[ntp:questions] NTPD not receiving any response from timservers

lingsmail at gmail.com lingsmail at gmail.com
Mon Nov 6 22:52:03 UTC 2006


On Nov 6, 9:38 pm, p... at hedeland.org (Per Hedeland) wrote:
> In article <1162844895.422061.160... at k70g2000cwa.googlegroups.com>
>
> lingsm... at gmail.com writes:
>
> >I'm trying to set up NTPD on a gentoo box to serve time to my network.
> >Needless to say, it's not working.
<snip>
> I think that you can guess that for a normally functioning server, there
> would be some number of "receive"s reported along with the "transmit"s
> (ideally the numbers should be the same...) - and that would happen
> regardless of whether the packets were subsequently discarded due to
> "restrict" statements. I.e. your ntpd is simply not receiveing any
> responses to its queries - not a ntpd problem.
>

Thanks for the speedy response.

I have just tested it running against a different ntp server in the
network (fudged to itself, if that's the correct terminology!), and it
does indeed 'receive' some messages from it.
transmit: at 1 192.168.1.200->192.168.1.8 mode 3
receive: at 1 192.168.1.200<-192.168.1.8 mode 4 code 1 auth 0
peer 192.168.1.8 event 'event_reach' (0x84) status 'unreach, conf, 1
event, event_reach' (0x8014)
clock_filter: n 1 off 1.256802 del 0.000628 dsp 7.937501 jit 0.000001,
age 0
transmit: at 2 62.56.76.120->158.152.1.76 mode 3
transmit: at 3 62.56.76.120->81.187.65.110 mode 3peer 192.168.1.8 event
'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach'
(0x8014)
clock_filter: n 1 off 1.256802 del 0.000628 dsp 7.937501 jit 0.000001,
age 0
transmit: at 2 62.56.76.120->158.152.1.76 mode 3
transmit: at 3 62.56.76.120->81.187.65.110 mode 3
transmit: at 4 62.56.76.120->213.170.141.38 mode 3
...

aside from the other transmits not receiving a response, does that look
ok?  If so, then it must be some kind of internet connectivity problem.

> >I have iptables running, and although I believe as long as established
> >connections are allowed through it should need no special
> >configuration, it my first port of call.  However, after flushing and
> >setting its default policy to accept for everything, the results were
> >no different.  I am not an iptables wizard though, so could have missed
> >something.Yes, iptables or equivalent is a primary suspect, and yes, flushing and
> setting default policy to accept for everything should deal with that.
> Perhaps there is some other packet filtering going on, e.g. at the
> router that connects you to the Internet?

If this was the case, wouldn't ntpdate also fail?  This machine (and
this iptables) /is/ the router that connects me to the internet.

>
> >As an aside, how do I prevent ntpd from listening on a particular
> >interface?
> You can't, search the group archives for lengthy discussions on the
> subject. But you can use iptables to block packets coming in on
> interfaces where you don't want them to come in...

That is what I have it currently set up as, I only asked as I noticed
it binding to an interface/port that I know it will never receive a
request on (because of the iptables policy), and thought that was a bit
pointless.  No harm in it though I suppose.

--
Ling




More information about the questions mailing list