Re: ntpd just sits there and does nothing
In message: <[EMAIL PROTECTED]> Oliver Fromme <[EMAIL PROTECTED]> writes: : [LoN]Kamikaze <[EMAIL PROTECTED]> wrote: : > My original intention was just to say that openntpd works just out of the box, : > while ntpd doesn't. : : That's just plain wrong. ntpd _does_ work out of the box : (unless your configuration is broken), and it seems to be : more accurate than openntpd. : : Demanding to replace ntpd with openntpd in the FreeBSD : base system because you cannot get the configuration right : is ridiculous. Especially since my company builds stratum 1 ntp servers that get time from GPS, Loran and Hp5071A cesium standards. Warner ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Mon, Jul 23, 2007 at 12:18:59PM -0700, Chuck Swiger wrote: > No machine should ever poll faster than once a minute (aka "minpoll 8") to > someone else's timeserver without prior agreement. For an example of a > reasonable client config, MacOS X uses a minpoll of 12 and a maxpoll of 17. And an addendum to this: Our servers use "maxpoll 9" for a very specific reason: it appears to work around an issue where on FreeBSD ntpd continually flips between PLL and FLL mode. The default for maxpoll is 10 (1024 seconds). Taken from our ntp.conf is this comment: # maxpoll 9 is used to work around PLL/FLL flipping, which # happens at exactly 1024 seconds (the default maxpoll value). # Another FreeBSD member recommended using 9 instead. # http://lists.freebsd.org/pipermail/freebsd-stable/2006-December/031512.html -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Jul 23, 2007, at 12:22 PM, [LoN]Kamikaze wrote: I wish to second what Oliver has said, only more strongly: using "minpoll 4" is considered abusive and a misuse of the NTP pool. From http://www.pool.ntp.org/use.html That was only for testing. Please use your own timeservers for testing, not the NTP pool. I'm not trying to be mean, but I've got three NTP servers in the pool, and just a handful of misconfigured clients which poll more often than once a minute consume more bandwidth than 60 to 1000 normal clients do -- -Chuck ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
Chuck Swiger wrote: > On Jul 23, 2007, at 7:10 AM, Oliver Fromme wrote: >> [LoN]Kamikaze <[EMAIL PROTECTED]> wrote: >>> server 0.de.pool.ntp.org minpoll 4 maxpoll 8 >>> server 1.de.pool.ntp.org minpoll 4 maxpoll 8 >>> server 2.de.pool.ntp.org minpoll 4 maxpoll 8 >>> server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 >>> server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 >>> server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 >>> server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 >>> >>> restrict default ignore >>> restrict 127.0.0.1 >> >> You need to add proper restrict lines for the servers, >> of course. Basically you have configured ntpd to >> ignore all servers. >> >> Also, putting "minpoll 4 maxpoll 8" on all servers is >> somewhat suboptimal and puts an unnecessary burden on the >> servers and networks without reason. I recommend to use >> low polling intervals and the iburst option for one or >> two local servers only (e.g. for NTP servers located in >> your direct upstream or at your ISP), and higher polling >> intervals for other public servers. > > I wish to second what Oliver has said, only more strongly: using > "minpoll 4" is considered abusive and a misuse of the NTP pool. From > http://www.pool.ntp.org/use.html That was only for testing. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Jul 23, 2007, at 7:10 AM, Oliver Fromme wrote: [LoN]Kamikaze <[EMAIL PROTECTED]> wrote: server 0.de.pool.ntp.org minpoll 4 maxpoll 8 server 1.de.pool.ntp.org minpoll 4 maxpoll 8 server 2.de.pool.ntp.org minpoll 4 maxpoll 8 server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 restrict default ignore restrict 127.0.0.1 You need to add proper restrict lines for the servers, of course. Basically you have configured ntpd to ignore all servers. Also, putting "minpoll 4 maxpoll 8" on all servers is somewhat suboptimal and puts an unnecessary burden on the servers and networks without reason. I recommend to use low polling intervals and the iburst option for one or two local servers only (e.g. for NTP servers located in your direct upstream or at your ISP), and higher polling intervals for other public