Problem with NTP.
Reber, Simon
simon.reber at roche.com
Tue Apr 21 11:05:23 UTC 2009
Andrew,
To make a try run with tcpdump, simply run tcpdump ... This will show
you the entire network traffic from this server.
To find out more about tcpdump, have a look at the man page:
http://linux.die.net/man/8/tcpdump
About the messages. Are I am right that you also run a DHCP services on
this host?
And is the interface you are working with bond0?
Do the other servers also have bonding interfaces?
Some other thoughts:
what does ntpdate -q server1 return?
what result does ntptrace return?
what shows cat /etc/nsswitch.conf | grep services
what shows ypcat -k services | grep ntp
Is there a firewall between localhost and server1
What's the date/time and timezone of the server
With the help of the above information, we should be able to fix the
problem (hopefully) ;-)
Cheers,
Simon
>-----Original Message-----
>From: redhat-list-bounces at redhat.com
>[mailto:redhat-list-bounces at redhat.com] On Behalf Of
>Andrew.Bridgeman at corusgroup.com
>Sent: Tuesday, April 21, 2009 12:42 PM
>To: General Red Hat Linux discussion list
>Subject: RE: Problem with NTP.
>
>
>
>Hello Simon,
> Thanks for help so far. I have checked and the
>tcpdump package is installed with root permission's so in
>theory we should
>be able to run the tcpdump command. Is there an even simpler tcpdump
>command to run just to check it can be used. Also I have
>attached the last
>25 minutes of the messages log, in which I have restarted the
>ntpd service
>to try and get it too synchronise. If you see anything to investigate
>please let me know.
>
>Apr 21 11:05:06 dhcpd: DHCPREQUEST for Server from
>00:17:a4:f9:6f:fa via
>bond0: unknown lease Server.
>Apr 21 11:05:07 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:05:44 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:07:13 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:09:15 last message repeated 2 times
>Apr 21 11:10:37 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:12:39 last message repeated 2 times
>Apr 21 11:13:52 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:14:40 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:15:52 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:17:12 last message repeated 2 times
>Apr 21 11:19:15 last message repeated 2 times
>Apr 21 11:19:56 ntpd[26183]: ntpd Thu Nov 6 11:08:22 UTC 2008 (1)
>Apr 21 11:19:56 ntpd[26184]: precision = 1.000 usec
>Apr 21 11:19:56 ntpd[26184]: Listening on interface wildcard,
>0.0.0.0#123
>Disabled
>Apr 21 11:19:56 ntpd[26184]: Listening on interface wildcard, ::#123
>Disabled
>Apr 21 11:19:56 ntpd[26184]: Listening on interface bond0,
>fe80::21e:bff:fe60:acda#123 Enabled
>Apr 21 11:19:56 ntpd[26184]: Listening on interface lo, ::1#123 Enabled
>Apr 21 11:19:56 ntpd[26184]: Listening on interface lo, 127.0.0.1#123
>Enabled
>Apr 21 11:19:56 ntpd[26184]: Listening on interface bond0, Server#123
>Enabled
>Apr 21 11:19:56 ntpd[26184]: kernel time sync status 0040
>Apr 21 11:19:56 ntpd[26184]: frequency initialized 0.000 PPM from
>/var/lib/ntp/drift
>Apr 21 11:20:10 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:21:13 dhcpd: BOOTREQUEST from 00:18:b1:4d:32:00 via
>bond0: BOOTP
>from dynamic client and no dynamic leases
>Apr 21 11:23:12 last message repeated 2 times
>Apr 21 11:25:01 last message repeated 2 times
>
>Thanks
>
>Andrew Bridgeman
>
>
>
>
>
> "Reber, Simon"
>
> <simon.reber at roch
>
> e.com>
> To
> Sent by: "General Red Hat Linux
>discussion
> redhat-list-bounc list"
><redhat-list at redhat.com>
> es at redhat.com
> cc
>
>
>
> Subject
> 21/04/2009 11:16 RE: Problem with NTP.
>
>
>
>
>
> Please respond to
>
> General Red Hat
>
> Linux discussion
>
> list
>
> <redhat-list at redh
>
> at.com>
>
>
>
>
>
>
>
>
>
>Hi Andrew,
>
>Well I think this is going to be a bit more difficult.
>The "timeout" is coming obviously from the ntp settings set on server1
>(noquery, etc.)
>
>Anyway tcpdump is a tool to look at the network traffic and as
>you said,
>it is not possible to find the binary which usually indicates that it
>isn't installed (try to run rpm -qa | grep tcpdump to see if
>it is there
>or not)
> BTW: The program is under /usr/sbin and needs
>root permissions
>to be executed
>
>So I strongly suggest to install tcpdump to see what is going
>on, on the
>network interface (especially on port 123 since this is the ntp port)
> An other help could be to check /var/adm/messages
>to see if
>there is any hint why ntp isn't working properly
>
>Cheers,
>Simon
>
>P.S. Sorry for the guessing all the time but it's difficult to give
>advice via email.
