I'm trying to figure out why my server is unable to be a "suitable
server for synchronization".  On the ntpd server (will also refer to it
as the server), it has a connection to about 5 different stratum 2 and
stratum 3 servers.  It seems to be running fine, when I execute the
command "ntpq -p" and I pull up a list of those servers, and everything
appears to be normal, offsets avg. around 20 and jitters avg. around
35.

Whenever I try and sync time to my server, from a remote location
(using ntpdate -u <myremotentpdservername> ), I always get the error
"no server suitable for synchronization found".  My server is
firewalled, but it is allowing TCP and UDP connection through port 123
(verified by putting the firewall in debug mode, and seeing the packets
get accepted through the firewall).  I also tried this from a computer
on the same network, again with no firewall.

I have tried from different locations, also not firewalled, and they
can't seem to sync the time with my server, and I can't seem to figure
out why.

I have the following in my ntp.conf file to allow for remote
connections:

  restrict 0.0.0.0 mask 0.0.0.0 nomodify notrap

>From what I can tell, everything appears to be fine with the server.  I
am also unable to sync the time on another computer on the same
network, again, with no firewall interference.

Where can I look for causes of this problem?

Thanks

Mike wrote:
> Whenever I try and sync time to my server, from a remote location
> (using ntpdate -u <myremotentpdservername> ), I always get the error
> "no server suitable for synchronization found".  My server is
> firewalled, but it is allowing TCP and UDP connection through port 123

Why is 123/TCP open? NTP doesn't use it. You should close that hole.

> 
> I have the following in my ntp.conf file to allow for remote
> connections:
> 
>   restrict 0.0.0.0 mask 0.0.0.0 nomodify notrap
> 

What happened when you removed this and any other restrict statements?
You did do that didn't you?

>>From what I can tell, everything appears to be fine with the server.  I
> am also unable to sync the time on another computer on the same
> network, again, with no firewall interference.
> 
> Where can I look for causes of this problem?
> 

Start by removing restrictions first.

Danny
_______________________________________________
questions mailing list
questions@lists.ntp.isc.org
https://lists.ntp.isc.org/mailman/listinfo/questions

I've removed all restrict statements, and the same thing is still
occuring.  One thing I've looked at, that may help me widdle down this
issue a little more, from a remote computer, I ran ntpd -ud <serverip>
.. In the output, I see "Server dropped: strata too high".

What would be causing my strata to be too high?  It is showing my
stratum to be 16.

Thanks 

Mike

I should also note, than when I run a ntpq -p on my server, the first
entry in the list is:

     remote           refid      st t when poll reach   delay   offset
jitter
==============================================================================
 LOCAL(0)       .           16 l    -   64    0    0.000    0.000
4000.00


(sorry for the formatting).  Following this local entry, as I said in
the first post, there is a list of a couple stratum 2, and a couple
stratum 3 servers (about 5 in total).

Thanks.

"Mike" <mikedawg@gmail.com> wrote:

> I should also note, than when I run a ntpq -p on my server, the first
> entry in the list is:
> 
>      remote           refid      st t when poll reach   delay   offset
> jitter
> ==============================================================================
>  LOCAL(0)       .           16 l    -   64    0    0.000    0.000
> 4000.00
> 
> 
> (sorry for the formatting).  Following this local entry, as I said in
> the first post, there is a list of a couple stratum 2, and a couple
> stratum 3 servers (about 5 in total).

Does one of them have a * by it in the first column?  If not, your
server is not synchronised, which appears to be the case if its
stratum is 16 as you mentioned earlier.  Try "ntpq -c lassoc" 

-- 
                      Ronan Flood <R.Flood@noc.ulcc.ac.uk>
                        working for but not speaking for
             Network Services, University of London Computer Centre
     (which means: don't bother ULCC if I've said something you don't like)

Mike wrote:

> I've removed all restrict statements, and the same thing is still
> occuring.  One thing I've looked at, that may help me widdle down this
> issue a little more, from a remote computer, I ran ntpd -ud <serverip>
> . In the output, I see "Server dropped: strata too high".
> 
> What would be causing my strata to be too high?  It is showing my
> stratum to be 16.
> 
> Thanks 
> 
> Mike
> 

"Stratum 16" means that the server is not synchronized!  It suggests 
that the server has lost contact with its own servers.

NTP is hierarchical!  At the top of the hierarchy are the atomic clocks 
at various national standards laboratories.  Stratum 1 servers get time 
directly from such an atomic clock.  The connection may be a few feet of 
cable or a radio broadcast from a GPS satellite; IOW it is one "hop" 
away from the atomic clock.

Stratum 2 servers get their time from stratum 1 servers.

Your stratum 16 server is getting its time from its wrist watch; it may 
or may not be correct but it has lost its place, or may not ever have 
had a place, in the hierarchy.

There are sites that, for one reason or another, do not or cannot have 
an internet connection and cannot or will not use a hardware reference 
clock such as a GPS receiver, WWV receiver, or WWVB receiver.  The 
latest version of ntpd supports an "orphan mode" that, as I understand 
it, will allow them to synchronize clocks but does not guarantee correct 
time.

Mike wrote:

> I should also note, than when I run a ntpq -p on my server, the first
> entry in the list is:
> 
>      remote           refid      st t when poll reach   delay   offset
> jitter
> ==============================================================================
>  LOCAL(0)       .           16 l    -   64    0    0.000    0.000
> 4000.00
> 
> 
> (sorry for the formatting).  Following this local entry, as I said in
> the first post, there is a list of a couple stratum 2, and a couple
> stratum 3 servers (about 5 in total).
> 
> Thanks.
> 

The first line is not particularly useful.

The key to the problem will be found in the second through the sixth lines.

On 2006-04-28, Mike <mikedawg@gmail.com> wrote:
> I should also note, than when I run a ntpq -p on my server, the first
> entry in the list is:
>
>  remote   refid      st t when poll reach   delay   offset  jitter
>====================================================================
>  LOCAL(0)    .       16 l    -   64    0    0.000    0.000  4000.00

Please post the entire output of 'ntpq -pcrv'.

-- 
Steve Kostecke <kostecke@ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/