[ntp:questions] Re: Simple ntp setup, but network issue

Richard B. Gilbert rgilbert88 at comcast.net
Tue Aug 29 20:57:28 UTC 2006


Jeff Boyce wrote:

> Greetings -
> 
> I am still working (when I have spare time) on diagnosing my problem 
> communicating with an ntp server.  As people helpfully pointed out to me 
> last week, from my ntpq results (see below) it appears that I have a 
> network communication problem and I should do some type of network trace 
> to see what is occurring.
> 
> [root at Bison root]# ntpq -p
>     remote           refid      st t when poll reach   delay   offset
> jitter
> ============================================================================== 
> 
> rainforest.neor 0.0.0.0         16 u    - 1024    0    0.000    0.000
> 4000.00
> *LOCAL(0)        LOCAL(0)        10 l   21   64  377    0.000    0.000
> 0.008
> 
> A partial listing of the tcpdump showing three pings and starting the 
> ntp service is below.  I don't know how to interpret all of this, but am 
> assuming that the two lines I have marked indicate my problem.  I am not 
> sure exactly what this tells me or how to fix it, so I am hoping to get 
> some experienced guidance from the list here.  The address 
> 192.168.112.10 is my dsl modem which serves as my network gateway, bison 
> is my linux server.
> 
> Partial output of tcpdump
> Sent 3 Pings to rainforest.neorack.com
> 11:31:41.839155 bison > rainforest.neorack.com: icmp: echo request (DF)
> 11:31:41.840913 jeff.1651 > bison.ssh: P 208:260(52) ack 221 win 65179 (DF)
> 11:31:41.880647 bison.ssh > jeff.1651: . ack 260 win 8576 (DF) [tos 0x10]
> *** 11:31:42.150646 arp who-has 192.168.112.10 tell bison
> *** 11:31:42.150939 arp reply 192.168.112.10 is-at 0:15:5:4f:ec:6f

The above two lines do not appear to be a problem.  ARP is Address 
Resolution Protocol.  In English, "Which one of you guys is 
192.168.112.10?"  and the reply "It's me; my MAC address is 
0:15:5:4f:ec:6f".  Now, whoever asked the question knows where to send 
messages addressed to 192.168.112.10.
> 11:31:42.850665 bison > rainforest.neorack.com: icmp: echo request (DF)
> 11:31:43.163271 0.00:40:8c:55:57:34.4000 > 
> 0.ff:ff:ff:ff:ff:ff.452:ipx-sap-req 4
> 11:31:43.850660 bison > rainforest.neorack.com: icmp: echo request (DF)
> 11:31:44.162307 0.00:40:8c:55:57:34.4000 > 
> 0.ff:ff:ff:ff:ff:ff.452:ipx-sap-req 4
> 11:31:45.162242 0.00:40:8c:55:57:34.4000 > 
> 0.ff:ff:ff:ff:ff:ff.452:ipx-sap-req 4
> 

I don't see any indication that rainforest.neorack.com replied to your 
pings (ICMP Echo Request).  Which says that either:
a. The ping never reached rainforest, or
b. The reply from rainforest never made it back.

> Started ntp service
> 11:32:02.030685 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:02.102846 jeff.1661 > bison.10000: . ack 9983 win 65497 (DF)
> 11:32:03.030690 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:04.030667 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:05.030668 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:06.030670 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:07.030662 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:08.030670 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 11:32:09.030669 bison.ntp > rainforest.neorack.com.ntp: v4 client strat 
> 0 poll 4 prec -6 (DF)
> 
> I don't know if I need to make a configuration change in my linux server 
> or in my gateway dsl box (an ActionTec appliance from Qwest).  Below is 
> the routing table and the hosts file for my server, if that helps.  I 
> also have the option of setting up Static Routes or Port Forwarding on 
> the software in the dsl appliance, but I don't know what needs to be 
> changed or the most appropriate place to change the configuration if 
> there are options.  Advice on this issue would be most appreciated, 
> especially if I can learn something new that prevents me from running 
> into similar problems in the future.  I am a novice linux administrator 
> so please give me the basics with some explanation.  Thanks.

I'd say you need to fix your gateway.  I'm not familiar with it but 
normally such a box keeps your internal traffic off the phone line and 
passes stuff addressed to networks other than 192.168.112.  It may also 
act as a firewall and block some addresses, ports, or protocols. 
Normally a firewall would not pass in anything that was not seen as a 
response to an outgoing message (stateful packet inspection).  Such 
boxes are generally configurable; usually with a web interface.  The 
better ones generally come with instructions.  You may be able to find 
some documentation on the web if you didn't get any with the box.
> 
<snip>




More information about the questions mailing list