[ntp:questions] systems won't synchronize no matter what

unruh unruh at wormhole.physics.ubc.ca
Thu Oct 28 10:11:38 UTC 2010


On 2010-10-27, Florin Andrei <florin at andrei.myip.org> wrote:
> On 10/27/2010 11:46 AM, Steve Kostecke wrote:
>> On 2010-10-27, Hal Murray wrote:
>>
>>>>> restrict default ignore
>>>>
>>>> Your default restriction line is telling ntpd to ignore all NTP
>>>> packets. This includes your remote time servers. The only NTP packets
>>>> which are being allowed in/out are for 127.0.0.1 and 192.168.3.0/24.
>>>> This is why these three systems won't sync.
>>>
>>> How hard would it be to add some code to check to see if the IP
>>> Address from a server line will get rejected by the restrict
>>> statements and log a warning message?
>>
>> There is already a (better) solution in ntp-dev. Please see
>> http://bugs.ntp.org/show_bug.cgi?id=1568#c1
>
> Yeah, anything along the general lines of the proposals above would be 
> great. Would have saved me a lot of trouble.
>
> I cleaned up ntp.conf and now the NTP clients are syncing up when using 
> the conf file below. Thanks everyone.

The problem is really that people throw lines into their config file
which have no idea whatsoever what they do. (This is even true of
distribution maintainers). Why in the world were those restrict lines
ever there in the first place?
Similaraly why are those local servers there in the first place? (That
one I blame the distro maintainer's for since they are the ones tht have
have the localclock in there often).
A distro's conf file should simply have three pool servers listed and
that is it, and most people would be happy).

>
> ############################################
> server 10.10.16.65 iburst
> server 10.10.16.64 iburst
>
> # excepting the servers from more drastic restrictions
> restrict 10.10.16.64 noquery
> restrict 10.10.16.65 noquery
>
> # allow local queries
> restrict 127.0.0.0 mask 255.0.0.0
>
> # now close the door
> restrict default ignore
>
> driftfile /var/lib/ntp/drift
> ############################################
>




More information about the questions mailing list