[ntp:questions] systems won't synchronize no matter what

Steve Kostecke kostecke at ntp.org
Wed Oct 27 00:47:56 UTC 2010

On 2010-10-22, Florin Andrei <florin at andrei.myip.org> wrote:

> Config file:

The real issue is the last line in your configuration file...

> server iburst
> server iburst
> server # local clock
> fudge stratum 10

The Undisciplined Local Clock driver (127.127.1.x) is not a backup. It
merely allows ntpd to claim to be synced to a time source when it is
actually free-wheeling.

In most cases the Undisciplined Local Clock should only be used by an
ntpd which must serve time to others even when no time sources are
reachable (or available).

> driftfile /etc/ntp/drift

It is usually considered bad form to allow daemons to write to the /etc
directory. A better place for the drift file is somewhere under /var.

> restrict mask
> restrict mask nomodify notrap

nomodify == "Do not allow this host/subnet to modify the ntpd settings
even if they have the correct keys." By default ntpd requires
authentication with symmetric keys for modifications made with ntpdc. So
if you don't configure symmetric keys for your ntpd, or keep them
properly safeguarded, you don't need to use 'nomodify' unless you are
concerned that the NTP authentication scheme might be compromised or
that someone might start ntpd with -A."

notrap == "Do not allow this host/subnet to request a monitoring trap
(similar to an SNMP trap)."

> restrict default ignore

Your default restriction line is telling ntpd to ignore all NTP packets.
This includes your remote time servers. The only NTP packets which are
being allowed in/out are for and This is why
these three systems won't sync.

At a minimum you should add a restrict line for each of your time
servers which sets "relaxed" restrictions. e.g.

restrict noquery
restrict noquery

You could also set a reasonable default restriction which allows only
global time service. Then relax the restrictions for localhost and your
You may wish to review

Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/

More information about the questions mailing list