Results 1 to 10 of 10

Thread: Create a local NTP server

  1. #1

    Default Create a local NTP server

    opensuse v11.4 (server), v12.2 (clients)

    I wish to set the server as a NTP time server. It is sync'ing fine as a client to a number of external servers and I would prefer to have it be the only one seeking external data.

    The firewall port, 123, is open. Using telnet, though, to test the service ("telnet time-server 123"), the connection is refused, implying that the host is not being a NTP server.

    How do I change the configuration to be a NTP server?

  2. #2
    Join Date
    Sep 2012
    Posts
    5,141

    Default Re: Create a local NTP server

    Quote Originally Posted by jimoe666 View Post
    ("telnet time-server 123"), the connection is refused
    NTP is using UDP, not TCP. You can use "ntpq -p time-server" to quickly check it as long as there is no access restrictions.

  3. #3

    Default Re: Create a local NTP server

    NTP is using UDP, not TCP.
    Ah, yes, of course.

    Here is what I get when I query my system. sma-server3 is the host I wish to be a time server. The results indicate that it is not set up correctly.

    Code:
    $ /usr/sbin/ntpq -p localhost
         remote           refid      st t when poll reach   delay   offset  jitter
    ==============================================================================
     sma-server3.sma 140.142.16.34    2 u    9   64    0    0.000    0.000   0.000
    *bigben.cac.wash .GPS.            1 u   30   64  377   94.979  1635.52 340.306

  4. #4
    Join Date
    Sep 2012
    Posts
    5,141

    Default Re: Create a local NTP server

    And /etc/ntp.conf from sma-server3?
    Code:
    grep -Ev '^#|^$' /etc/ntp.conf

  5. #5

    Default Re: Create a local NTP server

    $ grep -Ev '^#|^$' /etc/ntp.conf
    Code:
    driftfile /var/lib/ntp/drift/ntp.drift       
    logfile /var/log/ntp              
    keys /etc/ntp.keys              
    trustedkey 1                  
    requestkey 1                  
    server bigben.cac.washington.edu  iburst
    server ntp.nasa.gov  iburst
    server time-a.timefreq.bldrdoc.gov  iburst
    server pool.ntp.org  iburst

  6. #6
    Join Date
    Sep 2012
    Posts
    5,141

    Default Re: Create a local NTP server

    Does "ntpq -p" on sma-server3 shows that it is in sync? If yes, it is most likely port blocking issue. Check "iptables -L -v -n" on both hosts; to be on safe side, check also "iptables -L -n -v -t nat". Is there any firewall/NAT between two servers?

  7. #7

    Default Re: Create a local NTP server

    Code:
     $ ntpq -p sma-server3
         remote           refid      st t when poll reach   delay   offset  jitter
    ==============================================================================
    +bigben.cac.wash .GPS.            1 u   73   64    1   95.501  580.087 362.399
    +ntp-nasa.arc.na .GPS.            1 u   22   64    1  130.432  713.769 428.484
    *time-a.timefreq .ACTS.           1 u   32   64    1  100.151  665.082 419.913
    +name1.glorb.com 128.174.38.133   2 u   61   64    1  124.695  610.208 404.442
    Code:
    $ iptables -L -v -n |grep 123
        1    60 LOG        tcp  --   *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 3/min  burst 5 tcp dpt:123 flags:0x17/0x02 LOG flags 6 level 4 prefix  `SFW2-INext-ACC-TCP ' 
        2   120 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:123 
      352 26716 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:123 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:123
    Code:
    $ iptables -L -n -v -t nat
    Chain PREROUTING (policy ACCEPT 57383 packets, 6095K bytes)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain INPUT (policy ACCEPT 33927 packets, 3942K bytes)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain OUTPUT (policy ACCEPT 27986 packets, 2150K bytes)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain POSTROUTING (policy ACCEPT 27986 packets, 2150K bytes)
     pkts bytes target     prot opt in     out     source               destination

  8. #8

    Default Re: Create a local NTP server

    Is there any firewall/NAT between two servers?
    Each host is running a firewall. The server has port 123 opened. There are no intermediate hosts involved.

  9. #9
    Join Date
    Sep 2012
    Posts
    5,141

    Default Re: Create a local NTP server

    Quote Originally Posted by jimoe666 View Post
    The server has port 123 opened.
    And client?

    Your ntp.conf is fine. Whatever problem you have is most likely in iptables configuration. Check with tcpdump/tshark/wireshark whether any request is seen on server at all and whether it sends a reply. Check with tcpdump/tshark/wireshark whether client sees this reply. If packets are actually flowing in both directions, you can start looking at ntpd configuration again.

  10. #10

    Default Re: Create a local NTP server - SOLVED

    This site describes quite clearly how to change the configuration file to allow local access as a time server.

    <http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch24_:_The_NTP_Server>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •