[ntp:questions] Servers with identical ntp.conf keep falling out of sync
Richard B. Gilbert
rgilbert88 at comcast.net
Tue Jan 16 13:46:33 UTC 2007
> Hey all, I have two servers in two different datacenters using the same
> To wit:
> # Prohibit general access to this service.
> restrict default ignore
> # Permit all access over the loopback interface. This could
> # be tightened as well, but to do so would effect some of
> # the administrative functions.
> restrict 127.0.0.1
> server 0.us.pool.ntp.org
> server 1.us.pool.ntp.org
> server 2.us.pool.ntp.org
> driftfile /etc/ntp/drift
> The problem is, that the servers keep drifting apart from each other,
> to the degree that DNS TSIG transactions break down. Is there anything
> obvious to try to fix this? Usually when this happens, killing ntpd
> and then running ntpdate will fix it.
Lose the restrict statements! Unless things have changed really
recently, you need to supply an actual numeric IP address in each
restrict statement which you cannot do for a pool server. Restrict
default ignore told your server to ignore the whole world and you didn't
and can't tell it to allow the pool servers!!!!!
More information about the questions