f



NTP client syncs successfully with NTP server within local network but not with the NTP pool servers

I am using ntp 4.2.6p5 on linux.

I setup an NTP server on a machine in another subnet and tried to sync
my machine with the server and it works well. But when I try to use
the pool.ntp.org servers (I tried 0.pool.ntp.org, 1.pool.ntp.org, etc.
and just pool.ntp.org servers), it does not sync.

nslookup on pool.ntp.org as well as 0.pool.ntp.org gives proper DNS
resolution and ping works on the IPs returned by nslookup as well.

Output of iptables grepped for UDP is as follows:

[Thu Feb 10 12:39:14 root@root-ubuntu:~]# iptables -L -n -v | grep udp

92 13001 ACCEPT    udp -- *    *     0.0.0.0/0          0.0.0.0/0
   state RELATED,ESTABLISHED
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:123
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:161
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:443
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:623
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:389
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:636
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:3268
0     0 ACCEPT     udp -- *    *     0.0.0.0/0          0.0.0.0/0
   udp dpt:3269

Output of the netstat command is as follows:

[Thu Feb 10 12:35:51 root@root-ubuntu:~]# netstat -a | grep udp

udp        0      0 localhost:9473                 0.0.0.0:*
udp        0      0 0.0.0.0:asf-rmcp               0.0.0.0:*
udp        0      0 173.39.22.123:ntp              0.0.0.0:*
udp        0      0 localhost:ntp                  0.0.0.0:*
udp        0      0 0.0.0.0:ntp                    0.0.0.0:*
udp        0      0 all-systems.mcast.net:23000    0.0.0.0:*
udp        0      0 ::1:ntp                        ::%628620:*
udp        0      0 fe80::222:bdff:feea:9f1f:ntp   ::%628620:*
udp        0      0 fe80::222:bdff:feea:9f20:ntp   ::%628620:*
udp        0      0 :::ntp                         ::%628620:*

I am unable to figure out why the sync problem is happening only with
the pool servers and not the local server. The UDP ports in my system
is up. The servers are up. Time however does not sync (It is still
displaying Feb 10.)

Adding my .conf file:

driftfile /tmp/ntp.drift/
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

Adding ntpq -p data:

[Thu Feb 10 12:55:51 root@root-ubuntu:~]# ntpq -p 0.pool.ntp.org

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*64.147.116.229  .ACTS.           1 u  151 1024  377    2.439   -0.632   0.052
+131.107.13.100  .ACTS.           1 u  879 1024  377   27.853    1.041   0.539
-time.nrc.ca     132.246.11.231   2 u  989 1024  377   86.821   -4.132   8.778
-time1.chu.nrc.c 209.87.233.52    2 u   53 1024  377  109.221    3.153   9.377
+dense.utcc.utor 128.100.200.166  2 u   88 1024  377   64.115   -1.841   0.454
-dns4.utoronto.c 128.100.103.253  2 u  167 1024  377   65.252  -43.422  56.093
0
Arpith
1/9/2013 5:41:47 AM
comp.protocols.time.ntp 4895 articles. 2 followers. Post Follow

4 Replies
1727 Views

Similar Articles

[PageSpeed] 56

On 09/01/2013 05:41, Arpith Nayak wrote:
> I am using ntp 4.2.6p5 on linux.
>
> I setup an NTP server on a machine in another subnet and tried to sync
> my machine with the server and it works well. But when I try to use
> the pool.ntp.org servers (I tried 0.pool.ntp.org, 1.pool.ntp.org, etc.
> and just pool.ntp.org servers), it does not sync.
[]
> Adding ntpq -p data:
>
> [Thu Feb 10 12:55:51 root@root-ubuntu:~]# ntpq -p 0.pool.ntp.org
>
>       remote           refid      st t when poll reach   delay   offset  jitter
> ==============================================================================
> *64.147.116.229  .ACTS.           1 u  151 1024  377    2.439   -0.632   0.052
> +131.107.13.100  .ACTS.           1 u  879 1024  377   27.853    1.041   0.539
> -time.nrc.ca     132.246.11.231   2 u  989 1024  377   86.821   -4.132   8.778
> -time1.chu.nrc.c 209.87.233.52    2 u   53 1024  377  109.221    3.153   9.377
> +dense.utcc.utor 128.100.200.166  2 u   88 1024  377   64.115   -1.841   0.454
> -dns4.utoronto.c 128.100.103.253  2 u  167 1024  377   65.252  -43.422  56.093
=================

