my timerserver (ET) when the
ntpd service is first started. NTP on ET seems to track the time on
the timeserver, but slowly becomes less and less accurate. Over the
course of a day, it can drift out as much as 1-2s. At some point
during this process, the NTP server becomes unavailable. I use ntpdate
every 10 minutes on the clients to get time from the server. This
works fine for a while, then I start getting "no NTP server suitable
for synchronisation found" errors.
When I check my logs, the clients are seeing the server as Stratum 16
and bailing, but it works for a while first. I just don't get it.
remote refid st t when poll reach delay offset
eld-europedc1.e 10.1.216.131 2 u 49 64 377 0.294 148.599
Anyone got any ideas?
More information about the questions