servers. I wish to second what Oliver has said, only more strongly: using "minpoll 4" is considered abusive and a misuse of the NTP pool. From http://www.pool.ntp.org/use.html "Be friendly. Many servers are provided by volunteers, and almost all time servers are really file or mail or webservers which just happen to also run ntp. So don't use more than three time servers in your configuration, and don't play dirty tricks with burst or minpoll - all you will gain is that this project will be stopped sooner or later." No machine should ever poll faster than once a minute (aka "minpoll 8") to someone else's timeserver without prior agreement. For an example of a reasonable client config, MacOS X uses a minpoll of 12 and a maxpoll of 17. -- -Chuck ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
Oliver Fromme wrote: > [LoN]Kamikaze <[EMAIL PROTECTED]> wrote: > > My original intention was just to say that openntpd works just out of the > box, > > while ntpd doesn't. > > That's just plain wrong. ntpd _does_ work out of the box > (unless your configuration is broken), and it seems to be > more accurate than openntpd. Obviously I'm too stupid to configure ntpd by myself. Thanks for all the effort. I have watched ntpd do its magic for an hour, now. And it seems to aim at running my clock half a second behind the server clocks. Maybe I just didn't watch long enough, I understand that ntpd is trying to figure out how much my clock goes wrong and only adjusts time very slowly. > Demanding to replace ntpd with openntpd in the FreeBSD > base system because you cannot get the configuration right > is ridiculous. I wasn't really demanding, but saying that I'd (personally) prefer openntpd. And my original argument still stands, it's much simpler than ntpd and though I lack the intelligence to configure ntpd, it suffices for openntpd. Seeing that nobody seems to agree with me, I'm happy with running openntpd from ports. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Mon, Jul 23, 2007 at 09:39:32AM -0500, Sean C. Farley wrote: > Do you actually need to open it up that way? I have this on my server > which seems to work: You don't *need* to. The method he described allows you to avoid having to make a "restrict" entry for each matching "server", that's all. Your configuration is correct as well. :-) -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Mon, 23 Jul 2007, Matthew Seaman wrote: [LoN]Kamikaze wrote: My original intention was just to say that openntpd works just out of the box, while ntpd doesn't. And since openntpd works fine for me, I am not really interested in resolving this. Anyway since so many of you seem to be, here is the requested data: ntp.conf server 0.de.pool.ntp.org minpoll 4 maxpoll 8 server 1.de.pool.ntp.org minpoll 4 maxpoll 8 server 2.de.pool.ntp.org minpoll 4 maxpoll 8 server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 restrict default ignore restrict 127.0.0.1 Err.. your configuration says "ignore all NTP servers except localhost". You would need to let ntpd accept a time service from all those machines you've told it are servers. Since you're using pool.ntp.org, you're going to need a blanket 'allow any server' config like: restrict default nomodify nopeer noquery restrict 127.0.0.1 Do you actually need to open it up that way? I have this on my server which seems to work: server 0.us.pool.ntp.org server 1.us.pool.ntp.org server 2.us.pool.ntp.org server 3.us.pool.ntp.org restrict default ignore restrict 0.us.pool.ntp.org nomodify nopeer noquery notrap restrict 1.us.pool.ntp.org nomodify nopeer noquery notrap restrict 2.us.pool.ntp.org nomodify nopeer noquery notrap restrict 3.us.pool.ntp.org nomodify nopeer noquery notrap restrict AAA.BBB.CCC.0 mask 255.255.255.0 nomodify nopeer notrap restrict -6 :::::: mask ::::: nomodify nopeer notrap restrict 127.0.0.1 restrict -6 ::1 # ntpdc -c peers remote local st poll reach delay offsetdisp === =AAA.BBB.CCC.DDD 3 1024 377 0.03639 0.014113 0.01482 *tock.jrc.us AAA.BBB.CCC.DDD 2 1024 377 0.05907 0.000169 0.01485 =nubtail.allbook AAA.BBB.CCC.DDD 3 1024 377 0.05696 0.000660 0.01485 =cletus.pettit.o AAA.BBB.CCC.DDD 2 1024 377 0.11273 -0.004489 0.01482 Sean -- [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
