Hi Guys,

First of all i am just a newbie so please do correct me if am doing something wrong.

Now here is the ddescription of the problem, i have been trying to sync my system clock with a public NTP server but it is not working for me. When i see the output using ntpq -np the table never gets updated, it always shows the local clock as default clock.

Here is my /etc/ntp.conf file

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 150.101.254.110
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org

#broadcast 192.168.1.255 key 42 # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 key 42 # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 key 42 # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0
fudge 127.127.1.0 stratum 10

# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8
restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 1.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 2.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
server eth9327.sa.adsl.internode.on.net
restrict eth9327.sa.adsl.internode.on.net mask 255.255.255.255 nomodify notrap noquery

And here is my output from ntpq -np

ntpq -np
remote refid st t when poll reach delay offset jitter
==============================================================================
150.101.254.110 .RMOT. 16 u - 64 0 0.000 0.000 0.000
69.65.40.29 .INIT. 16 u - 64 0 0.000 0.000 0.000
67.18.187.111 .INIT. 16 u - 64 0 0.000 0.000 0.000
174.37.200.186 .INIT. 16 u - 64 0 0.000 0.000 0.000
*127.127.1.0 .LOCL. 10 l 34 64 377 0.000 0.000 0.008


It is never getting updated, so please guys help me sort this out, is it something i am doing incorrectly ?

TIA

Looks like you just can't reach your servers at all, do you have firewall issues?

Hi,

No firewall issue, i am able to ping these servers.

More over IPtables is set off also doesn't make changes, the only rule running on firewall right now is to Accept traffice on port 123, nothing else.

being able to ping a server means you can ping it, not send traffic on udp 123.

can you run "ntpdate 0.ppol.ntp.org" successfully?

NO, it gives me this error

28 Oct 23:20:53 ntpdate[8920]: no server suitable for synchronization found

Assuming you noticed my typo, you have firewall issues.

I am actually under a corp network, but iptables on my system is set to STOP.. Is there a way to make sure that its only due to firewall only and not something else ?

you can tcpdump the traffic. Why did you say it's not a firewall issue when you are on a corporate network which must have all sorts of rules and routes to get through to the net??? do you not have an internal NTP source already that you should be using?

No i don't have a internal NTP source, i already ran TCPDUMP and i did captured some packets on udp 123 but all had ref id 127.127.1.0 (internal address) no external address. here is output from TCpdump

00:06:11.220655 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 76) 20.198.226.197.ntp > lasvegas-nv-datacenter.com.ntp: [bad udp cksum 30d6!] NTPv4, length 48
Client, Leap indicator: (0), Stratum 11, poll 10s, precision -17
Root Delay: 0.000000, Root dispersion: 0.011306, Reference-ID: 127.127.1.0
Reference Timestamp: 3528815747.219140314 (2011/10/29 00:05:47)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3528815771.218563674 (2011/10/29 00:06:11)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3528815771.218563674 (2011/10/29 00:06:11)
00:06:23.218827 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 76) 20.198.226.197.ntp > eth9327.sa.adsl.internode.on.net.ntp: [bad udp cksum 8cd6!] NTPv4, length 48
Client, Leap indicator: (0), Stratum 11, poll 10s, precision -17
Root Delay: 0.000000, Root dispersion: 0.011489, Reference-ID: 127.127.1.0
Reference Timestamp: 3528815747.219140314 (2011/10/29 00:05:47)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3528815783.218762111 (2011/10/29 00:06:23)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3528815783.218762111 (2011/10/29 00:06:23)
00:06:25.219056 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 76) 20.198.226.197.ntp > rigel.jeffkaplan.net.ntp: [bad udp cksum b8e8!] NTPv4, length 48
Client, Leap indicator: (0), Stratum 11, poll 10s, precision -17
Root Delay: 0.000000, Root dispersion: 0.011520, Reference-ID: 127.127.1.0
Reference Timestamp: 3528815747.219140314 (2011/10/29 00:05:47)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3528815785.218995305 (2011/10/29 00:06:25)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3528815785.218995305 (2011/10/29 00:06:25)
00:06:27.218960 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 76) 20.198.226.197.ntp > ns1.your-site.com.ntp: [bad udp cksum c9d8!] NTPv4, length 48
Client, Leap indicator: (0), Stratum 11, poll 10s, precision -17
Root Delay: 0.000000, Root dispersion: 0.011550, Reference-ID: 127.127.1.0
Reference Timestamp: 3528815747.219140314 (2011/10/29 00:05:47)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3528815787.218889167 (2011/10/29 00:06:27)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3528815787.218889167 (2011/10/29 00:06:27)
00:09:24.777973 IP (tos 0x0, ttl 128, id 63940, offset 0, flags [none], proto: UDP (17), length: 96) 20.198.226.114.ntp > cscdc3noi001.asiapac.globalcsc.net.ntp: NTPv3, length 68
symmetric active, Leap indicator: (0), Stratum 6, poll 12s, precision -6
Root Delay: 0.548370, Root dispersion: 2.451766, Reference-ID: cscdc3noi001.asiapac.globalcsc.net
Reference Timestamp: 3528811769.836652199 (2011/10/28 22:59:29)
Originator Timestamp: 3528811768.419054999 (2011/10/28 22:59:28)
Receive Timestamp: 3528811769.836652199 (2011/10/28 22:59:29)
Transmit Timestamp: 3528815866.178017799 (2011/10/29 00:07:46)
Originator - Receive Timestamp: +1.417597204
Originator - Transmit Timestamp: +4097.758962810
00:09:24.787080 IP (tos 0x0, ttl 125, id 28751, offset 0, flags [none], proto: UDP (17), length: 96) cscdc3noi001.asiapac.globalcsc.net.ntp > 20.198.226.114.ntp: NTPv3, length 68
Server, Leap indicator: (0), Stratum 5, poll 12s, precision -6
Server, Leap indicator: (0), Stratum 5, poll 12s, precision -6
Root Delay: 0.523681, Root dispersion: 6.660232, Reference-ID: CSCSRVSYDDCC01.globalcsc.net
Reference Timestamp: 3528815406.683414299 (2011/10/29 00:00:06)
Originator Timestamp: 3528815866.178017799 (2011/10/29 00:07:46)
Receive Timestamp: 3528815865.715414299 (2011/10/29 00:07:45)
Transmit Timestamp: 3528815865.715414299 (2011/10/29 00:07:45)
Originator - Receive Timestamp: -0.462603509
Originator - Transmit Time
Could you please take a look and let me know

Anyways thanks a lot for help

At some places in the tcpdump output i could see some traffic from public ntp servers but if you see their stratum value is being shown 11 which is highly not seems to be true.. So is it some kind of issue here ?

no, 11 is YOUR stratum.

the last two packets show a successful interaction, but that's not you is it? the source IP is different but probably on the same subnet, so that's presumably just promiscuous capture picking that up, hope you're not on a hub there...