Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
05-05-2014, 11:16 AM
|
#76
|
Member
Registered: Jan 2014
Posts: 186
Rep:
|
Quote:
Originally Posted by michaelk
As a general statement I disagree. Typically since the ntp traffic is outgoing first the router's firewall should "label" it as an established connection.
|
In theory yes, but apparently it does not work for ntpd. That is what the maintainers of ntpd say in the following link:
http://support.ntp.org/bin/view/Supp...tion_PORTCHECK
Unless I missed it previously, WilliamS has not described his LAN hardware configuration. My guess is that he has a router between the ntpd box and the modem. If I were troubleshooting this problem, I would set the firewall on the ntpd box with port 123 open then connect said box directly to the WAN, i.e., plug it into the modem, and see if the problem goes away. If it does, then I would work backward from there in securing/networking the box.
Last edited by Xsane; 05-05-2014 at 11:35 AM.
|
|
|
05-05-2014, 11:36 AM
|
#77
|
Member
Registered: Nov 2003
Location: 46N 76W
Distribution: Slackware 14.1
Posts: 380
Original Poster
Rep:
|
My ISP's level 2 says nobody else has this problem, so no advice.
|
|
|
05-05-2014, 12:01 PM
|
#78
|
Member
Registered: Nov 2003
Location: 46N 76W
Distribution: Slackware 14.1
Posts: 380
Original Poster
Rep:
|
Quote:
Originally Posted by Xsane
Unless I missed it previously, WilliamS has not described his LAN hardware configuration. My guess is that he has a router between the ntpd box and the modem. If I were troubleshooting this problem, I would set the firewall on the ntpd box with port 123 open then connect said box directly to the WAN, i.e., plug it into the modem, and see if the problem goes away. If it does, then I would work backward from there in securing/networking the box.
|
No LAN, no router, no firewall except iptables set by slackware installer.
ntp is only a client on my machine.
|
|
|
05-05-2014, 12:02 PM
|
#79
|
Moderator
Registered: Aug 2002
Posts: 26,194
|
Its worth a try and adds some addition information.
|
|
|
05-05-2014, 12:16 PM
|
#80
|
Member
Registered: Jan 2014
Posts: 186
Rep:
|
Quote:
Originally Posted by WilliamS
I reinstalled slackware-14.1 ...
BTW the BIOS clock is now showing UTC.
First time I've seen that, and don't know how to change it.
|
That is selectable during the install process. It can be changed with timeconfig.
Quote:
Originally Posted by WilliamS
No LAN, no router, no firewall except iptables set by slackware installer.
ntp is only a client on my machine.
|
And your machine is plugged directly into the modem?
Does your modem have a built-in router? What is the make and model number?
Last edited by Xsane; 05-05-2014 at 12:24 PM.
|
|
|
05-05-2014, 01:41 PM
|
#81
|
Member
Registered: Nov 2003
Location: 46N 76W
Distribution: Slackware 14.1
Posts: 380
Original Poster
Rep:
|
Quote:
Originally Posted by Xsane
That is selectable during the install process. It can be changed with timeconfig.
ntpdate -u changed it for me.
And your machine is plugged directly into the modem?
Does your modem have a built-in router? What is the make and model number?
|
Yes, plugged in directly.
No built-in router, according to xplornet tech support.
Sticker on the bottom says:
ViaSat
SURFBEAM 2 SATELLITE MODEM
MODEL NO: RM4100
30V 2.50A OR 55V 1.47A Made in Thailand
There's also a barcode sticker with RM4100N-043 on it.
|
|
|
05-05-2014, 04:38 PM
|
#82
|
Member
Registered: Jan 2014
Posts: 186
Rep:
|
Quote:
Originally Posted by WilliamS
Yes, plugged in directly.
No built-in router, according to xplornet tech support.
Sticker on the bottom says:
ViaSat
SURFBEAM 2 SATELLITE MODEM
MODEL NO: RM4100
30V 2.50A OR 55V 1.47A Made in Thailand
There's also a barcode sticker with RM4100N-043 on it.
|
Looks like it has the full complement, NAT, QoS, SPI, Filters.
http://www.viasat.com/files/assets/s...ew_018_web.pdf
Look on page 5 NETWORK DIAGRAM.
Under IDU 'Network Access Filters'.
Under 'ELEMENT MANAGEMENT' firewall control, NTP is specifically mentioned.
I wonder if they have blocked inbound 123 due to the
recent, and ongoing, NTP packet-amplification DDoS attacks?
https://www.us-cert.gov/ncas/alerts/TA14-013A
|
|
|
05-06-2014, 01:53 PM
|
#83
|
Member
Registered: Nov 2010
Posts: 227
Rep:
|
I thought you'd already got the time corrected!
Quote:
Originally Posted by WilliamS
I reinstalled slackware-14.1 and tried to keep this as simple as possible unselected kde.
Put the servers in /etc/ntp.conf and did touch /etc/ntp/conf/drift.
|
In my default Slackware install ntp.conf has:
driftfile /etc/ntp/drift
No "conf" dir.
Another "guessing". I use the iburst option like specified in the default slackware ntp.conf, have you tried it?
After all the tries you did I don't think is a firewall problem but to be sure you could try openntpd that uses high numbered ports.
Last edited by eloi; 05-06-2014 at 02:03 PM.
|
|
|
05-06-2014, 03:13 PM
|
#84
|
Senior Member
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541
|
Couple of things. - Continuously reinstalling either the operating system or NTP doesn't really accomplish much of anything.
- Applying all available updates immediately after installation (including the kernel updates on a 64-bit box) is a good first step. Be sure to copy the new /etc/ntp.conf.new file to /etc/ntp.conf.
