Ntp Client

Rick Stevens rstevens at vitalstream.com
Fri Feb 20 01:06:57 UTC 2004


Bruce McDonald wrote:
> <Big Snip>
> 
> Rick's imparted knowledge:
> 
> 
>>Ok, let's try something simple.  Try:
> 
> 
>>    tcpdump port 123
> 
> 
>>>in one window, then stop and restart xntpd.  Verify that you actually
>>>see traffic.  If not, you might try turning off iptables and trying
>>>again.  If it works the second time, look higher up in your iptables
>>>to see if you have a block before your "--dport 123 -j ACCEPT" lines.
> 
> 
>>Due to the way PPPoE works with DSL, I needed to type tcpdump -i PPP0 port
>>123
> 
> 
>>Thanks Rick, you once again caused me to think in the right direction to
>>find where a problem lies.
> 
> 
>>Now I can see traffic.  And the clock is correct, so I guess I will let it
>>run and see if it drifts by a significant amount in the next couple of
>>days.  Interestingly, the drift file says 0.00; I find that hard to
>>believe.  I think I'll have to delete it and restart ntpd to recalculate
>>the drift.
> 
> 
> Whoops, I forgot to give any of the tcpdump info.  Here is a snippet:
> 
> 15:58:17.313929 my.assigned.ip.ntp > 204.34.198.40.ntp:  v4 client strat 0
> poll 4 prec -6 (DF)
> 15:58:17.372567 204.34.198.40.ntp > my.assigned.ip.ntp:  v4 server strat 1
> poll 4 prec -19 (DF)
> 15:58:18.313660 my.assigned.ip.ntp > 204.34.198.40.ntp:  v4 client strat 0
> poll 4 prec -6 (DF)
> 15:58:18.371575 204.34.198.40.ntp > my.assigned.ip.ntp:  v4 server strat 1
> poll 4 prec -19 (DF)
> 15:58:30.413835 my.assigned.ip.ntp > 63.247.194.250.ntp:  v4 client strat 0
> poll 6 prec -16 (DF) [tos 0x10] 
> 15:58:30.477898 63.247.194.250.ntp > my.assigned.ip.ntp:  v4 server strat 2
> poll 6 prec -17 (DF)
> 
> Also, when I restarted ntpd it read:
> 
> Shutting down ntpd:                                         [   OK   ]
> ntpd: Synchronizing with time server:            [FAILED]
> Starting ntpd:                                                   [   OK   ]
> 
> I hope the failed is not an evil omen.

Uh, I don't think so.  The standard RH9 ntpd stop/start script buggers
the firewall if it was configured by Lokkit before it shuts down the
ntpd server.  So, since ntpd tries to sync the clock one last time
before it goes bye-bye, the hole in the firewall gets closed before it
can and voila!  Error message!

And I'm not fond of the script's check as to whether the firewall was
set up (part of /etc/rc.d/init.d/ntpd):

# Is there a firewall running, and does it look like one we configured?
FWACTIVE=''
if iptables -L -n 2>/dev/null | grep -q RH-Lokkit-0-50-INPUT ; then
     FWACTIVE=1
fi

Something in there doesn't track right.  "grep -q" will return 0 if
a match is found, which seems opposite of what's intended.

Oh, well, it's been a long day and I'm a bit fuzzy.  I'm probably
missing something simple.  Must have the 4th major food group for
nerds:

	1. Twinkies
	2. Kung Pao Chicken (or anything hot and spicy)
	3. Microwave Popcorn
	4. Caffeine <----- Yeah!
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-  Time: Nature's way of keeping everything from happening at once.  -
----------------------------------------------------------------------





More information about the Redhat-install-list mailing list