[ntp:questions] Re: Problems with NTP

Ronan Flood ronan at noc.ulcc.ac.uk
Wed Jan 19 13:25:26 UTC 2005


On 18 Jan 2005 08:05:47 -0800, david.barton at eldon.co.uk (DaveB) wrote:

> I'm trying to set up an internal time-server to sync time across 12-15
> servers running time-critical apps. These servers don't need accurate
> time, they just all need to have the SAME time (to within about
> +/-100ms).
> 
> My first thought was to peer all the servers (which are an isolated
> network with no access to the internet OR our local intranet) and let
> them sort themselves out. Then it was decided that the clients that
> use these servers (which are on our intranet) need to have the same
> time as the servers.
> 
> I built a Red Hat 9 Linux box (lets call it ELD-TERASTORE (ET) for
> that is it's name) and dual homed it to the isolated network 192.1.1.0
> and the intranet 10.202.0.0. I installed ntp on the box and set it to
> peer with our Domain Controller to get time (the DC gets time from a
> pair of GPS-based NTP boxes in the US). All this is internal, we have
> no open access to the internet.

Fair enough; you've ended up with some stable reference with GPS there.

> Here is my ntp.conf file on ET;

What version of ntpd are you using?  Might or might not be relevent.

> ----
> server 10.202.200.15 prefer
> 
> restrict default ignore
> restrict 10.202.200.15 noquery notrap
> 
> restrict 127.0.0.1 nomodify
> 
> restrict 192.1.1.0 mask 255.255.255.0 nomodify nopeer
> restrict 10.202.0.0 mask 255.255.0.0 nomodify nopeer
> 
> driftfile /etc/ntp/drift
> ----

Does your drift file get created?  What's in it?
Are you getting any logging information: /var/adm/messages,
/var/log/ntplog, whatever?

> I have not had any experience of NTP before and I've only had time for
> a brief look at the official documentation.
> 
> Anyway, the servers in question can query my timerserver (ET) when the
> ntpd service is first started. NTP on ET seems to track the time on
> the timeserver, but slowly becomes less and less accurate. Over the
> course of a day, it can drift out as much as 1-2s. At some point

That might mean your system hardware clock drifts more than ntpd can
compensate for.

> during this process, the NTP server becomes unavailable. I use ntpdate
> every 10 minutes on the clients to get time from the server. This
> works fine for a while, then I start getting "no NTP server suitable
> for synchronisation found" errors.

I imagine ntpd stops serving time when it is not synchronized to a
time source.

> When I check my logs, the clients are seeing the server as Stratum 16
> and bailing, but it works for a while first. I just don't get it.
> 
> ----
>      remote           refid      st t when poll reach   delay   offset
>  jitter
> ==============================================================================
>  eld-europedc1.e 10.1.216.131     2 u   49   64  377    0.294  148.599
>   0.311
> ----

The space at the front of that line means ntpd has rejected that server
for failing sanity checks, so is not synchronized to anything in this case.
Useful to see the output from the ntpq commands "rl" and "rl &1" when peers
shows this state.

-- 
                      Ronan Flood <R.Flood at noc.ulcc.ac.uk>
                        working for but not speaking for
             Network Services, University of London Computer Centre
     (which means: don't bother ULCC if I've said something you don't like)



More information about the questions mailing list