[ntp:questions] Why does ntp keep changing my conf file?
Daniel Havey
dhavey at yahoo.com
Thu Sep 16 18:31:39 UTC 2010
I've been looking through that /etc/init.d/ntpd script and I have bash on the brain ;^)
But no. No firewall, only iptables and there are no rules. Emulab sets up a VLAN between the two machines. So there are two CentOs 5.4 machines connected to a switch, and there is a VLAN making this their own little world.
Also I just talked to the Emulab admin (sit's behind me ;^) and there is no firewall between the machines unless I set one up.
Did you mean between my testbed and ntp.aero.org/dns.aero.org (the servers in my ntp.conf file)? There could be a firewall there but then I shouldn't be able to do this:
[dhavey at node0 ~]$ sudo ntpdate ntp.aero.org
16 Sep 11:31:08 ntpdate[13121]: adjust time server 130.221.24.100 offset 0.017606 sec
I don't think it is a firewall issue.
--- On Thu, 9/16/10, Rob <nomail at example.com> wrote:
> From: Rob <nomail at example.com>
> Subject: Re: [ntp:questions] Why does ntp keep changing my conf file?
> To: questions at lists.ntp.org
> Date: Thursday, September 16, 2010, 11:05 AM
> Daniel Havey <dhavey at yahoo.com>
> wrote:
> > Well you are right. The init.d script does
> something that rewrites the ntp.conf file. I don't
> understand enough bash to figure it out so I just started
> ntp manually. It doesn't change the ntp.conf ;^)
> >
> > But it doesn't work properly either ;^(
> > First of all this looks fishy:
> > [dhavey at node0 /etc]$ ntpq -p
> > remote
> refid st t when poll
> reach delay offset
> jitter
> >
> ==============================================================================
> > cogsworth.aero. .INIT.
> 16 u - 1024 0
> 0.000 0.000 0.000
> > dns.aero.org .INIT.
> 16 u - 1024
> 0 0.000
> 0.000 0.000
> >
> > Those delay, offset, and jitter values are too good to
> be true and the other machine won't connect:
> > [dhavey at node1 ~]$ sudo ntpdate
> node0.rms01.wgs.sntb.aero.org
> > 16 Sep 10:24:03 ntpdate[25389]: no server suitable for
> synchronization found
> >
> > Hmmm...
>
> There is probably a firewall running that blocks all your
> NTP traffic.
>
> Such an automatically managed system is nice, but when you
> don't understand
> it is is more of a hindrance.
>
> There probably is some checkmark somewhere that tells the
> system to open
> up the firewall for NTP traffic and then the startup script
> for the firewall
> will write a config file just as it did for ntp, containing
> an allow entry
> for UDP port 123.
>
> Now you only need to find where it is.
>
> _______________________________________________
> questions mailing list
> questions at lists.ntp.org
> http://lists.ntp.org/listinfo/questions
>
More information about the questions
mailing list