As I recall (and I might be wrong here) the ntpd default configuration in 13.1 had no servers configured by default (if you didn’t run the NTP config from YAST(?) ) so if you just installed it and fired it up, you’d end up with no servers configured for queries.
However, I might remember this incorrectly. Which would be nothing new
The Op tells about installing an RPM. As the NTP package is normaly already installed, I was unsure, if he only wanted to mention that he checked that or if he wanted to declare that he had installed an RPM from somewhere.
AFAIK NTP, when started allways also runs as a server. I have started it using YaST (of course) and only filled in the NTP server I want to use. Nevertheless:
which shows that the NTP daemon is listening on the ntp ports of my system. By default.
boven:~ # systemctl status ntp.service
ntp.service - LSB: Network time protocol daemon (ntpd)
Loaded: loaded (/etc/init.d/ntp)
Active: active (running) since Tue 2015-01-20 09:30:06 CET; 5h 50min ago
Process: 1383 ExecStart=/etc/init.d/ntp start (code=exited, status=0/SUCCESS)
└─1515 /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -i /var/lib/ntp -c /etc/ntp.conf
Jan 20 09:30:06 boven systemd: Starting LSB: Network time protocol daemon (ntpd)...
Jan 20 09:30:06 boven ntpd: ntpd firstname.lastname@example.org Fri Dec 19 19:17:40 UTC 2014 (1)
Jan 20 09:30:06 boven ntpd: proto: precision = 0.120 usec
Jan 20 09:30:06 boven ntpd: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
Jan 20 09:30:06 boven ntpd: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
Jan 20 09:30:06 boven ntpd: Listen and drop on 1 v6wildcard :: UDP 123
Jan 20 09:30:06 boven ntpd: Listen normally on 2 lo 127.0.0.1 UDP 123
Jan 20 09:30:06 boven ntpd: Listen normally on 3 enp1s8 10.0.0.154 UDP 123
Jan 20 09:30:06 boven ntpd: Listen normally on 4 lo ::1 UDP 123
Jan 20 09:30:06 boven ntpd: Listen normally on 5 enp1s8 fe80::21b:fcff:fe7f:c1ef UDP 123
Jan 20 09:30:06 boven ntpd: Listen normally on 6 enp1s8 2001:980:91a0:1:d63:e07a:ced2:b96f UDP 123
Jan 20 09:30:06 boven ntpd: Listen normally on 7 enp1s8 2001:980:91a0:1:21b:fcff:fe7f:c1ef UDP 123
Jan 20 09:30:06 boven ntpd: peers refreshed
Jan 20 09:30:06 boven ntpd: Listening on routing socket on fd #24 for interface updates
Jan 20 09:30:06 boven systemd: Started LSB: Network time protocol daemon (ntpd).
shows IMHO also that it is listening.
Thus my question to the OP, why did you not do it as shown above.
Guys thanks for the reply and sorry for my late reply.
Yeah, there were some issues with the ntp.conf file corrected it added the servers. Now errors are gone and ntp status is active (running)
Yes you people are right. Ntp is installed by default with 13.1. Had to remove it for doing some configurations. Was trying to install a custom made module instead of ntp. Later only came to know that ntp is also required. So I installed it back :’(
rpm I used is ntp-4.2.6p5-15.2.1.x86_64
Now ntpq -np returns
::1: timed out, nothing received
***Request timed out
and ntpq -4 -pnd returns
1 packets reassembled into response
remote refid st t when poll reach delay offset jitter
2 packets reassembled into response
69.***.***.102 .INIT. 16 u - 16 0 0.000 0.000 0.000
2 packets reassembled into response
*127.127.1.0 .LOCL. 2 l 15 64 377 0.000 0.000 0.000
As long as you do not confirm if you have the standard version offered by YaST > Software > Software management (I am not interested in some RPM identification, please keep it simple and install with YaST), and you do not confirm that you configured (and let it start “now and on boot”) through the YaST module, and still have a problem with the NTP client not functioning, I am not going to dive any further into this.
This is so simple. It works for many years and many versions in this way. I do see no reason to follow a different path, then ask for adviise and then still do different. When you see that reason, please explain.
I think the main problem here is that on 13.1 there was no default configuration. If you had a minimal server install then installed ntp via zypper and started it - it wouldn’t work properly as no servers were defined.
On 13.2 this has been rectified as the default package now contains the openSUSE ntp servers which I pasted up there.
I understand what you mean, but I never started an unconfigured NTP.
The steps (seems logical to me):
install (of course using zypper instead of YaST > Software because f minimal install is fine);
when this is a minimal system then check if there is a YaST mopdule that cares for the product and install;
use the ncurses interfacee of YaST (minimal install) and configure and start, or configure manualy (by adding your NTP server at the end, after all when you manage a minimal install, you should know how) and start (eithetr again using YaST > System >Serrvices Manager or the sysctl commands.
In any case, I mistrust that story about an RPM. Is that tthe RPM installed from the standard OSS/Update repo or not? And when yes, why not simply say: It is installed using YaST or zypper. It makes me suspicious
Ok, thus the package is there, you configured the servers mentioned earlier and started using systemctl. But you have time-outs.
One thing tha the YaST module has on it’s screens is a possibility to check if the configured server “works” before you finish off the configuration. Are you realy not able to use yast (ncurses) from the terminal connection you have?
Some wild suggestions: those servers may be a bit far away (networkwise) and in any case, I assume you wanted to use another server in the beginning. Can’t you replace the opensuse ones with the one you wanted to use?
When you use YaST for this sort of actions, my experience is that YaST also configures the firewall as a nice service to the administrator. When you do not use YaST, it could be that firewall configuration is needed.
On 2015-01-21 14:06, jithinkodoor wrote:
> Sorry I missed out that. I’m doing it on a remote machine and have only
> terminal access. Installed rpm through command line only.
You can also use yast in text mode, in the terminal, and start the ntp configuration module, that should make things easier.
On 2015-01-21 11:36, jithinkodoor wrote:> Now ntpq -np returns
> ::1: timed out, nothing received
> ***Request timed out
Known problem. Disabled for security (vulnerability in the wild).
#restrict default noquery
## Cross References: CVE-2013-5211
## Side effect: ntpq will not work.
You probably have this or similar:
# Access control configuration; see /usr/share/doc/packages/ntp/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody,
#but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict 192.168.1.0 mask 255.255.255.0 notrust
So if you want ntpq remotely, you need to setup cryptographic access. No, I don’t know how to do it. :-}
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)