Vince, Did you notice the initial offset was over 200 s? After a few minutes NTP steps the time ans starts over. Maybe you didn't wait long enough.
Dave Vince wrote: > Hi all, > I'm trying to get autokey broadcast working using IFF. I've gone > through the guide at > http://ntp.isc.org/bin/view/Support/ConfiguringAutokey but as yet havent > had any joy. This being the case i thought I would go back to unicast > to test IFF autokey. > My current configs are: > server: > ---------------cut------------------------ > restrict default nomodify notrap noquery > restrict 127.0.0.1 > > > server 0.pool.ntp.org > server 1.pool.ntp.org > server 2.pool.ntp.org > > > driftfile /var/lib/ntp/drift > broadcastdelay 0.008 > > crypto pw SECUREPASS > keysdir /etc/ntp > restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap > ---------------cut------------------------ > > Client: > ---------------cut------------------------ > keysdir /etc/ntp > crypto pw GROUPPASS > driftfile /var/db/ntpd.drift > > server 192.168.10.222 autokey > > statsdir /etc/ntp/stats/ > statistics cryptostats > ---------------cut------------------------ > > I have the hostkeys and IFF keys created as per the instructions. > > After about 5 minute i get > [/etc/ntp](16:19:44) > [EMAIL PROTECTED] -p > remote refid st t when poll reach delay offset > jitter > ============================================================================== > paste.lon.names 193.225.218.44 3 u 53 64 3 0.354 205748. > 0.003 > > however after about a minute this changes to > [/etc/ntp](16:20:24) > [EMAIL PROTECTED] -c pe > remote refid st t when poll reach delay offset > jitter > ============================================================================== > paste.lon.names .AUTH. 16 u 57 64 0 0.000 0.000 > 4000.00 > [/etc/ntp](16:21:03) > [EMAIL PROTECTED] -c as > ind assID status conf reach auth condition last_event cnt > =========================================================== > 1 60228 f054 yes yes ok reject reachable 5 > > > and it continues like this never giving me a condition of sys.peer, > sometimes with auth ok sometimes with auth bad. > > Any suggestions how i can take this further? > If its of any help, the OS of the server is Centos 4.4 while the client > is FreeBSD 7-CURRENT, the ntpd versions are [EMAIL PROTECTED] (server) and > 4.2.0-a (client) > > Thanks, > Vince > _______________________________________________ > questions mailing list > [email protected] > https://lists.ntp.isc.org/mailman/listinfo/questions > _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
