[ntp:questions] Re: cant connect to ntp server
Steve Kostecke
kostecke at ntp.isc.org
Thu Jun 9 17:42:31 UTC 2005
On 2005-06-08, Sachin Prasad <sprasad at cardcommerce.com> wrote:
> 1) I need help. Don't know what to do next. The ntp server does
>not connect to any servers. I modified the checkpoint firewall to
>allow both tcp and udp port 123 for my machine. I then configured the
>ntp.conf file
Assuming that you have included all of your ntp.conf, I've omitted the
comments for legibility...
> driftfile /etc/ntp/drift
> logfile /var/log/ntpd.conf
>
> restrict 127.0.0.1
> restrict 10.253.32.0 mask 255.255.255.0 notrust nomodify notrap
Your restrict statements make no sense as you've not specified
(or perhaps you just omitted it) a default restriction. Take another
look at your ntp.conf and see if there is a 'restrict default ignore'
line any where.
Please see http://ntp.isc.org/Support/AccessRestrictions for information
about setting your ntpd access restrictions. In particular, see the
section about the change of meaning for 'notrust'.
You should append 'iburst' to your server lines for faster initial
synchronization.
> server time.nist.gov
> server clock.via.net
These two time servers are stratum-1 time servers. According to the
Rules of Engagement (http://ntp.isc.org/Servers/RulesOfEngagement) you
should not be using stratum-1 time servers unless you're supporting a
sizable population of other servers and clients on the order of 100 or
more.
> server 66.187.224.4
> server clock.isc.org
> server clock.redhat.com
>
> #server 127.127.1.0 # local clock
> fudge 127.127.1.0 stratum 10
If you're not using the LocalCLK go ahead and comment out its fudge
line.
You don't need the following lines unless you are using broadcast
associations and/or symmetric keys for authentication:
> broadcastdelay 0.008
> authenticate yes
> keys /etc/ntp/keys
--
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions
mailing list