[ntp:questions] systems won't synchronize no matter what

unruh unruh at wormhole.physics.ubc.ca
Thu Oct 28 17:42:46 UTC 2010


On 2010-10-28, Florin Andrei <florin at andrei.myip.org> wrote:
> On 10/28/2010 03:11 AM, unruh wrote:
>>
>> Similaraly why are those local servers there in the first place? (That
>> one I blame the distro maintainer's for since they are the ones tht have
>> have the localclock in there often).
>> A distro's conf file should simply have three pool servers listed and
>> that is it, and most people would be happy).
>
> Here's the default ntp.conf that comes with CentOS 5, I assume all Red 
> Hat derivatives are very similar or identical:
>
> #################################################################
> # Permit time synchronization with our time source, but do not
> # permit the source to query or modify the service on this system.
> restrict default kod nomodify notrap nopeer noquery
> restrict -6 default kod nomodify notrap nopeer noquery
>
> # Permit all access over the loopback interface.  This could
> # be tightened as well, but to do so would effect some of
> # the administrative functions.
> restrict 127.0.0.1
> restrict -6 ::1

?? Again, I would get rid of all of the restrict lines.


>
> # Hosts on local network are less restricted.
> #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
>
> # Use public servers from the pool.ntp.org project.
> # Please consider joining the pool (http://www.pool.ntp.org/join.html).
> server 0.centos.pool.ntp.org
> server 1.centos.pool.ntp.org
> server 2.centos.pool.ntp.org
>
> #broadcast 192.168.1.255 key 42		# broadcast server
> #broadcastclient			# broadcast client
> #broadcast 224.0.1.1 key 42		# multicast server
> #multicastclient 224.0.1.1		# multicast client
> #manycastserver 239.255.254.254		# manycast server
> #manycastclient 239.255.254.254 key 42	# manycast client
>
> # Undisciplined Local Clock. This is a fake driver intended for backup
> # and when no outside source of synchronized time is available.
> server	127.127.1.0	# local clock
> fudge	127.127.1.0 stratum 10	

Complete lunacy.
It is NOT backup. It is not something that is useful for anything except
to fool other machines into thinking you are synchronized when you are
not. 


>
> # Drift file.  Put this in a directory which the daemon can write to.
> # No symbolic links allowed, either, since the daemon updates the file
> # by creating a temporary in the same directory and then rename()'ing
> # it to the file.
> driftfile /var/lib/ntp/drift
>
> # Key file containing the keys and key identifiers used when operating
> # with symmetric key cryptography.
> keys /etc/ntp/keys
>
> # Specify the key identifiers which are trusted.
> #trustedkey 4 8 42
>
> # Specify the key identifier to use with the ntpdc utility.
> #requestkey 8
>
> # Specify the key identifier to use with the ntpq utility.
> #controlkey 8
> #############################################################
>




More information about the questions mailing list