I've been looking through that /etc/init.d/ntpd script and I have bash on the brain ;^)
But no. No firewall, only iptables and there are no rules. Emulab sets up a VLAN between the two machines. So there are two CentOs 5.4 machines connected to a switch, and there is a VLAN making this their own little world. Also I just talked to the Emulab admin (sit's behind me ;^) and there is no firewall between the machines unless I set one up. Did you mean between my testbed and ntp.aero.org/dns.aero.org (the servers in my ntp.conf file)? There could be a firewall there but then I shouldn't be able to do this: [dha...@node0 ~]$ sudo ntpdate ntp.aero.org 16 Sep 11:31:08 ntpdate[13121]: adjust time server 130.221.24.100 offset 0.017606 sec I don't think it is a firewall issue. --- On Thu, 9/16/10, Rob <[email protected]> wrote: > From: Rob <[email protected]> > Subject: Re: [ntp:questions] Why does ntp keep changing my conf file? > To: [email protected] > Date: Thursday, September 16, 2010, 11:05 AM > Daniel Havey <[email protected]> > wrote: > > Well you are right. The init.d script does > something that rewrites the ntp.conf file. I don't > understand enough bash to figure it out so I just started > ntp manually. It doesn't change the ntp.conf ;^) > > > > But it doesn't work properly either ;^( > > First of all this looks fishy: > > [dha...@node0 /etc]$ ntpq -p > > remote > refid st t when poll > reach delay offset > jitter > > > ============================================================================== > > cogsworth.aero. .INIT. > 16 u - 1024 0 > 0.000 0.000 0.000 > > dns.aero.org .INIT. > 16 u - 1024 > 0 0.000 > 0.000 0.000 > > > > Those delay, offset, and jitter values are too good to > be true and the other machine won't connect: > > [dha...@node1 ~]$ sudo ntpdate > node0.rms01.wgs.sntb.aero.org > > 16 Sep 10:24:03 ntpdate[25389]: no server suitable for > synchronization found > > > > Hmmm... > > There is probably a firewall running that blocks all your > NTP traffic. > > Such an automatically managed system is nice, but when you > don't understand > it is is more of a hindrance. > > There probably is some checkmark somewhere that tells the > system to open > up the firewall for NTP traffic and then the startup script > for the firewall > will write a config file just as it did for ntp, containing > an allow entry > for UDP port 123. > > Now you only need to find where it is. > > _______________________________________________ > questions mailing list > [email protected] > http://lists.ntp.org/listinfo/questions > _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