[LoN]Kamikaze <[EMAIL PROTECTED]> wrote: > My original intention was just to say that openntpd works just out of the > box, > while ntpd doesn't. That's just plain wrong. ntpd _does_ work out of the box (unless your configuration is broken), and it seems to be more accurate than openntpd. Demanding to replace ntpd with openntpd in the FreeBSD base system because you cannot get the configuration right is ridiculous. > > ntp.conf > > server 0.de.pool.ntp.org minpoll 4 maxpoll 8 > server 1.de.pool.ntp.org minpoll 4 maxpoll 8 > server 2.de.pool.ntp.org minpoll 4 maxpoll 8 > server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > > restrict default ignore > restrict 127.0.0.1 You need to add proper restrict lines for the servers, of course. Basically you have configured ntpd to ignore all servers. Also, putting "minpoll 4 maxpoll 8" on all servers is somewhat suboptimal and puts an unnecessary burden on the servers and networks without reason. I recommend to use low polling intervals and the iburst option for one or two local servers only (e.g. for NTP servers located in your direct upstream or at your ISP), and higher polling intervals for other public servers. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "Software gets slower faster than hardware gets faster." -- Niklaus Wirth ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [LoN]Kamikaze wrote: > My original intention was just to say that openntpd works just out of the box, > while ntpd doesn't. And since openntpd works fine for me, I am not really > interested in resolving this. Anyway since so many of you seem to be, here is > the requested data: > >> ntp.conf > > server 0.de.pool.ntp.org minpoll 4 maxpoll 8 > server 1.de.pool.ntp.org minpoll 4 maxpoll 8 > server 2.de.pool.ntp.org minpoll 4 maxpoll 8 > server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 > > restrict default ignore > restrict 127.0.0.1 Err.. your configuration says "ignore all NTP servers except localhost". You would need to let ntpd accept a time service from all those machines you've told it are servers. Since you're using pool.ntp.org, you're going to need a blanket 'allow any server' config like: restrict default nomodify nopeer noquery restrict 127.0.0.1 Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGpGwn8Mjk52CukIwRCKcjAJkBuV9WEBjb5XUOTLUGFyrivn/3KgCffnDa 8Ya5zpx5rZlQndLS377fPMA= =5nqc -END PGP SIGNATURE- ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
My original intention was just to say that openntpd works just out of the box, while ntpd doesn't. And since openntpd works fine for me, I am not really interested in resolving this. Anyway since so many of you seem to be, here is the requested data: > ntp.conf server 0.de.pool.ntp.org minpoll 4 maxpoll 8 server 1.de.pool.ntp.org minpoll 4 maxpoll 8 server 2.de.pool.ntp.org minpoll 4 maxpoll 8 server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8 restrict default ignore restrict 127.0.0.1 > ntpdc -p -c kerni -c loopi -c sysi -c syss remote local st poll reach delay offsetdisp === =time.as-compute 192.168.1.1216 2560 0.0 0.00 0.0 =mail.syncronisa 192.168.1.1216 2560 0.0 0.00 0.0 =proxy1.rz.uni-k 192.168.1.1216 2560 0.0 0.00 0.0 =proxy2.rz.uni-k 192.168.1.1216 2560 0.0 0.00 0.0 =proxy3.rz.uni-k 192.168.1.1216 2560 0.0 0.00 0.0 =proxy4.rz.uni-k 192.168.1.1216 2560 0.0 0.00 0.0 =crux.pmsf.net 192.168.1.1216 2560 0.0 0.00 0.0 pll offset: 0 s pll frequency:0.000 ppm maximum error:0.365516 s estimated error: 1.6e-05 s status: 2001 pll nano pll time constant:0 precision:1e-09 s frequency tolerance: 496 ppm offset: 0.00 s frequency:0.000 ppm poll adjust: 0 watchdog timer: 730 s system peer: 0.0.0.0 system peer mode: unspec leap indicator: 11 stratum: 16 precision:-19 root distance:0.0 s root dispersion: 0.01094 s reference ID: [73.78.73.84] reference time: . Thu, Feb 7 2036 7:28:16.000 system flags: auth monitor ntp kernel stats jitter: 0.00 s stability:0.000 ppm broadcastdelay: 0.003998 s authdelay:0.00 s time since restart: 730 time since reset: 730 packets received: 87 packets processed: 0 current version:0 previous version: 0 bad version:0 access denied: 57 bad length or format: 0 bad authentication: 0 rate exceeded: 0 > ntpdate with -q in ntpdate_flags # /etc/rc.d/ntpdate onestart Setting date via ntp. server 193.218.127.251, stratum 2, offset 0.631432, delay 0.04562 server 213.133.123.125, stratum 2, offset 0.630518, delay 0.03748 server 194.25.115.122, stratum 