Arpith, why do you think your own PC is not syncing?  What is the output 
from "ntpq -p" on your own PC?  (Your ntpq command to a remote PC is 
working).  Then see:

   http://support.ntp.org/bin/view/Support/TroubleshootingNTP

Paragraph: 9.4. Checking ntpd 's status.

Perhaps you need to set the coarse time before starting NTP, or start 
NTP with the flag which allows it to step the time at startup.  I think 
that's "-g".  See, for example:

   http://www.freebsd.org/cgi/man.cgi?query=ntpd&sektion=8
-- 
Cheers,
David
Web: http://www.satsignal.eu
0
David
1/9/2013 8:58:51 AM
On 1/9/2013 12:41 AM, Arpith Nayak wrote:
> Adding my .conf file:
>
> driftfile /tmp/ntp.drift/
> server 0.pool.ntp.org
> server 1.pool.ntp.org
> server 2.pool.ntp.org
> server 3.pool.ntp.org
>
> Adding ntpq -p data:
>
> [Thu Feb 10 12:55:51 root@root-ubuntu:~]# ntpq -p 0.pool.ntp.org
>
>       remote           refid      st t when poll reach   delay   offset  jitter
> ==============================================================================
> *64.147.116.229  .ACTS.           1 u  151 1024  377    2.439   -0.632   0.052
> +131.107.13.100  .ACTS.           1 u  879 1024  377   27.853    1.041   0.539
> -time.nrc.ca     132.246.11.231   2 u  989 1024  377   86.821   -4.132   8.778
> -time1.chu.nrc.c 209.87.233.52    2 u   53 1024  377  109.221    3.153   9.377
> +dense.utcc.utor 128.100.200.166  2 u   88 1024  377   64.115   -1.841   0.454
> -dns4.utoronto.c 128.100.103.253  2 u  167 1024  377   65.252  -43.422  56.093
> _______________________________________________

Of much greater use would be "ntpq -p" from the system having the 
problem. Is ntpd still running on that system or has it exited. If it 
has exited, you should check the syslog for any messages. If it hasn't 
the ntpq output would be the next step to seeing what is happening.

By the way, the output of "ntpq -p 0.pool.ntp.org" isn't very useful for 
another reason. Since this is a roundrobin DNS address, there isn't any 
guarantee that it is even the same system that the ntpd process is using.

Brian.
0
Brian
1/9/2013 1:20:07 PM
Arpith Nayak wrote:> Adding my .conf file:
>
> driftfile /tmp/ntp.drift/
> server 0.pool.ntp.org
> server 1.pool.ntp.org
> server 2.pool.ntp.org
> server 3.pool.ntp.org

restrict source nomodify
---------^^^^^^
I don't think it should be needed without other restrict statements,
 however its worth a try.

-- 
E-Mail Sent to this address <BlackList@Anitech-Systems.com>
  will be added to the BlackLists.
0
E
1/9/2013 5:05:05 PM
In article <kck805$44u$1@dont-email.me>,
 E-Mail Sent to this address will be added to the BlackLists <Null@BlackList.Anitech-Systems.invalid> writes:

>restrict source nomodify
>---------^^^^^^
>I don't think it should be needed without other restrict statements,
> however its worth a try.

I think the first step for debugging restrict statements would
be to comment them all out and see if that works.  If not, you
have another problem.

-- 
These are my opinions.  I hate spam.

0
hal
1/10/2013 11:14:52 AM
Reply: