1. How great is the time discrepancy? ntp will, in general, only correct a limited amount of variation (something like 100 seconds, I think, but you should check that). In the other direction, a few seconds of discrepancy will not be surprising, depending on how often the different hosts sync to the server (I usually only sync once a day myself, for example) and how good their local clocks are (cheap computers have cheap clocks).
2. Did you modify your firewall ruleset so it allows outgoing packets from/to the ntp port (123 tcp and udp) on the firewall (and on the LAN, for the peers)?
3. From the firewall, can you ping time.nuri.net? If not, how does the ping fail?
4. What do these addresses have to do with your setup?
restrict 192.5.41.40 nomodify notrap restrict 198.82.162.213 nomodify notrap restrict 128.118.25.3 nomodify notrap
At 07:23 PM 11/11/02 +0700, Thitiporn Pornpirunrak wrote:
Hi all,
Today I try to add xntpd.lrp into my bering box. But after I config server in ntp.conf. I don't know did my firewall synctime with time server? But when i config another bering box to sync time with that firewall and use "date" command to check. Both firewall time didn't equal. I am using Bering RC3. and this is my network diagram.
Firewall2 --------------------------> time.nuri.net
192.168.102.6 xxx.xxx.xxx.xxx
This is my firewall1 ntp.conf configuration.
##############################
# First define the clocks we are using
server time.nuri.net version 3 prefer
# where the drift file is located
driftfile /etc/ntp.drift
# Block everyone out by default
restrict default notrust nomodify nopeer notrust noserve notrap
# Let our time servers be trusted
restrict 192.5.41.40 nomodify notrap
restrict 198.82.162.213 nomodify notrap
restrict 128.118.25.3 nomodify notrap
# Let a machine on our DMZ get updates but not modify
restrict 192.168.2.215 nomodify notrap
# Let anything coming from the internal network do
# anything. Let's you run xntpdc from your internal
# network.
restrict 192.168.2.254
# Same for the localhost.
restrict 127.0.0.1
# Auth stuff, even if your trusted you need the key
keys /etc/ntp.keys
trustedkey 99
requestkey 99
controlkey 99
##############################
After I config and try to run xntpd command manually by "xntpd -c /etc/ntp.conf -l /var/log/xntpd.log" and tail in my log file. It shows
##############################
7 Nov 17:09:57 xntpd[24666]: logging to file /var/log/xntpd.log
7 Nov 17:09:57 xntpd[24666]: xntpd 3-5.93 Sun Apr 8 09:08:37 EDT 2001 (2)
7 Nov 17:09:57 xntpd[24666]: tickadj = 5, tick = 10000, tvu_maxslew = 495, est. hz = 100
7 Nov 17:09:57 xntpd[24666]: precision = 13 usec
7 Nov 17:09:57 xntpd[24666]: read drift of 0.000 from /etc/ntp.drift
##############################
I found that my bering box 's time doesn't equal to my another machine that sync with time.nuri.net too. Please help me to find that why bering box didn't sync time with time.nuri.net. Didn't i had wrong configuration??? Please help me. (I am using bering RC3)
-- -------------------------------------------"Never tell me the odds!"-------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