1, offset 0.633518, delay 0.04091 server 129.13.186.4, stratum 0, offset 0.00, delay 0.0 server 129.13.186.3, stratum 0, offset 0.00, delay 0.0 server 129.13.186.2, stratum 0, offset 0.00, delay 0.0 server 129.13.186.1, stratum 0, offset 0.00, delay 0.0 23 Jul 08:55:49 ntpdate[1772]: step time server 194.25.115.122 offset 0.633518 sec > /usr/local/sbin/ntpd -sd # This is openntpd ntp engine ready reply from 84.16.235.165: offset 0.573124 delay 0.011219, next query 8s reply from 87.106.95.189: offset 0.573368 delay 0.014235, next query 8s reply from 212.112.228.242: offset 0.574221 delay 0.014708, next query 7s reply from 88.198.8.101: offset 0.573796 delay 0.015175, next query 6s reply from 212.77.176.178: offset 0.574222 delay 0.016076, next query 5s reply from 195.179.15.118: offset 0.541673 delay 0.022011, next query 5s reply from 85.214.23.162: offset 0.568205 delay 0.022973, next query 9s reply from 194.77.75.99: offset 0.573878 delay 0.033467, next query 8s reply from 212.77.176.178: offset 0.570650 delay 0.014009, next query 7s reply from 195.179.15.118: offset 0.537944 delay 0.020095, next query 5s reply from 88.198.8.101: offset 0.570179 delay 0.013163, next query 9s reply from 84.16.235.165: offset 0.568732 delay 0.009621, next query 6s reply from 212.112.228.242: offset 0.569989 delay 0.013116, next query 5s reply from 87.106.95.189: offset 0.568727 delay 0.013139, next query 6s reply from 194.77.75.99: offset 0.570201 delay 0.029342, next query 6s reply from 85.214.23.162: offset 0.562845 delay 0.021890, next query 9s reply from 195.179.15.118: offset 0.536313 delay 0.021833, next query 7s reply from 212.112.228.242: offset 0.567116 delay 0.012397, next query 7s reply from 212.77.176.178: offset 0.567040 delay 0.014119, next query 7s reply from 84.16.235.165: offset 0.565892 delay 0.010525, next query 6s no reply from 129.13.186.4 received in time, next query 610s no reply from 129.13.186.3 received in time, next query 607s no reply from 129.13.186.2 received in time, next query 624s no reply from 129.13.186.1 received in time, next query 600s reply from 87.106.95.189: offset 0.565603 delay 0.013103, next query 7s reply from 194.77.75.99: offset 0.564807 delay 0.031786, next
Re: ntpd just sits there and does nothing
On Sat, 21 Jul 2007, Kevin Oberman wrote: Hi, [LoN]Kamikaze wrote: Doug Hardie wrote: On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: As the subject says, on my 6-stable systems ntpd just sits there and does nothing. The logs only mention when the daemon gets started or shut down. It complains when servers are not reachable, but does nothing when they are available. The drift file always contains 0.00. Mostly likely this means you are not communicating with the ntp servers. You never gave us your ntpd.conf file (that I saw anyway) and what do you get with 'ntpdc -p', or the more complex command suggested earlier? ntpd will not change time if the difference is too big - I think it should be less then 1000s. ntpdate will :) If ntpd is working your clock will not vary from the server by more than a second, much less 1000 secs. If ntpdate does reset the clock, it suggests that your firewalls are not the problem and at least one of the servers will answer your queries. You can see if ntp packets are being passed by using tcpdump. I suppose you have made sure its running by something like 'ps -aux | grep ntp'. ntpdate is deprecated and is not recommended these days. The proper answer is to start ntpd with the -g option and to add the 'iburst' option to one or more of the servers in /etc/ntp.conf. The 'iburst' will speed up th initial sync to close to that of ntpdate, but have much greater accuracy. You can get the '-g' by adding 'ntpd_sync_on_start="YES"' to rc.conf. -- yea but so does 'ntpdate_enable="YES"', but I still like nslookup too :) The problem "clearly" seems to be you are not communicating with the ntp servers. The possibilities have all been stated: bad ntp.conf, firewall (you said there were two levels), or the servers you chose are not accepting your queries. Without seeing the data requested we are all guessing. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