> I have tons of idea where the problems could be
>located but to
>mention all that I would need to write a book ;-)
>
>>-----Original Message-----
>>From: redhat-list-bounces at redhat.com
>>[mailto:redhat-list-bounces at redhat.com] On Behalf Of
>>Andrew.Bridgeman at corusgroup.com
>>Sent: Tuesday, April 21, 2009 11:31 AM
>>To: General Red Hat Linux discussion list
>>Subject: RE: Problem with NTP.
>>
>>
>>
>>Hello Simon,
>> When I run the ntpq -p server1
>>command I get an
>>"timeout, nothing received" so I tried the same command on 5
>>other machines
>>that are currently working fine and I get the same error so I
>>am unsure why
>>that is. The tcpdump command is showing no such file or
>>directory, are you
>>sure the syntax is correct?
>>
>>Regards
>>
>>Andrew Bridgeman
>>
>>
>>
>>
>>
>> "Reber, Simon"
>>
>> <simon.reber at roch
>>
>> e.com>
>> To
>> Sent by: "General Red Hat Linux
>>discussion
>> redhat-list-bounc list"
>><redhat-list at redhat.com>
>> es at redhat.com
>> cc
>>
>>
>>
>> Subject
>> 21/04/2009 10:19 RE: Problem with NTP.
>>
>>
>>
>>
>>
>> Please respond to
>>
>> General Red Hat
>>
>> Linux discussion
>>
>> list
>>
>> <redhat-list at redh
>>
>> at.com>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>Well as the configuration does work on other hosts, we don't going to
>>focus any further on this.
>> But what's about the output of ntpq -p <ntp
>source server>
>> In your example like: ntpq -p Server1
>>
>>What does tcpdump telling you:
>> Run # tcpdump -i <intergace> -vvv port 123
>> Is there any activity reported?
>>
>>Cheers,
>>Simon
>>
>>>-----Original Message-----
>>>From: redhat-list-bounces at redhat.com
>>>[mailto:redhat-list-bounces at redhat.com] On Behalf Of
>>>Andrew.Bridgeman at corusgroup.com
>>>Sent: Tuesday, April 21, 2009 11:13 AM
>>>To: General Red Hat Linux discussion list
>>>Subject: RE: Problem with NTP.
>>>
>>>
>>>
>>>
>>>Thanks for the reply Simon. Here is the ntpq and ntp.conf info.
>>>
>>> remote refid st t when poll reach
>delay offset
>>>jitter
>>>===============================================================
>>>===============
>>> Server1 Server2 4 u 9 64 77 18.104 -1193.4
>>>3.107
>>> Server2 Server 3 3 u
>> 5
>>>64 77 19.688 -1188.2 1.623
>>>
>>>
>>>restrict default noquery nomodify
>>>restrict 127.0.0.1
>>>restrict Server1 mask 255.255.255.255 nomodify notrap noquery
>>>restrict Server2 mask 255.255.255.0 nomodify notrap
>>>server Server1 minpoll 4 maxpoll 6
>>>server Server2 minpoll 4 maxpoll 6
>>>driftfile /var/lib/ntp/drift
>>>logfile /var/log/ntp.log
>>>
>>>Remember I use this config for numerous other machines, it is
>>>just this one
>>>I
>>>have an issue with. Any thoughts on possible solutions would be much
>>>appreciated.
>>>
>>>FYI
>>>
>>>When I run ntpq -p on all of our other Linux machines it shows
>>>as below.
>>>
>>> remote refid st t when poll reach
>delay offset
>>>jitter
>>>===============================================================
>>>===============
>>> +Server1 Server2 4 u 2 64 377
>>18.104 -12.428
>>>8.107
>>> *server2 Server 3 3 u
>>> 58
>>>64 377 19.688 -0.482 10.623
>>>
>>>Regards
>>>
>>>Andrew Bridgeman
>>>
>>>
>>>
>>>
>>>
>>>
>>> "Reber, Simon"
>>>
>>> <simon.reber at roch
>>>
>>> e.com>
>>> To
>>> Sent by: "General Red Hat Linux
>>>discussion
>>> redhat-list-bounc list"
>>><redhat-list at redhat.com>
>>> es at redhat.com
>>> cc
>>>
>>>
>>>
>>> Subject
>>> 21/04/2009 09:55 RE: Problem with NTP.
>>>
>>>
>>>
>>>
>>>
>>> Please respond to
>>>
>>> General Red Hat
>>>
>>> Linux discussion
>>>
>>> list
>>>
>>> <redhat-list at redh
>>>
>>> at.com>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>Well the root cause of this issue could be located on various places.
