[ntp:questions] Re: Can't get Windows/2000 Client to synchronize with my NTP server on CentOS 4.2

Richard B. Gilbert rgilbert88 at comcast.net
Sat Jan 14 02:36:45 UTC 2006


Mark Hansen wrote:

> I'm running Centos 4.2 a machine which acts as my 'network host', in 
> that it
> connects my internal home network to the Internet, provides a firewall 
> (via
> iptables), and other basic services, like NTP. I'm running ntp version 
> 4.2.0.a
>
> I was running RedHat 7.3 before this installation, and all was working 
> fine.
>
> I have tested this without the firewall, to make sure the firewall was 
> not
> the problem. The firewall should not restrict access to/from the 
> network host
> machine and the in-house network.
>
> I have NTP configured to synchronize against three servers, a Statum 2 
> server
> owned by a friend of mine, and two other public NTP servers.
>
> When I run ntpq -p, I can see that my server is properly synchronizing 
> against
> these other servers (also, I can see by looking at syslog that things 
> appear to
> be working).
>
> However, when synchronization software on my Windows/2000 workstation 
> attempts
> to synchronize with my NTP server, it doesn't get a response.
>
> I ran tcpdump on the CentOS machine and watched the NTP UDP port, and 
> saw the
> request come in, but nothing was sent back. On the Windows/2000 
> machine, I've
> run w32tm -test -v -once, and get back the following (this is just a 
> snippet,
> but I think it's the pertinent part):
>
>> BEGIN:NTPTry -- try
>>    BEGIN:ComputeInterval
>>    END  Line 2479
>>    Sending to server  48 bytes...
>>    NTP: didn't receive datagram
>>    Logging event 0x8000000B. 15 min until this event is allowed again.
>>
>>    0x8000000B reported to System Log in Event Viewer
>> END  Line 1951
>> Time source failed to produce usable timestamp.
>
>
> When w32tm is making its attempts, I see the following messages
> in the syslog (when running ntpd with debugging turned on):
>
>> ntpd: input_handler: if=3 fd=7 length 48 from 0a0a9714 10.10.151.20
>> ntpd: receive: at 16 10.10.151.1<-10.10.151.20 restrict 184
>> ntpd: receive: at 16 10.10.151.1<-10.10.151.20 mode 3 code 2
>> ntpd: addto_syslog: select(): nfound=-1, error: Interrupted system call
>
>
> (10.10.151.1 is my CentOS server machine, running ntpd, and 10.10.151.20
> is my Windows/2000 client machine).
>
> In looking at the source for ntpd, I see that one of the bits represented
> by the "184" is Authentication Required, so I tried running ntpd with the
> -A flag, but this didn't help.
>
> I've tried two additional clients on the Windows/2000 machine, one of
> which allows me to select the protocol version to use, and I tried 4, 
> 3 and
> 2 - with the same result.
>
> I went through some debugging tips found after googling, but these all 
> were
> focused on getting the server to synchronize with its peers, and not 
> about
> problems connecting to the server from clients.
>
> I'll include, below, my configuration file, and would be grateful if 
> someone
> could either spot the problem, or give me a pointer to how I can debug 
> client
> connection problems.
>
> Thanks,
>
> server my-friends-ntp-server prefer
> server ntp1.Level3.net
> server ntp2.Level3.net
>
> driftfile /var/lib/ntp/drift
>
> broadcastdelay 0.008
>
> restrict my-friends-ntp-server-IP mask 255.255.255.255 nomodify
> restrict ntp1-IP mask 255.255.255.255 nomodify
> restrict ntp2-IP mask 255.255.255.255 nomodify
>
> # This is my internal network: 10.10.151.0/24
> restrict 10.10.151.0 mask 255.255.255.0 nomodify notrust notrap
>
> # The local address are unrestricted:
> restrict 127.0.0.1
> restrict 10.10.151.1

I'd suggest either losing the "restrict 10.10.151.0 mask 255.255.255.0 
nomodify notrust notrap" statement, or omitting the notrust, or adding a
"restrict 10.10.152.2 mask 255.255.255.0"  assuming that that is the 
address of the failing client.   Alternatively you could set up some 
form of authentication between your server and your client.




More information about the questions mailing list