> Hi, > > [LoN]Kamikaze wrote: > > Doug Hardie wrote: > > > >> On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: > >> > >> > >>> As the subject says, on my 6-stable systems ntpd just sits there and does > >>> nothing. The logs only mention when the daemon gets started or shut > >>> down. It > >>> complains when servers are not reachable, but does nothing when they > >>> are available. > >>> > >>> The drift file always contains 0.00. > >>> > >>> ntpdate and openntpd both successfully manage to set the time, so I > >>> suppose > >>> it's a problem with ntpd. > >>> > >> Are you on a static IP address? If not, ntpd obtains its IP address > >> when it starts up and uses it forever. If your IP address changes then > >> it will not be able to communicate with the upstream ntp servers. It > >> has to be restarted everytime your IP address changes. > >> > > > > I have a static address. The trouble is it seems to operate fine, only it > > forgets to change the time when it differs from the time servers too much. > > Sometimes my clock goes wrong more than 1 second within a day. > > > ntpd will not change time if the difference is too big - I think it > should be less then 1000s. > ntpdate will :) ntpdate is deprecated and is not recommended these days. The proper answer is to start ntpd with the -g option and to add the 'iburst' option to one or more of the servers in /etc/ntp.conf. The 'iburst' will speed up th initial sync to close to that of ntpdate, but have much greater accuracy. You can get the '-g' by adding 'ntpd_sync_on_start="YES"' to rc.conf. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 pgpEVvJs4P11r.pgp Description: PGP signature
Re: ntpd just sits there and does nothing
On Jul 20, 2007, at 3:37 AM, Stefan Lambrev wrote: Other problem that I see is if you are behind NAT/firewall. Because ntpd make a request and wait for response on different port, so check your firewall configuration and blocked packets. we have zero problems with ntpd behind a NAT firewall. The firewall has no special rules for ntp, but does 1:1 map the NTP server. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Fri, Jul 20, 2007 at 10:37:14AM +0300, Stefan Lambrev wrote: > ... > ntpd will not change time if the difference is too big - I think it > should be less then 1000s. > ntpdate will :) >... Please try to be a little more careful: the above is incorrect. From ntpd(8): -g Normally, ntpd exits with a message to the system log if the off- set exceeds the panic threshold, which is 1000 s by default. This option allows thetime to be set to any value without restriction; however, this can happen only once. If the thresh- old is exceeded after that, ntpd will exit with a message to the system log. This option can be used with the -q and -x options. See the tinker command for other options. From ntpdate(8): DESCRIPTION Note: The functionality of this program is now available in the ntpd(8) program. See the -q command line option in the ntpd(8) page. After a suitable period of mourning, the ntpdate utility is to be retired from this distribution. Peace, david -- David H. Wolfskill [EMAIL PROTECTED] Anything and everything is a (potential) cat toy. See http://www.catwhisker.org/~david/publickey.gpg for my public key. pgpMOPhEdpBMb.pgp Description: PGP signature
Re: ntpd just sits there and does nothing
Can you send the output of ntp.conf? [LoN]Kamikaze wrote: > Stefan Lambrev wrote: >> Hi, >> >> [LoN]Kamikaze wrote: >>> Doug Hardie wrote: >>> >>>> On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: >>>> >>>> >>>>> As the subject says, on my 6-stable systems ntpd just sits there and >>>>> does >>>>> nothing. The logs only mention when the daemon gets started or shut >>>>> down. It >>>>> complains when servers are not reachable, but does nothing when they >>>>> are available. >>>>> >>>>> The drift file always contains 0.00. >>>>> >>>>> ntpdate and openntpd both successfully manage to set the time, so I >>>>> suppose >>>>> it's a problem with ntpd. >>>>> >>>> Are you on a static IP address? If not, ntpd obtains its IP address >>>> when it starts up and uses it forever. If your IP address changes then >>>> it will not be able to communicate with the upstream ntp servers. It >>>> has to be restarted everytime your IP address changes. >>>> >>> I have a static address. The trouble is it seems to operate fine, only it >>> forgets to change the time when it differs from the time servers too >>> much. >>> Sometimes my clock goes wrong more than 1 second within a