LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-09-2012, 12:12 PM   #1
Rohit_4739
Member
 
Registered: Oct 2010
Distribution: Red Hat
Posts: 228

Rep: Reputation: 9
Unable to sync time NTP server


Hello Everyone,

I am having bit of trouble in syncing the time with public ntp serves. Let me explain the environment i am in because that might help you in identifying the issue. I am running RHEL6 on a virtual box VM and i am under a corporate network.

I installed ntpd and modified the /etc/ntp.conf with the necessary details and then started the service. However when i run the ntpq -np commmand to check the status it always shows the wrong stats. Here is the output from ntpq -np
Quote:

ntpq -np
remote refid st t when poll reach delay offset jitter
==============================================================================
125.62.193.121 .INIT. 16 u - 64 0 0.000 0.000 0.000
220.130.158.71 .INIT. 16 u - 64 0 0.000 0.000 0.000
61.110.197.50 .INIT. 16 u - 64 0 0.000 0.000 0.000
72.29.161.5 .INIT. 16 u - 64 0 0.000 0.000 0.000
64.113.32.5 .INIT. 16 u - 64 0 0.000 0.000 0.000
169.229.70.183 .INIT. 16 u - 64 0 0.000 0.000 0.000
Running ntpdate -u 0.in.pool.ntp.org shows the result as "no suitable server for syncronization found". here is the ntpdate output

Quote:

[root@localhost ~]# ntpdate -u 125.62.193.121
9 Apr 12:08:57 ntpdate[5837]: no server suitable for synchronization found
However i am able to ping the server

[root@localhost ~]# ping -c 3 125.62.193.121
PING 125.62.193.121 (125.62.193.121) 56(84) bytes of data.
64 bytes from 125.62.193.121: icmp_seq=1 ttl=46 time=107 ms
64 bytes from 125.62.193.121: icmp_seq=2 ttl=46 time=109 ms
64 bytes from 125.62.193.121: icmp_seq=3 ttl=46 time=107 ms

--- 125.62.193.121 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2111ms
rtt min/avg/max/mdev = 107.668/108.164/109.081/0.702 ms


So what could be the problem, firewall has port 123(UDP) opened. Here is the ntp.conf file for further reference

Quote:

[root@localhost ~]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#restrict default kod nomodify notrap nopeer noquery
#restrict -6 default kod nomodify notrap nopeer noquery

restirct default ignore

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# Hosts on local network are less restricted.
#restrict 192.168.10.0 mask 255.255.255.0

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
restrict 0.asia.pool.ntp.org mask 255.255.255.255 notrap nomidfy noquery
restrict 3.asia.pool.ntp.org mask 255.255.255.255 notrap nomidfy noquery
restrict 0.in.pool.ntp.org mask 255.255.255.255 notrap nomidfy noquery
restrict 1.pool.ntp.org mask 255.255.255.255 notrap nomidfy noquery
restrict 2.pool.ntp.org mask 255.255.255.255 notrap nomidfy noquery
restrict 3.pool.ntp.org mask 255.255.255.255 notrap nomidfy noquery
server 0.in.pool.ntp.org
server 0.asia.pool.ntp.org
server 3.asia.pool.ntp.org
server 3.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
#server 0.rhel.pool.ntp.org
#server 1.rhel.pool.ntp.org
#server 2.rhel.pool.ntp.org

#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.

#server 127.127.1.0 # local clock
#fudge 127.127.1.0 stratum 10

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats


Thanks.
 
Old 04-09-2012, 12:23 PM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,527

Rep: Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898
Corporate firewall?

Kind regards
 
Old 04-09-2012, 01:35 PM   #3
Rohit_4739
Member
 
Registered: Oct 2010
Distribution: Red Hat
Posts: 228

Original Poster
Rep: Reputation: 9
Quote:
Originally Posted by repo View Post
Corporate firewall?

Kind regards
Yeah it could be but would that be stopping me from communicating on port 123 ?
 
Old 04-09-2012, 04:05 PM   #4
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 415Reputation: 415Reputation: 415Reputation: 415Reputation: 415
Install telnet or use nmap to scan that host and see if the port is open. If you do nmap start with your gateway and work your way out of your network until you reach the host and verify the port is open along the way.

NOTE: Firewalls may still be listening on the port but still dropping the connection with the firewall rules set so nmap may not give you what you are looking for, use telnet and see if you can figure out where the connection on port 123 is dropping.
 
Old 04-09-2012, 04:35 PM   #5
Satyaveer Arya
Senior Member
 
Registered: May 2010
Location: Palm Island
Distribution: RHEL, CentOS, Debian, Oracle Solaris 10
Posts: 1,415

Rep: Reputation: 305Reputation: 305Reputation: 305Reputation: 305
It could be because of selinux. What's the status of ntpd_disable_trans in selinux?
Set it to
Code:
# setsebool -P ntpd_disable_trans 1
And execute the command 'ntpq -p' in order to verify the NTP server with external NTP servers.

Last edited by Satyaveer Arya; 04-09-2012 at 04:36 PM.
 
Old 04-10-2012, 09:44 AM   #6
Rohit_4739
Member
 
Registered: Oct 2010
Distribution: Red Hat
Posts: 228

Original Poster
Rep: Reputation: 9
Hello Everyone,

Thanks for all your replies, it was a firewall issue which was running at my corporate network. I tried running ntpd on my personal internet connection and it worked successfully.

Thanks a lot for taking time from your schedule to respond.

Rohit
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NTP time sync with windows 2000 AD time csghosh Linux - Enterprise 7 02-24-2012 04:46 PM
time sync. (other than NTP) boomboom Linux - General 10 01-12-2012 10:16 PM
[SOLVED] Slackware server - ntp time sync stops after a day tennis_slacker Slackware 81 08-04-2010 10:05 AM
NTP sync up time sidra Linux - Networking 1 09-27-2007 10:07 PM
ntp time sync eyewittness Linux - Networking 2 08-11-2004 10:18 AM


All times are GMT -5. The time now is 01:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration