[ntp:questions] Re: asyncronous path between "time client" and ntp server

Richard B. Gilbert rgilbert88 at comcast.net
Mon Oct 10 18:04:16 UTC 2005

Bob Beers wrote:

>Hello list,
>My "time client" and my ntp server are both NAT'd and can only reach each
>other via their public IP addresses. They seem to be on different private
>192.168.x.y networks.
>server inet addr: <>
>client inet addr: <>
>My ntp server gets time info from pool.ntp servers and is looking ~ok to me:
># ntpq -p
>remote refid st t when poll reach delay offset jitter
>*gabe.kjsl.com <http://gabe.kjsl.com> <> 2 u
>935 1024 377 181.340 5.539 0.125
>+ns3.dns.pciwest <> 2 u 1022 1024 377
>186.187 3.159 1.155
>rrcs-24-172-8-1 .STEP. 16 u - 1024 0 0.000 0.000 4000.00
That does not look "fine" to me.    You have only three servers 
configured which is ok until something happens to one of them, which it 
has.   rrcs-24-172-8-1 is not responding!   So you are down to two 
servers, one of which has a round trip delay of 186 milliseconds and the 
other has a delay of only 180 milliseconds.

Do try to find some servers a little closer to you in net space.   180 
milliseconds of round trip delay means that the potential error in the 
time you receive is 90 milliseconds.  Hopefully the actual error is less 
than that but you are leaving yourself wide open.   Try to find at least 
four of them.    Unless your internet connection is a 1200 baud dial-up 
modem, you should be able to find servers with delays under 30 milliseconds.

ISTR that the pool.ntp servers can be specified by region which might 
help you find servers a little closer to home.

>When I traceroute between my client and server, I do not see a common public
>NAT IP address, so I strongly suspect an asynchronous path between the two.
Post your ntp.conf file.

More information about the questions mailing list