LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   NTP server not working (https://www.linuxquestions.org/questions/linux-newbie-8/ntp-server-not-working-4175553558/)

Fusionfox 09-15-2015 08:02 AM

NTP server not working
 
I am trying to setup an NTP server in Ubuntu 10.04.4 LTS that other PC's on LAN can sync with, and have now spend three days trying to make it work without luck.

I used this guide:
http://ubuntuforums.org/showthread.php?t=862620

At some point the guide tells me to check the syslog for a sync message which never arrives I only get this:

Code:

Sep 15 14:54:31 h218 ntpd[14442]: ntpd exiting on signal 15
Sep 15 14:54:33 h218 ntpd[14607]: ntpd 4.2.4p8@1.1612-o Fri Feb  6 16:49:14 UTC 2015 (1)
Sep 15 14:54:33 h218 ntpd[14608]: precision = 1.000 usec
Sep 15 14:54:33 h218 ntpd[14608]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #0 wildcard, 0.0.0.0#123 Disabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #1 wildcard, ::#123 Disabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #2 lo, 127.0.0.1#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #3 eth0, 10.122.3.1#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #4 eth1, 10.122.4.1#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #5 eth2, 172.27.91.87#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #6 br0, 10.122.2.1#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #7 eth3, fe80::d6ae:52ff:fed0:1576#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #8 lo, ::1#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #9 eth2, fe80::d6ae:52ff:fed0:1575#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: Listening on interface #10 eth1, fe80::20a:f7ff:fe3a:6bce#123 Enabled
Sep 15 14:54:33 h218 ntpd[14608]: kernel time sync status 2040
Sep 15 14:54:33 h218 ntpd[14608]: frequency initialized 29.691 PPM from /var/lib/ntp/ntp.drift

I then run
Code:

ntpq -c lpeer
and get:

Code:

    remote          refid      st t when poll reach  delay  offset  jitter
==============================================================================
 gw.net5.klient. .INIT.          16 u    -  64    0    0.000    0.000  0.000

My ntp.conf looks like this:

Code:

# NTP server entries received from DHCP server
server nist1-dc.WiTime.net iburst
server ntp0.mcs.anl.gov
server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org
server 3.us.pool.ntp.org
server 127.127.1.0
fudge 127.127.1.0 stratum 10

# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift

# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Allow LAN machines to synchronize with this ntp server
restrict 10.122.2.0 mask 255.255.255.0 nomodify notrap

Can you please help me figure out what is wrong?

michaelk 09-15-2015 01:24 PM

Welcome to LinuxQuestions.

The information provided in the link is a few years old and the non pool servers might not be valid anymore. As stated use the pool closest to your location. http://www.pool.ntp.org/en/

If you want to use the US pool then:
Quote:

server 0.us.pool.ntp.org iburst
server 1.us.pool.ntp.org iburst
server 2.us.pool.ntp.org iburst
server 3.us.pool.ntp.org iburst
Restart the server and see if it now syncs. It might take a few minutes. Post the output of the command:
ntpq -p

cyent 09-15-2015 03:41 PM

MichaelK's answer above is probably the right one..

All I'll add is why Ubuntu 10.04.4 LTS?

One argument for doing so may be you have an old underspec'ed machine and feel you need an old under spec'd version of Ubuntu.

In which case I invite you to have a look at http://lubuntu.net/ or http://xubuntu.org/

Most problems are solved by rolling forward to the latest LTS release.

Fusionfox 09-16-2015 01:25 AM

Hi

@michaelk:
Thank you! I have previously tried different servers with no luck, so I went back to following the guide to the letter. I did try changing the server list, however, after several minutes ntpq -p still only gives me:
Code:

    remote          refid      st t when poll reach  delay  offset  jitter
==============================================================================
 gw.net5.klient. .INIT.          16 u    -  64    0    0.000    0.000  0.000

@cyent:
The machine is part of a test setup where it is used to emulate network using Kaunet which is only supported on the 2.6 kernels, so changing operating system is not really an option for me.

zhjim 09-16-2015 02:37 AM

Is the ntp server resolveable? Did you try to ping it or look it up using host or dig?
Any firewall rules in place that block ntp port (udp/123)?

