I’m having no problem syncing the time from my smoothwall firewall (smoothwall.org) with OpenSuse 11.0 or by using Dimension4 (thinkman.com) for Windows but none of my OpenSuse 11.1 machines will sync with the same smoothwall.
All the 11.1 machines give the same “Server is unreachable or does not respond properly” message when you click the test button.
Suse log /var/log/ntp shows the same thing:
18 Jun 10:50:53 ntpd[4163]: synchronized to 192.168.2.1, stratum 2
18 Jun 10:50:53 ntpd[4163]: kernel time sync status change 4001
18 Jun 10:51:59 ntpd[4163]: no servers reachable
18 Jun 23:07:10 ntpd[4163]: ntpd exiting on signal 15
I can sync my Suse 11.1 with other NTP servers on my LAN and with outside public servers with no problems.
My question is where do I look for more information on what is going wrong?
stan qaz wrote:
> I’m having no problem syncing the time from my smoothwall firewall
> (smoothwall.org) with OpenSuse 11.0 or by using Dimension4
> (thinkman.com) for Windows but none of my OpenSuse 11.1 machines will
> sync with the same smoothwall.
>
> All the 11.1 machines give the same “Server is unreachable or does not
> respond properly” message when you click the test button.
>
> Suse log /var/log/ntp shows the same thing:
>
> 18 Jun 10:50:53 ntpd[4163]: synchronized to 192.168.2.1, stratum 2
> 18 Jun 10:50:53 ntpd[4163]: kernel time sync status change 4001
> 18 Jun 10:51:59 ntpd[4163]: no servers reachable
> 18 Jun 23:07:10 ntpd[4163]: ntpd exiting on signal 15
>
> I can sync my Suse 11.1 with other NTP servers on my LAN and with
> outside public servers with no problems.
>
> My question is where do I look for more information on what is going
> wrong?
With
‘tcpdump -vv udp port 123’ you can at least see if the NTP request reaches
the server and what it sends back. E.g.:
10:27:53.291670 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 76) ferrets4me.xs4all.nl.ntp >
muso.komputilo.org.ntp: [bad udp cksum 8b42!] NTPv4, length 48
Client, Leap indicator: clock unsynchronized (192), Stratum 0, poll 6s, precision -20
Root Delay: 0.000000, Root dispersion: 0.000030, Reference-ID: (unspec)
Reference Timestamp: 0.000000000
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3454475273.291604588 (2009/06/20 10:27:53)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3454475273.291604588 (2009/06/20 10:27:53)
10:27:53.300941 IP (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto UDP (17), length 76) muso.komputilo.org.ntp >
ferrets4me.xs4all.nl.ntp: [udp sum ok] NTPv4, length 48
Server, Leap indicator: (0), Stratum 3, poll 6s, precision -20
Root Delay: 0.016845, Root dispersion: 0.051300, Reference-ID: dir.mcc.ac.uk
Reference Timestamp: 3454475056.840572793 (2009/06/20 10:24:16)
Originator Timestamp: 3454475273.291604588 (2009/06/20 10:27:53)
Receive Timestamp: 3454475282.678453646 (2009/06/20 10:28:02)
Transmit Timestamp: 3454475282.678482993 (2009/06/20 10:28:02)
Originator - Receive Timestamp: +9.386849057
Originator - Transmit Timestamp: +9.386878404
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel
Either run this on the smoothwall host (with ‘tcpdump -vv host aa.bb.cc.dd and udp port 123’) or on the client PC.
If tcpdump isn’t installed then zypper would be your friend.
Theo
Thanks, that got me started! It looked like things were working or at least the two were talking.
I killed the running ntpd process and tried running ntpd from the command line (copied it from the output of ps) with an added initial -d (debug) flag to see if that was telling me anything.
ntpd -d -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -i /var/lib/ntp -c /etc/ntp.conf
I kept seeing debug responses like this one:
transmit: at 453 192.168.2.100->192.168.2.1 mode 3
receive: at 453 192.168.2.100<-192.168.2.1 mode 4 code 1 auth 0
clock_filter: discard 0
Why it was being discarded was a mystery at that point. I went to the ntpd config file to see what was there and found a line that appeared to be causing it.
restrict 192.168.2.1
I am thinking that restrict was added when the yast test failed so I removed it from the ntpd.conf file and restarted ntpd from the command line again. with this change it looks like the ntpd is having no problems syncing the smoothwall server.
transmit: at 326 192.168.2.100->192.168.2.1 mode 3
receive: at 326 192.168.2.100<-192.168.2.1 mode 4 code 1 auth 0
clock_filter: n 6 off 0.033992 del 0.000425 dsp 1.172745 jit 0.002189, age 0
auth_agekeys: at 360 keys 1 expired 0
I can’t claim to understand this but on the other hand it is working now.
I just booted 11.2 milestone 2 and it is failing there too.