[ntp:questions] Reachable and rejected
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Sep 10 23:23:09 UTC 2008
Dave Close wrote:
> I hope I didn't miss an easy answer while reading the FAQ, list archive,
> and other documents online. I have some systems which are separated from
> their time servers by a NAT proxy. Those which are not separated seem to
> work just fine but those beyond the proxy don't keep time correctly. For
> example, on one of them I got this output:
> # ntpq -p
> remote refid st t when poll reach delay offset jitter
> server-1 172.16.2.5 2 u 52 64 377 2.022 -41630. 19.566
> server-2 172.16.2.5 2 u 6 64 377 2.121 -41601. 19.996
> # ntpq -c as
> ind assID status conf reach auth condition last_event cnt
> 1 20192 9024 yes yes none reject reachable 2
> 2 20193 9024 yes yes none reject reachable 2
> Those time servers aren't ideal but they are beyond my control and these
> are the only two I have available. The local firewall won't let me use
> servers on the Internet.
> What I haven't found while reading is how it is possible for a server to
> be both reachable and rejected. Note that the reject condition is not
> constant; the servers are accepted occasionally, but not for very long.
> Can this situation be remedied?
I would START by setting the correct time on each machine. You can
either start ntpd with the "-g" switch, or you can use ntpdate to set
the time. Without doing one or the other I doubt that your machine will
Please try this, wait for at least 30 minutes, and then issue:
and report your results.
More information about the questions