Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been trying to get NTP to work on a local server of mine to allow Time Sync between my server and some workstations. The workstations are a mix of Slackware 11 machines and Windows XP SP2 machines.
On the Slackware machines when I run the following command
Code:
ntpdate -u <my server's ip>
I get the following error
Quote:
no server suitable for synchronization found
On the Windows XP SP2 machines I get the following error:
Quote:
The time sample has been rejected because: The peer's stratum is higher than the host's stratum
Firewalls have been turned off on both the NTP server and all clients to make sure that isn't an issue.
The NTP server can sync up with pool.ntp.org and the clients can all reach the Internet and ping my NTP server, so it doesn't seem to be a communications issue.
Interesting. That didn't work but it made me wonder. I ran NMap against the box and curiously enough, port 123 is closed. even though NTPD is running and there is not firewall.
Well here is a quandry. I guess my server was really never working in the first place! It seems I used the ntpdate command to sync up then my config file was still setup to fudge my local clock and that is what my Slackware machines where using.
Anyways, as it turns out I can't get my server to sync up at all to any public NTP server. I get stratums of 16 and jitters of 4000 with the ntpq -p command. Although I can force my clock to match by using ntpdate as I stated earlier.
Here is my server's ntp.conf
Code:
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
driftfile /etc/ntp/drift
multicastclient # listen on default 224.0.1.1
broadcastdelay 0.008
logfile /var/log/ntp/ntp.log
# Restrict NTP Pools
restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 1.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 2.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
# restrict Clients
restrict <my internal IP network> mask <Internal Mask to Match> nomodify notrap
restrict 127.0.0.1
Now the only problem I can see there is that my server is also in the pool of addresses for the clients, and perhaps it is being restricted because of the "nomodify" keyword. But I get the same results even if I comment that line out.
/etc/init.d/ntpd stop ( or what ever you use on your distro )
check that your system is reasonably close by manually setting the date using the date command. That way there won't be a big difference between timeserver and your machine.
Try this configuration /etc/ntp.conf file:
Code:
## Default rules for all connections
restrict default nomodify notrap noquery
## Allow full access to the local host
restrict 127.0.0.1
## Your Client subnet
restrict <my internal IP network> mask <Internal Mask to Match> nomodify notrap
## Your time servers
server 0.north-america.pool.ntp.org
server 1.north-america.pool.ntp.org
server 2.north-america.pool.ntp.org
Now that you have the above configuration and ntpd is not running lets run the following command.
ntpdate us.pool.ntp.org
ntpdate will not run if ntpd is running.
Now start ntpd
/etc/init.d/ntpd start ( or what ever you use on your distro )
As it turns out my configuration was setup correctly. Where I am there are technically 4 different groups who manage the network. I had put in a request to get NTP ports opened for my server. As it turned out the ports were put in initially. But whomever put them in forgot one simple command "copy run start". There was a different issue with a different group that caused them to reboot the router, and hence I lost my NTP openings. I didn't find out about it until today when the group that managed the firewall began complaining that a bunch of their changes weren't there.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
