[ntp:questions] Re: symmetric-active mode (peer) and autokey

Steve Kostecke kostecke at ntp.isc.org
Tue Feb 7 17:07:23 UTC 2006

On 2006-02-06, Peter Pramberger <peter.pramberger at 1012surf.net> wrote:

> is your "test system" still operational? Can you try putting the current
> leapfile on both hosts and tell me the result?

I've run into a bit of difficulty after restarting both peered ntpds:
peer1 is reporting some sort of autokey problem and peer2 just doesn't
accept peer1 at all.

steve at peer1:~$ ntpq -c"rv 38948 flash,flags"      
assID=38948 status=f054 reach, conf, auth, 5 events, event_reach,
flash=200 bad_autokey, flags=0x82721

steve at peer1:~$ ntpq -c"rv 25060 flash,flags" peer2
assID=25060 status=e043 unreach, conf, auth, 4 events, event_unreach,
flash=600 bad_autokey, not_proventic, flags=0x80021

FWIW: I've made several attempts at regenerating fresh keys on both
peers (i.e. wiped the keysdir, used 'ntp-keygen -T -I -p password',
exported the IFFkeys, etc.) to no avail.

Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/

More information about the questions mailing list