day. >>> >> ntpd will not change time if the difference is too big - I think it >> should be less then 1000s. >> ntpdate will :) >> >> Also if you have increased your kernel secure level 2+ : >> >> In addition, kernel time changes are restricted to less than or >> equal to one second. Attempts to change the time by more than >> this >> will log the message ``Time adjustment clamped to +1 second''. >> >> So grep for ntpd in /var/log/messages and I'm sure you will find the >> problem. >> >> Other problem that I see is if you are behind NAT/firewall. >> Because ntpd make a request and wait for response on different port, so >> check your firewall configuration and blocked packets. > > My securelevel is -1, even starting with an accurate clock ntpd just slowly > lets it drift away. I'm behind a 2 NATs, one of which I have no access to. > However openntpd and ntpdate don't seem to be troubled by this. > ___ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
Stefan Lambrev wrote: > Hi, > > [LoN]Kamikaze wrote: >> Doug Hardie wrote: >> >>> On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: >>> >>> >>>> As the subject says, on my 6-stable systems ntpd just sits there and >>>> does >>>> nothing. The logs only mention when the daemon gets started or shut >>>> down. It >>>> complains when servers are not reachable, but does nothing when they >>>> are available. >>>> >>>> The drift file always contains 0.00. >>>> >>>> ntpdate and openntpd both successfully manage to set the time, so I >>>> suppose >>>> it's a problem with ntpd. >>>> >>> Are you on a static IP address? If not, ntpd obtains its IP address >>> when it starts up and uses it forever. If your IP address changes then >>> it will not be able to communicate with the upstream ntp servers. It >>> has to be restarted everytime your IP address changes. >>> >> >> I have a static address. The trouble is it seems to operate fine, only it >> forgets to change the time when it differs from the time servers too >> much. >> Sometimes my clock goes wrong more than 1 second within a day. >> > ntpd will not change time if the difference is too big - I think it > should be less then 1000s. > ntpdate will :) > > Also if you have increased your kernel secure level 2+ : > > In addition, kernel time changes are restricted to less than or > equal to one second. Attempts to change the time by more than > this > will log the message ``Time adjustment clamped to +1 second''. > > So grep for ntpd in /var/log/messages and I'm sure you will find the > problem. > > Other problem that I see is if you are behind NAT/firewall. > Because ntpd make a request and wait for response on different port, so > check your firewall configuration and blocked packets. My securelevel is -1, even starting with an accurate clock ntpd just slowly lets it drift away. I'm behind a 2 NATs, one of which I have no access to. However openntpd and ntpdate don't seem to be troubled by this. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
Hi, [LoN]Kamikaze wrote: Doug Hardie wrote: On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: As the subject says, on my 6-stable systems ntpd just sits there and does nothing. The logs only mention when the daemon gets started or shut down. It complains when servers are not reachable, but does nothing when they are available. The drift file always contains 0.00. ntpdate and openntpd both successfully manage to set the time, so I suppose it's a problem with ntpd. Are you on a static IP address? If not, ntpd obtains its IP address when it starts up and uses it forever. If your IP address changes then it will not be able to communicate with the upstream ntp servers. It has to be restarted everytime your IP address changes. I have a static address. The trouble is it seems to operate fine, only it forgets to change the time when it differs from the time servers too much. Sometimes my clock goes wrong more than 1 second within a day. ntpd will not change time if the difference is too big - I think it should be less then 1000s. ntpdate will :) Also if you have increased your kernel secure level 2+ : In addition, kernel time changes are restricted to less than or equal to one second. Attempts to change the time by more than this will log the message ``Time adjustment clamped to +1 second''. So grep for ntpd in /var/log/messages and I'm sure you will find the problem. Other problem that I see is if you are behind NAT/firewall. Because ntpd make a request and wait for response on different port, so check your firewall configuration and blocked packets. