[ntp:questions] offline machines' time synchronization
Ron Frazier (NTP)
timekeepingntplist at techstarship.com
Wed May 23 15:10:36 UTC 2012
Hi Ali,
If you're running Windows, you have to go into the firewall control
panel on the server machine and allow an exception for ntpd to receive
data queries through the firewall. There may be similar procedures you
have to do on Linux.
See the lines below to insert into ntp.conf for security purposes.
Anyone else with expertise jump in and explain those. I got them from
elsewhere.
See if you can ping your server machine from the second machine after
you've adjusted the server firewall. As long as you have a hardware
firewall between you and the internet, you can turn the server software
firewall off temporarily for testing. Be sure to turn it back on later.
Make sure the server machine always gets the same IP address from the
router. You may have to go into the router setup and reserve that MAC
address and that IP address, unless you're using fixed manual IP's.
Make sure you don't have something like "wireless isolation" turned on
in the router, which doesn't allow peers to talk to each other.
Make sure the client or server machines aren't logging into the wireless
"guest login" of the router, as these can usually only talk to the internet.
If you're using a hardwired connection, some of the above doesn't
apply. In that case, make sure both machines are plugged into the same
switch, and into the LAN ports, as opposed to WAN ports.
If your client machine can talk to the server machine at all, someone
else here can tell you how to use ntpq and other utilities for
troubleshooting.
Sincerely,
Ron
--------------------------
Insert these lines into ntp.conf for security. Anything with a # sign
is a comment. These can go in the file too.:
##############################################################################
### security restrictions
### By default, exchange time with everybody, but don't allow configuration.
### NEED TO ADD stuff for kod to work.
##############################################################################
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
##############################################################################
### allow unrestricted access from the localhost (so that you may
monitor ntpd
### and perform on-the-fly configuration changes with ntpdc
### Local users may interrogate the ntp server more closely.
##############################################################################
# IPv4
restrict 127.0.0.1
# IPv6
restrict -6 ::1
On 5/22/2012 7:12 PM, Ali Nikzad wrote:
> Hi,
>
> I have a couple of offline systems and they are all in the same network. I
> want to chose one of them as time server and the others sync their time
> with that machine.
> This is the configuration file for the server:
>
> #ip: 192.168.17.11
> server ntp.ubuntu.com
> driftfile /etc/ntp.drift
>
> and this configuration file is for one of the clients:
>
> #ip: 192.168.17.22
> server 192.168.17.11
> driftfile /etc/ntp.drift
>
> As I said both of the machines are offline and I just want
> to synchronize the timing between the machines.
> This configuration doesn't seem to be working.
> Can you help me with this?
>
> Thanks,
> Ali
> _______________________________________________
> questions mailing list
> questions at lists.ntp.org
> http://lists.ntp.org/listinfo/questions
>
>
--
(To whom it may concern. My email address has changed. Replying to former
messages prior to 03/31/12 with my personal address will go to the wrong
address. Please send all personal correspondence to the new address.)
(PS - If you email me and don't get a quick response, don't be concerned.
I get about 300 emails per day from alternate energy mailing lists and
such. I don't always see new messages very quickly. If you need a
reply and have not heard from me in 1 - 2 weeks, send your message again.)
Ron Frazier
timekeepingdude AT techstarship.com
More information about the questions
mailing list