[ntp:questions] Some issues about NTP ( Server 2008R2)

E-Mail Sent to this address will be added to the BlackLists Null at BlackList.Anitech-Systems.invalid
Tue Jun 3 22:13:30 UTC 2014


hschulla at gmail.com wrote:
> Here my configuration file:
> restrict default nomodify notrap nopeer noquery
> # But allow local tools like ntpq full access:
> #restrict 127.0.0.1
> # if you are using IPv6 on this machine, please uncomment
the following lines:
> # restrict -6 default nomodify notrap nopeer noquery
> # restrict -6 ::1

Without those restrict lines you might have issues using ntpq. Try:
restrict -4 default limited kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 default limited kod nomodify notrap nopeer noquery
restrict ::1
restrict 224.0.1.1 mask 255.255.255.255 nomodify
restrict 192.168.0.0  mask 255.255.255.0 nomodify
restrict source nomodify


> server 127.127.1.0
> fudge 127.127.1.0 stratum 12

Get rid of both of those above, likely a lot of your issues,
  with the internet ntp servers getting discarded.
 If you still have reach issues after that, check the firewall on the device,
  as well as the LAN firewall(s) &/or router(s) Port 123 restrictions.


>  server 192.168.0.30 iburst
>  server 192.168.0.31 iburst
>  server 0.at.pool.ntp.org iburst
>  server 1.at.pool.ntp.org iburst
>  server 2.at.pool.ntp.org iburst
>  server 1.de.pool.ntp.org iburst
>  server 2.uk.pool.ntp.org iburst

If you are using a more recent version of ntp (4.2.7 circa 2010Apr or newer),
 you can use pool, instead of server, e.g.

server 192.168.0.30 iburst preempt
server 192.168.0.31 iburst preempt
pool at.pool.ntp.org iburst preempt
pool europe.pool.ntp.org iburst preempt #See: <http://www.pool.ntp.org/zone/europe>




I you have several clients &/or servers on the same LAN,
 you might want to try adding e.g.:

keys "C:\Program Files\NTP\etc\ntp.keys" # e.g. contains: 123 M YOUR_MD5_KEY
trustedkey 123
tos cohort 1 orphan 11
broadcast 224.0.1.1
broadcastclient
multicastclient 224.0.1.1 key 123 preempt
manycastserver 224.0.1.1
manycastclient 224.0.1.1 key 123 preempt


-- 
E-Mail Sent to this address <BlackList at Anitech-Systems.com>
  will be added to the BlackLists.



More information about the questions mailing list