[ntp:questions] Why does ntp keep changing my conf file?

Martin Burnicki martin.burnicki at meinberg.de
Tue Sep 21 07:38:18 UTC 2010


Rob wrote:
> Daniel Havey <dhavey at yahoo.com> wrote:
>> Did you mean between my testbed and ntp.aero.org/dns.aero.org (the
>> servers in my ntp.conf file)?  There could be a firewall there but then I
>> shouldn't be able to do this:
>> [dhavey at node0 ~]$ sudo ntpdate ntp.aero.org
>> 16 Sep 11:31:08 ntpdate[13121]: adjust time server 130.221.24.100 offset
>> 0.017606 sec
>>
>> I don't think it is a firewall issue.
> 
> When you do "ntpdate" it sends from a high port number to port 123
> on the timeserver, and the timeserver replies from port 123 to your
> high port number.

No, by default ntpdate also sends via port 123. This is to protect from
unintentionally setting the system time if ntpd is already running:

# ntpdate ntp_server
21 Sep 09:26:37 ntpdate[3295]: the NTP socket is in use, exiting

Only if you use one of the options -q (query only), -u (unprivileged port),
or -d (debug) then ntpdate sends its requests from an unprivileged port.

> When you use "ntpd" it sends from port 123 to port 123 on your timeserver,
> which replies back to port 123.
> 
> When your firewall or some other firewall in your network blocks traffic
> to port 123 or to all low portnumbers, you will find that ntpdate works
> ok but ntpd won't.

No, ntpdate can be used to test both.

Martin
-- 
Martin Burnicki

Meinberg Funkuhren
Bad Pyrmont
Germany




More information about the questions mailing list