Quote:

iptables-save | grep 123

Fusionfox 09-16-2015 02:51 AM

Quote:

Originally Posted by zhjim (Post 5421030)
Is the ntp server resolveable? Did you try to ping it or look it up using host or dig?
Any firewall rules in place that block ntp port (udp/123)?

Yes the servers are resolvable using ping/host.

Code:

iptables-save | grep 123
returns nothing, however, I'm not sure if that is good or bad.

zhjim 09-16-2015 03:15 AM

Depending on your default policies. If you have a drop policy its bad. Do you have any iptables set?

If you have iptables rules add one for ntp

Quote:

iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
This one should be fleshed out if its the culprint.
Also make sure the rest of your network allows ntp.

Fusionfox 09-16-2015 04:16 AM

Quote:

Originally Posted by zhjim (Post 5421039)
Depending on your default policies. If you have a drop policy its bad. Do you have any iptables set?

If you have iptables rules add one for ntp

This one should be fleshed out if its the culprint.
Also make sure the rest of your network allows ntp.

I did not set up the network interfaces my self, but some iptables are set in /etc/network/interfaces so I tried adding your rule like so:
Code:

...
auto eth2
iface eth2 inet dhcp
    up iptables -t nat -F POSTROUTING
    up iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
    up iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
...

and then restarting the network interface.

I also tried simply running the command you suggested as is. But the problem still persists.

michaelk 09-16-2015 06:31 AM

If you need a 2.6 kernel then I suggest CentOS 6.7. It is still active and receives updates. If the only requirement is 2.6 then kaunet should work.

I would expect the output of the ntpq -pn command to be similiar to the below. I do not know why you are only seeing one line and in addition not seeing the server itself (127.127.1.0). Are you restarting ntp after making changes to ntp.conf?

Code:

    remote          refid      st t when poll reach  delay  offset  jitter
==============================================================================
 92.242.140.2    .INIT.          16 u    -  64    0    0.000    0.000  0.000
*96.44.142.5    127.67.113.92    2 u    3  64  17  30.282  12.540  1.592
 66.79.167.34    131.107.13.100  2 u    2  64  17  78.339    4.827  0.579
 104.41.150.68  129.6.15.30      2 u  61  64    7  64.858  -10.788  1.512
 69.64.45.119    66.228.38.73    3 u  64  64    2  444.649  -176.23  0.000
 127.127.1.0    .LOCL.          10 l  65  64  16    0.000    0.000  0.000

Again at least from my location nist1-dc.WiTime.net nor ntp0.mcs.anl.gov are valid ntp servers
Quote:

sudo ntpdate -q -u nist1-dc.WiTime.net
Error resolving nist1-dc.WiTime.net: Name or service not known (-2)
16 Sep 06:04:55 ntpdate[4297]: Can't find host nist1-dc.WiTime.net: Name or service not known (-2)
16 Sep 06:04:55 ntpdate[4297]: no servers can be used, exiting

sudo ntpdate -q -u ntp0.mcs.anl.gov
server 92.242.140.2, stratum 0, offset 0.000000, delay 0.00000
16 Sep 06:08:04 ntpdate[4307]: no server suitable for synchronization found
Try the command
sudo ntpdate -q -u 0.us.pool.ntp.org

If that works then at least we know that outgoing time requests are working. If so then stop ntp and try
ntpdate 0.us.pool.ntp.org. Post the output. If that does not work then we know you could have a network problem.

zhjim 09-16-2015 06:36 AM

Trying to resolv the server ntpd is using I failed. Propably cause its an internal one to your network. Definitely recheck the availability of the server. Maybe just stick with the pool.ntp.org servers. Also make sure that ntp is allowed at your gateway and all the way up the used ntp servers.

Im missing a default policy of iptables configuration within /etc/network/interfaces. Please check what it is set to.

Fusionfox 09-16-2015 06:48 AM

Quote:

Originally Posted by michaelk (Post 5421103)
If you need a 2.6 kernel then I suggest CentOS 6.7. It is still active and receives updates. If the only requirement is 2.6 then kaunet should work.

I would expect the output of the ntpq -pn command to be similiar to the below. I do not know why you are only seeing one line and in addition not seeing the server itself (127.127.1.0). Are you restarting ntp after making changes to ntp.conf?

