[ntp:questions] Three NTP servers, one strange IP-address in 'refid'
Sander Smeenk
ssmeenk at freshdot.net
Wed Apr 2 07:48:26 UTC 2014
Quoting E-Mail Sent to this address will be added to the BlackLists (Null at BlackList.Anitech-Systems.invalid):
> > if i check 'ntpq -c lpeers' on one of the three stratum-2 servers i
> > see an IP-address listed as 'refid' for the 'peer'-entries in my
> No, its in ntp{1,2,3}.bit.nl's .conf, or via DHCP
> or ntp{1,2,3}.bit.nl ntp servers got it via a pool command.
> Why are you using ntp{1,2,3}.bit.nl / dns{1,2,3}.dns.dmz.bit.nl servers?
> Why do you care what ntp{1,2,3}.bit.nl / dns{1,2,3}.dns.dmz.bit.nl
> respond with for their refclock?
I am root at ntp{1,2,3}. I am the sysadmin of ntp{1,2,3} and tt52.ripe.net.
I have 15 years of experience with Linux, networks, routing, the works.
I care what these servers report as refid because i administer them and
my users notified me about this weird IP-address.
> > no traffic is flowing to- or from that IP either.
> You won't see packets between ntp{1,2,3}.bit.nl and it's upstream server(s).
> Unless you can monitor the switch mirror port inside bit.nl,
> or packet cap on the ntp{1,2,3}.bit.nl machine,
Again, and i thought i made this clear in my earlier posts too, i have
root on all these servers and i have enable on all routers in the BIT
network.
> e.g. you are a bit.nl NOC SysAdmin? If you were, I suspect you would
> already know why their ntp server report 172.2.53.81 as their
> reference.
I am a BIT NOC SysAdmin, and i don't know why my NTP-servers report
172.2.53.81 as refid for the *PEER* entries in my ntp.conf.
Please read the entire thread of mails before making these assertions.
> "NTP servers: ntp1.bit.nl and ntp2.bit.nl This stratum 2 servers are
> synchronized with our stratum-1 server receives the right time via
> GPS."
>
> I guess it could also be a IPv6 ref mangling issue?
That could well be. We use IPv6 where we can.
But that would constitute this refid issue a bug.
One that is rather confusing and time-consuming.
> > Also, as stated, the IP resolves to some DSL connection in
> > the US and doesn't appear to provide any NTP services.
> Maybe not for you?
> 172.2.53.81 -> adsl-172-2-53-81.dsl.aus2tx.sbcglobal.net > 172.2.53.81
> Maybe a router recently port 123 blocked by the ISP
> due to NTP DDOSability at the time?
What does this prove? That you can resolve IPs and hostnames?
The IP does *not* reply NTP to me. Since i have enable on all my
routers, i am fairly certain i am not blocking NTP anywhere.
> > Since dns1/ntp1 lpeers output shows its sys.peer(*) is tt52.ripe.net
> > (ntp4.bit.nl, as configured) that would be the suspect for reporting
> > the 172.2.53.81 IP.
> tt52.ripe.net is your machines sys peer,
> not ntp{1,2,3}.bit.nl sys peer.
Please re-read the entire thread to get a firmer grasp of my situation.
Thanks for your time.
With regards,
-Sndr.
--
| Women like silent men, they think they're listening.
| 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7 FBD6 F3A9 9442 20CC 6CD2
More information about the questions
mailing list