LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-24-2011, 11:41 AM   #1
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Rep: Reputation: 0
NTP unable to sync


I'm running a set of RHEL5 servers on a network separated from the general internet. I have a router that acts as a stratum 1 time server, and 2 RHEL5 servers that will sync with it and also serve up time for a portion of the network. I'm currently unable to sync the two RHEL5 servers with the time source. Once I can do that, I'll need to set the bulk of the RHEL5 servers to sync with the 2 intermediaries.

I've turned off NTP wrappers, disabled the firewall, and ensured selinux is disabled.

stratum 1 router (136.197.0.1)
RHEL 5 servers (192.168.0.[1,2])

ntp.conf:
Code:
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

restrict 127.0.0.1
restrict -6 ::1

server 136.197.0.1
fudge 127.127.1.0 stratum 10

driftfile /var/lib/ntp/drift

keys /etc/ntp/keys

# ntpdate -d 136.197.0.1
Code:
Looking for host 136.197.0.1 and service ntp
host found: 136.197.0.1
transmit(136.197.0.1)
transmit(136.197.0.1)
transmit(136.197.0.1)
transmit(136.197.0.1)
transmit(136.197.0.1)
136.197.0.1: Server dropped: no data
server 136.197.0.1, port 23
stratum 0, precision 0 leap 00, trust 000
refid [136.197.0.1], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time 0000000.0000000 <date>
originate timestamp: 0000000.0000000 <date>
...
<date> ntpdate[29596]: no server suitable for synchronization found
NTP version- 4.2.2p1-15

Last edited by jeewiz; 10-24-2011 at 11:50 AM. Reason: added ntp version
 
Old 10-24-2011, 11:44 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
if you're getting no response (and the server does exist...) then it just sounds like a network issue, not NTP. check firewalls, routes etc...
 
Old 10-24-2011, 12:25 PM   #3
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Original Poster
Rep: Reputation: 0
I can't test the router, but I can test additional RHEL servers that are unable to sync in the same manner.

On the intermediary:
# netstat -tulpn
Code:
Proto Recv-Q Send-Q Local Address    Foreign Address   State   PID/Program name
udp      0     0    192.168.0.1:123  0.0.0.0:*                   2965/ntpd
Note that it is not listening, am I missing something?

On a random RHEL server-
# nmap 192.168.0.1
Code:
PORT     STATE SERVICE
22/tcp   open  ssh
111/tcp  open  rpcbind
135/tcp  open  msrpc
# telnet 192.168.0.1 123
Code:
telnet: connect to address 192.168.0.1: connection refused
telnet: Unable to connect to remote host: connection refused
Also, I'm told by the networking department that port 123 isn't blocked.
 
Old 10-24-2011, 12:27 PM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Can you even ping the router?? Could be as simple as there's not a route to that network.
 
Old 10-24-2011, 12:35 PM   #5
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by TB0ne View Post
Can you even ping the router?? Could be as simple as there's not a route to that network.
Yes I can ping the router, I can even telnet into port 22.
 
Old 10-24-2011, 01:30 PM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
why would we care what is or is not running on a different box?

ntp is a UDP protocol, you can't telnet to it.
 
Old 10-24-2011, 01:36 PM   #7
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by acid_kewpie View Post
why would we care what is or is not running on a different box?

ntp is a UDP protocol, you can't telnet to it.
Correct, I realized this after I posted...

I'm looking for alternatives to see if I can reach the server on the NTP port. I ran this and came back showing ntp is listening...

# nmap -p 123 -sU -P0 <server>
Code:
PORT    STATE          SERVICE
123/udp open|filtered    ntp

Last edited by jeewiz; 10-24-2011 at 01:38 PM.
 
Old 10-24-2011, 01:40 PM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
ok, well either it's the network or the remote peer... it's not your linux host. Are you sure your router is an NTP server? Is it possibly not just serving SNTP, which a real NTP service can't make use of?
 
Old 10-24-2011, 03:02 PM   #9
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Original Poster
Rep: Reputation: 0
# ntpdate <source>
Produces in /var/log/messages
ntpd: exiting on signal 15
 
Old 10-24-2011, 03:14 PM   #10
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
ntpdate is not ntpd, they are separate programs, and in fact can not run at the same time as they both require source port 123.
 
Old 10-24-2011, 03:29 PM   #11
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by acid_kewpie View Post
ntpdate is not ntpd, they are separate programs, and in fact can not run at the same time as they both require source port 123.
I perform a service ntpd stop to run ntpdate. This isn't the source of exit 15.
 
Old 10-24-2011, 04:00 PM   #12
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
huh? whatever you did, ntpdate has nothing to do with that messages output.
 
Old 10-24-2011, 04:07 PM   #13
jeewiz
LQ Newbie
 
Registered: Jan 2007
Distribution: CentOS 6.5
Posts: 21

Original Poster
Rep: Reputation: 0
I'm thinking more and more it's a port dropped between the servers. I can do a traceroute and see two servers between them. Is there a command I can execute to try and narrow it down?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NTP Sync Issue ravikiran189 Linux - Server 1 10-24-2011 08:40 AM
NTP sync problem Uday123 Red Hat 3 11-13-2009 08:57 AM
NTP sync noir911 Linux - Server 1 03-29-2008 07:50 PM
NTP Sync? carlosinfl Linux - Networking 12 04-13-2006 11:33 AM
NTP sync problems rbutler Linux - Newbie 0 01-17-2003 02:51 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration