[ntp:questions] [Fwd: Re: problems setting up IFF autokey]

Vince jhary at unsane.co.uk
Thu May 3 16:30:56 UTC 2007


Hi Dave,
	To be fair i hadnt noticed that, however today after setting the client
clock with ntpdate I'm seeing

[/usr/local/var/nfsen/profiles/live/upstream1](17:11:47)
{root at prawn}#ntpq -c pe
     remote           refid      st t when poll reach   delay   offset
jitter
==============================================================================
 paste.lon.names .AUTH.          16 u  569   64    0    0.000    0.000
4000.00
[/usr/local/var/nfsen/profiles/live/upstream1](17:11:49)
{root at prawn}#ntpq -c as
ind assID status  conf reach auth condition  last_event cnt
===========================================================
  1 57580  e024   yes   yes   ok     reject   reachable  2
[/usr/local/var/nfsen/profiles/live/upstream1](17:11:51)
{root at prawn}#ntpq -c pe
     remote           refid      st t when poll reach   delay   offset
jitter
==============================================================================
 paste.lon.names 193.39.78.2      3 u    1   64    1    0.307   -0.989
 0.002
[/usr/local/var/nfsen/profiles/live/upstream1](17:11:56)
{root at prawn}#ntpq -c as
ind assID status  conf reach auth condition  last_event cnt
===========================================================
  1 57580  c034   yes   yes   bad    reject   reachable  3
[/usr/local/var/nfsen/profiles/live/upstream1](17:12:03)
{root at prawn}#ntpq -c pe
     remote           refid      st t when poll reach   delay   offset
jitter
==============================================================================
 paste.lon.names .AUTH.          16 u  693   64    0    0.000    0.000
4000.00


and so on, jumping from auth ok to auth bad and back.

I dont suppose their is an OReilly type book on ntp I could dig through?
(couldnt find one when i looked)


Thanks,
Vince

-------- Original Message --------
Subject: Re: [ntp:questions] problems setting up IFF autokey
Date: Thu, 03 May 2007 14:15:03 +0000
From: mills at udel.edu
Organization: University of Delaware
To: questions at lists.ntp.isc.org
Newsgroups: comp.protocols.time.ntp
References: <4638B0BF.6090009 at unsane.co.uk>

Vince,

Did you notice the initial offset was over 200 s? After a few minutes
NTP steps the time ans starts over. Maybe you didn't wait long enough.

Dave

Vince wrote:

> Hi all,
> 	I'm trying to get autokey broadcast working using IFF. I've gone
> through the guide at
> http://ntp.isc.org/bin/view/Support/ConfiguringAutokey but as yet havent
>  had any joy. This being the case i thought I would go back to unicast
> to test IFF autokey.
> My current configs are:
> server:
> ---------------cut------------------------
> restrict default nomodify notrap noquery
> restrict 127.0.0.1
> 
> 
> server 0.pool.ntp.org
> server 1.pool.ntp.org
> server 2.pool.ntp.org
> 
> 
> driftfile /var/lib/ntp/drift
> broadcastdelay  0.008
> 
> crypto pw SECUREPASS
> keysdir         /etc/ntp
> restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap
> ---------------cut------------------------
> 
> Client:
> ---------------cut------------------------
> keysdir /etc/ntp
> crypto pw GROUPPASS
> driftfile /var/db/ntpd.drift
> 
> server 192.168.10.222 autokey
> 
> statsdir /etc/ntp/stats/
> statistics cryptostats
> ---------------cut------------------------
> 
> I have the hostkeys and IFF keys created as per the instructions.
> 
> After about 5 minute i get
> [/etc/ntp](16:19:44)
> {root at prawn}#ntpq -p
>      remote           refid      st t when poll reach   delay   offset
> jitter
> ==============================================================================
>  paste.lon.names 193.225.218.44   3 u   53   64    3    0.354  205748.
>  0.003
> 
> however after about a minute this changes to
> [/etc/ntp](16:20:24)
> {root at prawn}#ntpq -c pe
>      remote           refid      st t when poll reach   delay   offset
> jitter
> ==============================================================================
>  paste.lon.names .AUTH.          16 u   57   64    0    0.000    0.000
> 4000.00
> [/etc/ntp](16:21:03)
> {root at prawn}#ntpq -c as
> ind assID status  conf reach auth condition  last_event cnt
> ===========================================================
>   1 60228  f054   yes   yes   ok     reject   reachable  5
> 
> 
> and it continues like this never giving me a condition of sys.peer,
> sometimes with auth ok sometimes with auth bad.
> 
> Any suggestions how i can take this further?
> If its of any help, the OS of the server is Centos 4.4 while the client
> is FreeBSD 7-CURRENT, the ntpd versions are 4.2.0a at 1.1190-r (server) and
> 4.2.0-a (client)
> 
> Thanks,
> Vince
> _______________________________________________
> questions mailing list
> questions at lists.ntp.isc.org
> https://lists.ntp.isc.org/mailman/listinfo/questions
> 

_______________________________________________
questions mailing list
questions at lists.ntp.isc.org
https://lists.ntp.isc.org/mailman/listinfo/questions



More information about the questions mailing list