On 2007-01-16, Gushi <[EMAIL PROTECTED]> wrote: > restrict default ignore > restrict 127.0.0.1 > server 0.us.pool.ntp.org > server 1.us.pool.ntp.org > server 2.us.pool.ntp.org
This won't work at all. You've told ntpd to ignore all NTP packets from any possible source. And you've not told it to accept NTP packets from your time servers. Please read http://ntp.isc.org/Support/AccessRestrictions and follow the "decision tree" for setting your default restriction. The NTP Pool is intended to provide "good enough" time for general use (i.e. end users). If this is an "important" application you're probably better off choosing the time servers you wish to use. There is a list of Public Stratum 2 time servers at http://www.ntp.org/s2 or http://ntp.isc.org/s2. > The problem is, that the servers keep drifting apart from each other, > to the degree that DNS TSIG transactions break down. Is there anything > obvious to try to fix this? Fix your restrictions. If there's still a problem you'll need to post the output 'ntpq -p your_server' (after that server has been running for ~10 minutes). > Usually when this happens, killing ntpd and then running ntpdate will > fix it. In your case, ntpd is never actually talking to any of your remote time servers and never disciplines your clocks. Running ntpdate brings your clocks close enough for things to work for a while. Then ntpd spins its wheels while the clocks drift again. You may want to make a few improvements once you have your ntpd talking to the remote time servers: 1. Speed up initial synchronization (from ~8 minutes to ~20 seconds) by appending 'iburst' to your server lines 2. Increase the number of time sources to 4 or 5 (or even a few more) to provide sufficient redundancy in the event that some of your time sources become unavailable, unsynchronized, or just plain wrong. -- Steve Kostecke <[EMAIL PROTECTED]> NTP Public Services Project - http://ntp.isc.org/ _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
