Hello,
A few months ago we switched the NTP servers that our Linux servers use to point to a couple of windows servers that the rest of the company uses. Since that time we have been having issues with time staying synced up on some of these servers. The servers are all Redhat or CentOS 5.x or 6.x. The strange thing is I can do a ntpd -gq to force an update and it works. I have verified that port 123 is open via "nc -uvz INTERNALSERVER1 123".
Below are a few strange things I have noticed on the servers that are not updating time correctly:
Code:
# ntpq -p
No association ID's returned
Stratum is 16 which I believe means out of sync:
Code:
# ntpq -c readlist
assID=0 status=c011 sync_alarm, sync_unspec, 1 event, event_restart,
version="ntpd 4.2.2p1@1.1570-o Fri Dec 19 18:27:47 UTC 2014 (1)",
processor="x86_64", system="Linux/2.6.18-238.9.1.el5", leap=11,
stratum=16, precision=-20, rootdelay=0.000, rootdispersion=150.435,
peer=0, refid=INIT,
reftime=00000000.00000000 Thu, Feb 7 2036 0:28:16.000, poll=6,
clock=d8f38d56.a53e9da7 Tue, May 5 2015 13:41:26.645, state=1,
offset=0.000, frequency=0.000, jitter=0.001, noise=0.001,
stability=0.000, tai=0
Offset showing as 0 even when time is obviously off:
Code:
# /usr/sbin/ntpq -c "rv 0 offset"
assID=0 status=c011 sync_alarm, sync_unspec, 1 event, event_restart,
offset=0.000
Code:
# ntpdc -c loopinfo
offset: 0.000000 s
frequency: 0.000 ppm
poll adjust: 0
watchdog timer: 10225 s
The server these examples are from is a Red Hat Enterprise Linux Server release 5.11 (Tikanga).
Let me know if there is more information I can provide.
Below is my ntp.conf:
Code:
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server INTERNALSERVER1 iburst
server INTERNALSERVER2 iburst
# Drift file. Put this in a directory which the daemon can write to.
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
Thanks,
Chris.