>>> What I can suggest to try is run # ntpq -p <ntp
>>>source server>
>>> <ntp source server> means the server which you
>>>are trying to
>>>synchronize with
>>>
>>> If the connection is refused than you know that
>>you have a
>>>permissions problem somewhere.
>>>
>>> An other option is to show the output of ntpq -p and
>>>/etc/ntp.conf
>>> Please make servernames and IP addresses
>>>anonymous.
>>>
>>>Cheers,
>>>Simon
>>>
>>>>-----Original Message-----
>>>>From: redhat-list-bounces at redhat.com
>>>>[mailto:redhat-list-bounces at redhat.com] On Behalf Of
>>>>Andrew.Bridgeman at corusgroup.com
>>>>Sent: Tuesday, April 21, 2009 10:44 AM
>>>>To: redhat-list at redhat.com
>>>>Subject: Problem with NTP.
>>>>
>>>>
>>>>I have a new Redhat version 4 server that was built last
>week. I have
>>>>edited the /etc/ntp.conf and made sure all the entries in the folder
>>>>/etc/ntp are the same as all the other Linux machines we have
>>>>onsite. It
>>>>seems to find time sources as when I use ntpq -p it comes up
>>>>with the name
>>>>and IP Addresses but I just cannot get it too sync i.e. has a
>>>>* or + next
>>>>to server IP Addresses. I have pretty much been through the
>>>>config on the
>>>>machine and the only two things I can see that are different
>>>>is that it is
>>>>using itself for NIS as it is the NIS master and also in the
>>>>/etc/hosts.equiv file it has individual entries not + at trusted
>>>>like all the
>>>>other machines. I do not think these differences are having an
>>>>impact on
>>>>NTP not synchronising but just thought I would mention them anyway.
>>>>
>>>>Does anyone know what I can try to solve this issue as the
>>time on the
>>>>server needs to be the same as all the other machines.
>>>>
>>>>Any help would be much appreciated.
>>>>
>>>>Regards
>>>>
>>>>Andrew Bridgeman
>>>>
>>>>*************************************************************
>>*********
>>>>This transmission is confidential and must not be used or
>>disclosed by
>>>>anyone other than the intended recipient. Neither Tata Steel
>>>>Europe Limited
>>>>nor
>>>>any of its subsidiaries can accept any responsibility for any use or
>>>>misuse of the transmission by anyone.
>>>>
>>>>For address and company registration details of certain entities
>>>>within the Corus group of companies, please visit
>>>>http://www.corusgroup.com/entities
>>>>
>>>>*************************************************************
>>*********
>>>>
>>>>--
>>>>redhat-list mailing list
>>>>unsubscribe
>mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>>>https://www.redhat.com/mailman/listinfo/redhat-list
>>>>
>>>
>>>--
>>>redhat-list mailing list
>>>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>>https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>>
>>>*************************************************************
>*********
>>>This transmission is confidential and must not be used or
>disclosed by
>>>anyone other than the intended recipient. Neither Tata Steel
>>>Europe Limited
>>>nor
>>>any of its subsidiaries can accept any responsibility for any use or
>>>misuse of the transmission by anyone.
>>>
>>>For address and company registration details of certain entities
>>>within the Corus group of companies, please visit
>>>http://www.corusgroup.com/entities
>>>
>>>*************************************************************
>*********
>>>
>>>--
>>>redhat-list mailing list
>>>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>>https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>
>>--
>>redhat-list mailing list
>>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>https://www.redhat.com/mailman/listinfo/redhat-list
>>
>>
>>**********************************************************************
>>This transmission is confidential and must not be used or disclosed by
>>anyone other than the intended recipient. Neither Tata Steel
>>Europe Limited
>>nor
>>any of its subsidiaries can accept any responsibility for any use or
>>misuse of the transmission by anyone.
>>
>>For address and company registration details of certain entities
>>within the Corus group of companies, please visit
>>http://www.corusgroup.com/entities
>>
>>**********************************************************************
>>
>>--
>>redhat-list mailing list
>>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>https://www.redhat.com/mailman/listinfo/redhat-list
>>
>
>--
>redhat-list mailing list
>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>https://www.redhat.com/mailman/listinfo/redhat-list
>
>
>**********************************************************************
>This transmission is confidential and must not be used or disclosed by
>anyone other than the intended recipient. Neither Tata Steel
>Europe Limited
>nor
>any of its subsidiaries can accept any responsibility for any use or
>misuse of the transmission by anyone.
>
>For address and company registration details of certain entities
>within the Corus group of companies, please visit
>http://www.corusgroup.com/entities
>
>**********************************************************************
>
>--
>redhat-list mailing list
>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list