- Not installing any additional software, no matter what it is, is a good third step; i.e., get the thing working first then start fiddling with it.
- In the case of NTP, if the default ".new" server configuration in /etc/ntp.conf, with the default server line uncommented (changing the line to server pool.ntp.org iburst) is used for initial installation, will, in almost every case, work.
- Not messing with anything else in /etc/ntp.conf is a good idea until it works; i.e., leave the damned thing alone except for the server pool.ntp.org iburst line.
- It's a good idea to initialize /etc/ntp/drift to zero (echo 0>/etc/ntp/drift; this will save NTP from going into special mode for up to an hour determining the system clock frequency and calculating the drift value -- it will start in normal mode instead of special mode. Roughly every hour, NTP will update /etc/ntp/drift until it has walked the system clock into synchronization.
- If the hardware clock is manually set (in the BIOS) to the correct UTC time before installation, that can save a lot of problems later (it can also be set to the correct local time if that is the preference). One or the other; keep it that way but UTC has become the preferred time for the hardware clock by upstream developers.
- Before starting up NTP, the system clock should be set with ntpd -d -g -q (preferred) or ntpdate XX.pool.ntp.org where XX is the 2-character country code where the machine lives. The first assumes that the server line in /etc/ntp.conf is as shown above.
- On start up, if NTP does not synchronize with an external server within roughly 5 minutes and there is no refid address shown in the display of ntpq -pn, the problem is not in the local machine: it will be in a router that does not pass port 123 UDP (not 123 TCP!) or that port is being blocked by the ISP (and you're beating a dead horse if it has been blocked at the ISP servers).
- Probably the only practical solution (if the ISP is blocking port 123 UDP) is periodically setting the time using ntpd [-d] -g -q ([-d] indicate that it's optional) with a suitable pool server in a cron job or a reference clock that connects via Ethernet to a router (from, say, a supplier like http://css-timemachines.com/). Reference clocks are not cheap but they are effective when used on a LAN with NTP.
Hope this helps some.
Last edited by tronayne; 05-06-2014 at 03:17 PM.
|
|
|
05-06-2014, 03:36 PM
|
#85
|
Member
Registered: Nov 2003
Location: 46N 76W
Distribution: Slackware 14.1
Posts: 380
Original Poster
Rep:
|
Quote:
Originally Posted by Xsane
|
Thanks for the info.
I u sed it to get level 2 tech support to send my complaint to a higher power, he assured me that an answer would be forthcoming in 72 hours.
|
|
|
05-06-2014, 03:40 PM
|
#86
|
Member
Registered: Nov 2003
Location: 46N 76W
Distribution: Slackware 14.1
Posts: 380
Original Poster
Rep:
|
Quote:
Originally Posted by eloi
I thought you'd already got the time corrected!
In my default Slackware install ntp.conf has:
driftfile /etc/ntp/drift
No "conf" dir.
Another "guessing". I use the iburst option like specified in the default slackware ntp.conf, have you tried it?
After all the tries you did I don't think is a firewall problem but to be sure you could try openntpd that uses high numbered ports.
|
I corrected the time with ntpdate -u.
I was tired, drift file is in the right place.
Never tried iburst; until now never needed. Maybe after i hear from ISP.
|
|
|
05-06-2014, 04:36 PM
|
#87
|
Senior Member
Registered: Jan 2008
Location: Urbana IL
Distribution: Slackware, Slacko,
Posts: 3,716
|
you know I have used ntp for years in slackware it has never worked right. I have three installs all set the same way 1337 14.0 14.41.
I am smart enough to understand how it works. I understand the program well.
But it never has worked right FOR ME since 2004. it is hit and miss.
I do not really care I just do not care anymore. I reach up and move the dial by hand .
When you boot up it should read the time and set it it is that simple if it doesn't then it is broke. jiggle the handle.
When booting from one system to another it screws up everything. I do not care simple jiggle the handle.
set to local time boot read bios clock set it but never works that way jiggle the handle.
Last edited by Drakeo; 05-06-2014 at 04:42 PM.
|
|
|
05-07-2014, 03:20 AM
|
#88
|
Member
Registered: Nov 2010
Posts: 227
Rep:
|
Like Drakeo says ntpd is problematic. Time ago I've played trying not generic servers, selecting specific servers combining different stratums and it gave me problems.
I had the same experience GazL describes with 'ntpd -g -q', ntpdate gave me a better result for correcting the time the first time.
On Crux I use openntpd that works without problems. That's why despite I agree with tronayne about not installing additional software it's not a bad idea giving openntpd a try.
All the above symptoms seem to be related with the same issue, the need of port 123 (and of course servers availability). The bad thing is that the Williams' ISP argument "nobody else has this problem" could mean they have no idea and/or interest in the matter.
And that's all what I can say.
Last edited by eloi; 05-07-2014 at 03:55 AM.
|
|
|
05-07-2014, 06:58 AM
|
#89
|
Member
Registered: Nov 2003
Location: 46N 76W
Distribution: Slackware 14.1
Posts: 380
Original Poster
Rep:
|
I had the opposite experience, such that ntp always worked perfectly.
All I did was comment out the fudge lines, put the pool servers into /etc/ntp.conf and chmod +x the two rc.d scripts.
Last edited by WilliamS; 05-07-2014 at 03:44 PM.
|
|
|
05-07-2014, 09:01 AM
|
#90
|
Member
Registered: Jul 2012
Posts: 103
Rep:
|
Quote:
Originally Posted by WilliamS
I had the opposite experience, such that ntp always worked perfectly.
All I did was comment out the fudge line, put the pool servers into /etc/ntp.conf and chmod +x the two rc.d scripts.
|
Same here...
|
|
|
All times are GMT -5. The time now is 05:29 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|