[ntp:questions] Re: cant connect to ntp server

Steve Kostecke kostecke at ntp.isc.org
Thu Jun 9 17:42:31 UTC 2005


On 2005-06-08, Sachin Prasad <sprasad at cardcommerce.com> wrote:

> 1) I need help. Don't know what to do next. The ntp server does
>not connect to any servers. I modified the checkpoint firewall to
>allow both tcp and udp port 123 for my machine. I then configured the
>ntp.conf file

Assuming that you have included all of your ntp.conf, I've omitted the
comments for legibility...

> driftfile /etc/ntp/drift
> logfile /var/log/ntpd.conf
>
> restrict 127.0.0.1
> restrict 10.253.32.0 mask 255.255.255.0 notrust nomodify notrap

Your restrict statements make no sense as you've not specified
(or perhaps you just omitted it) a default restriction. Take another
look at your ntp.conf and see if there is a 'restrict default ignore'
line any where.

Please see http://ntp.isc.org/Support/AccessRestrictions for information
about setting your ntpd access restrictions. In particular, see the
section about the change of meaning for 'notrust'.

You should append 'iburst' to your server lines for faster initial
synchronization.

> server time.nist.gov
> server clock.via.net

These two time servers are stratum-1 time servers. According to the
Rules of Engagement (http://ntp.isc.org/Servers/RulesOfEngagement) you
should not be using stratum-1 time servers unless you're supporting a
sizable population of other servers and clients on the order of 100 or
more.

> server 66.187.224.4
> server clock.isc.org
> server clock.redhat.com
>
> #server 127.127.1.0     # local clock
> fudge   127.127.1.0 stratum 10

If you're not using the LocalCLK go ahead and comment out its fudge
line.

You don't need the following lines unless you are using broadcast
associations and/or symmetric keys for authentication:

> broadcastdelay  0.008
> authenticate yes
> keys            /etc/ntp/keys

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/



More information about the questions mailing list