ntpd on Red Hat

Jerry Feldman gerry.feldman at compaq.com
Thu Apr 4 16:08:21 EST 2002 

John had ipchains set up. I added port 123. After restarting ntpd there 
does not appear to be any change. 

On 4 Apr 2002 at 13:56, Kent Borg wrote:

> On Thu, Apr 04, 2002 at 01:29:20PM -0500, Jerry Feldman wrote:
> > It appears not to be taking the external servers. In contrast, I've 
> > included the same table from my home system below. (Note that at home I'm 
> > just using some secondary time servers). 
> > 
> > --------------------- BLU Server --------
> > [root at asgard gaf]# /usr/sbin/ntpq -p
> >  
> >     remote           refid      st t when poll reach   delay   offset  
> > jitter
> > ============================================================================
> > ==
> > *LOCAL(0)        LOCAL(0)        10 l   19   64  377    0.000    0.000   
> > 0.000
> >  jj.cs.umb.edu   0.0.0.0         16 u    -   64    0    0.000    0.000 
> > 4000.00
> >  ourconcord.net  0.0.0.0         16 u    -   64    0    0.000    0.000 
> > 4000.00
> >  NAVOBS1.MIT.EDU 0.0.0.0         16 u    -   64    0    0.000    0.000 
> > 4000.00
> >  sirius.ctr.colu 0.0.0.0         16 u    -   64    0    0.000    0.000 
> > 4000.00
> >  mead.harvard.ed 0.0.0.0         16 u    -   64    0    0.000    0.000 
> > 4000.00
> 
> 
> I say network problem, someone is blocking ntp trafffic, but ntpd
> itself is running.  In the above output ntpd managed to talk to itself
> 19 seconds ago, will try again in 45 seconds, and it was successful
> the last 8-times it tried to talk to itself.  Not conclusive, but it
> passes a loopback-level sanity test.
> 
> A fairly generic (non-NATing) firewall where I work doesn't let my
> notebook talk to external ntp servers.  I have not looked at the
> details of the ntp protocol, but I can imagine that the delicate
> requirements for bouncing data back and forth to estimate timings
> might easily get blocked by a firewall.
> 
> Also, before I got my basement server working as an NTP server I had a
> hard time getting ntp service to my notebook at all.  When at home I
> couldn't get time from my favorite external servers sucessfully, I
> think it was because my basement server was talking to the same
> servers as the notebook and the protocol likely preserves some state
> info that got confused by how one IP address had two different
> concepts of time.  At least that was my guess; as I said, I have not
> learned the protocol.
> 
> Do you have port 123 open for both UDP and TCP traffic?  Have you run
> successfully a Linux NTP client on this network before?
> 
> 
> -kb, the Kent who wants to understand this one.


--
Jerry Feldman
Portfolio Partner Engineering
508-467-4315 http://www.testdrive.compaq.com/linux/
Compaq Computer Corp.
200 Forest Street MRO1-3/F1
Marlboro, Ma. 01752

More information about the Discuss mailing list