Code:

    remote          refid      st t when poll reach  delay  offset  jitter
==============================================================================
 92.242.140.2    .INIT.          16 u    -  64    0    0.000    0.000  0.000
*96.44.142.5    127.67.113.92    2 u    3  64  17  30.282  12.540  1.592
 66.79.167.34    131.107.13.100  2 u    2  64  17  78.339    4.827  0.579
 104.41.150.68  129.6.15.30      2 u  61  64    7  64.858  -10.788  1.512
 69.64.45.119    66.228.38.73    3 u  64  64    2  444.649  -176.23  0.000
 127.127.1.0    .LOCL.          10 l  65  64  16    0.000    0.000  0.000

Again at least from my location nist1-dc.WiTime.net nor ntp0.mcs.anl.gov are valid ntp servers


Try the command
sudo ntpdate -q -u 0.us.pool.ntp.org

If that works then at least we know that outgoing time requests are working. If so then stop ntp and try
ntpdate 0.us.pool.ntp.org. Post the output. If that does not work then we know you could have a network problem.

Yes, I restart every the service every time, this is also reflected in syslog.

As previously suggested I did remove the first 2 servers from the list and is only using the us.pool.ntp.org servers. And ntpdate does seem to work:
Code:

root@h218:~# ntpdate -q -u 0.us.pool.ntp.org
server 97.107.128.58, stratum 2, offset -0.170835, delay 0.12335
server 108.59.2.24, stratum 2, offset -0.169937, delay 0.15591
server 132.163.4.102, stratum 1, offset -0.173463, delay 0.17871
server 24.56.178.140, stratum 1, offset -0.171146, delay 0.18280
16 Sep 13:47:25 ntpdate[18736]: adjust time server 132.163.4.102 offset -0.173463 sec
root@h218:~# ntpdate 0.us.pool.ntp.org
16 Sep 13:47:45 ntpdate[18737]: adjust time server 24.56.178.140 offset -0.168206 sec


Fusionfox 09-16-2015 06:51 AM

Quote:

Originally Posted by zhjim (Post 5421106)
Trying to resolv the server ntpd is using I failed. Propably cause its an internal one to your network. Definitely recheck the availability of the server. Maybe just stick with the pool.ntp.org servers. Also make sure that ntp is allowed at your gateway and all the way up the used ntp servers.

Im missing a default policy of iptables configuration within /etc/network/interfaces. Please check what it is set to.

What I posted earlier is everything that is all the iptables setup in /etc/network/interfaces.
iptables -L gives me:
Code:

root@h218:~# iptables -L
Chain INPUT (policy ACCEPT)
target    prot opt source              destination       

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination       

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination       
ACCEPT    udp  --  anywhere            anywhere            udp dpt:ntp
ACCEPT    udp  --  anywhere            anywhere            udp dpt:ntp
ACCEPT    udp  --  anywhere            anywhere            udp dpt:ntp


michaelk 09-16-2015 07:04 AM

If you restart ntp then what is the current output of ntpq -p?

Fusionfox 09-16-2015 07:05 AM

Quote:

Originally Posted by michaelk (Post 5421121)
If you restart ntp then what is the current output of ntpq -p?

still the same:
Code:

root@h218:~# /etc/init.d/ntp restart
 * Stopping NTP server ntpd                                                                                                                                                                                                            [ OK ]
 * Starting NTP server ntpd                                                                                                                                                                                                            [ OK ]
root@h218:~# ntpq -p
    remote          refid      st t when poll reach  delay  offset  jitter
==============================================================================
 gw.net5.klient. .INIT.          16 u    -  64    0    0.000    0.000  0.000


michaelk 09-16-2015 07:20 AM

Quote:

ping gw.net5.klient
PING gw.net5.klient (92.242.140.2) 56(84) bytes of data.

sudo ntpdate -q -u ntp0.mcs.anl.gov
server 92.242.140.2, stratum 0, offset 0.000000, delay 0.00000
16 Sep 06:08:04 ntpdate[4307]: no server suitable for synchronization found
I do not understand why the bad server is still is being used if you deleted it from your ntp.conf file. What are you using to edit the file?


All times are GMT -5. The time now is 02:55 AM.