Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi there,
I have a Linux server which should sync on a Windows NTP. I've read everywhere that this is a bad thing, but I cannot change it.
If you're the Linux administrator, you sure can. Set up your Linux system to use pool.ntp.org servers (http://www.pool.ntp.org/en/). If you've got a route out to the Internet (even through a proxy server), that'll be FAR better than that Windows server, which is having issues. You also have another option, and that is to use a cheap (less than $100 USD) USB GPS receiver. It's easy to set up NTP to use a generic NMEA source, and I have a tutorial posted on this site on how to do it. That'll get you a VERY accurate stratum 1 clock.
Quote:
The Linux NTP refuses to sync because - I found out - the root dispersion of the Windows server is way off. Is there a way to tell the Linux NTP daemon to just ignore it and sync anyway?
It's a bad idea to ignore errors. The first step I'd take would be to fix the Windows server. The NTP source is just stepping back and forth too much, and eventually just gives up. Barring that, you CAN lower the maximum distance allowed from to force rejection at a lower threshold. Check out the NTP docs for some various tricks: http://www.ntp.org/ntpfaq/NTP-s-conf...ks.htm#AEN4252
Again, though...you MIGHT be able to get things 'fooled' into working, but things will be unstable. The clock is still likely to drift/fail. Use a stable trusted source.
Unfortunately I cannot use other NTPs and I do not have internet access on that server. I cannot touch the Windows NTP either. I know it's not good, but this is my scenario.
I'll check the documents you are suggesting and I'll come back with more questions!
Unfortunately I cannot use other NTPs and I do not have internet access on that server.
How do you load patches and other things? Even if you have a proxy server, you can still access the public NTP pools.
Quote:
I cannot touch the Windows NTP either. I know it's not good, but this is my scenario.
That makes the problem even easier to solve...tell your Windows admins to get crackin'.
Quote:
I'll check the documents you are suggesting and I'll come back with more questions!
No worries...you MIGHT find something to help you in there, but the options are many, and there's no real easy way to test, other than stopping/starting things over and over.
It's a multimedia server I won't manage it, I just run updates coming from the manufacturer every now and then. Long story.
I am trying to find out why the windows time server is off. It's sync'd to the system clock, somehow is not syncing to the NTP server anymore. I guess as soon as its root dispersion is less than 1000ms my Linux server should start trusting the W32 time server again!
I had a look at that page but there are only 3 scenarios which they don't seem relevant to my case. Is that the correct link?
It's a multimedia server I won't manage it, I just run updates coming from the manufacturer every now and then. Long story.
Been there, and I understand what you mean. However, one firewall exception for stateless UDP connection to the time pools shouldn't pose a problem for their systems/security, and let things run better. Just a suggestion.
Quote:
I am trying to find out why the windows time server is off. It's sync'd to the system clock, somehow is not syncing to the NTP server anymore. I guess as soon as its root dispersion is less than 1000ms my Linux server should start trusting the W32 time server again!
You said it yourself...it's sync'ed to the system clock. They drift, especially on Windows systems. You can essentially 'force' NTP to use the system clock as a reference source (the 'fudge' setting), but you play with fire. It'll jitter wildly, and you'll never get a decent time lock, as you've seen.
Quote:
I had a look at that page but there are only 3 scenarios which they don't seem relevant to my case. Is that the correct link?
Yes, but those are only EXAMPLES...the documentation you can page through there explains everything. Honestly, though...until the actual problem is fixed upstream, there's only so much you can do.
Got it, I thought I was finding a relevant case on that page.
I agree with you, I'm dealing with the relevant people to see if the Windows time server can be fixed - found that the external NTP they use was going up and down!
Once the windows time server is stable I can see if the Linux NTP trusts it.
A question: what exactly is the root dispersion? I've read several descriptions but still fail to understand exactly the meaning.
Thank you very much for your help, it's greatly appreciated.
Got it, I thought I was finding a relevant case on that page.
I agree with you, I'm dealing with the relevant people to see if the Windows time server can be fixed - found that the external NTP they use was going up and down! Once the windows time server is stable I can see if the Linux NTP trusts it.
That will certainly help, but Windows and time-services can often be challenging. Having it USE an external time source is easy...having Windows BE the authoritative time source is another matter.
Quote:
A question: what exactly is the root dispersion? I've read several descriptions but still fail to understand exactly the meaning.
Essentially, it's the maximum error (difference), between the local clock as it relates to the reference clock. Since your upstream server is reporting a HUGE difference, the Linux NTP daemon is smart enough to know not to trust it.
So say the root dispersion is 7s on the windows server, that means that the Windows time server last time it checked itself against the external NTP found it was 7 seconds off?
The -g parameter will set the clock no matter how much it's off, but will it trust a free-running NTP?
yes. The "trust" is not due to how much it is off, just the fact that the adjtime system call doesn't allow for more than around 15 minutes difference between the existing time, and the NTP server. This is because making LARGE jumps causes accounting failures, and can cause filesystem issues (files created in the future...). The use of the -g option is only usable when ntpd is first started, with the assumption that it is during system boot when accounting is focused on only system overhead. Once the daemon is active, and boot enters multiuser mode then, and only then is accounting tracking users, and then it needs to be consistent.
Depends on the version of ntp. The original method was to call ntpdate prior to starting ntp. This does the same thing as the -g option. Take a look at your ntp start up script to see if it runs nptdate. If so, then no changes are required.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.