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Best Wishes, Stefan Lambrev ICQ# 24134177 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On 2007-Jul-19 19:08:21 +0200, "[LoN]Kamikaze" <[EMAIL PROTECTED]> wrote: >As the subject says, on my 6-stable systems ntpd just sits there and does >nothing. The logs only mention when the daemon gets started or shut down. It >complains when servers are not reachable, but does nothing when they are >available. I have been running ntpd on FreeBSD 2.x thru 7.x without problems so I suspect it's something in your configuration. What does your 'ntp.conf' contain? What does 'ntpdc -p -c kerni -c loopi -c sysi -c syss' give you? >openntpd in the base system. It seems to be very simple. And it works. So does ntpd. -- Peter Jeremy pgpfaPadVFfmf.pgp Description: PGP signature
Re: ntpd just sits there and does nothing
* Doug Hardie <[EMAIL PROTECTED]> [2007-07-19 10:32 -0700]: > Are you on a static IP address? If not, ntpd obtains its IP address when it > starts up and uses it forever. If your IP address changes then it will not > be able to communicate with the upstream ntp servers. It has to be > restarted everytime your IP address changes. I use the attached patch to avoid the restarts. I used a similar patch on 4.X for some years and noticed no bad effects. Nicolas -- http://www.rachinsky.de/nicolas --- contrib/ntp/ntpd/ntp_io.c.orig Tue Jul 20 17:01:27 2004 +++ contrib/ntp/ntpd/ntp_io.c Fri Oct 6 00:32:31 2006 @@ -466,6 +466,14 @@ if (scan_ipv6 == ISC_FALSE && family == AF_INET6) continue; + if(strncmp(isc_if.name,"tun",3)==0) + { + if (debug) + printf("ignoring <%s> (tun*)\n", isc_if.name); + continue; + } + + /* Check to see if we are going to use the interface */ if (address_okay(&isc_if) == ISC_TRUE) { convert_isc_if(&isc_if, &inter_list[idx], port); ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
Doug Hardie wrote: > > On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: > >> As the subject says, on my 6-stable systems ntpd just sits there and does >> nothing. The logs only mention when the daemon gets started or shut >> down. It >> complains when servers are not reachable, but does nothing when they >> are available. >> >> The drift file always contains 0.00. >> >> ntpdate and openntpd both successfully manage to set the time, so I >> suppose >> it's a problem with ntpd. > > Are you on a static IP address? If not, ntpd obtains its IP address > when it starts up and uses it forever. If your IP address changes then > it will not be able to communicate with the upstream ntp servers. It > has to be restarted everytime your IP address changes. I have a static address. The trouble is it seems to operate fine, only it forgets to change the time when it differs from the time servers too much. Sometimes my clock goes wrong more than 1 second within a day. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote: As the subject says, on my 6-stable systems ntpd just sits there and does nothing. The logs only mention when the daemon gets started or shut down. It complains when servers are not reachable, but does nothing when they are available. The drift file always contains 0.00. ntpdate and openntpd both successfully manage to set the time, so I suppose it's a problem with ntpd. Are you on a static IP address? If not, ntpd obtains its IP address when it starts up and uses it forever. If your IP address changes then it will not be able to communicate with the upstream ntp servers. It has to be restarted everytime your IP address changes. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ntpd just sits there and does nothing
On Thu, Jul 19, 2007 at 07:08:21PM +0200, [LoN]Kamikaze wrote: > As the subject says, on my 6-stable systems ntpd just sits there and does > nothing > > It seems what ntpd has in complexity it lacks in robustness. I'd prefer to > have > openntpd in the base system. It seems to be very simple. And it works. Eh; seems to work for me: g1-18(6.2-S)[1] ntpdc -np remote local st poll reach delay offsetdisp === *172.16.8.12 172.17.1.18 4 128 377 0.00322 -0.003667 0.00871 g1-18(6.2-S)[2] uname -a FreeBSD g1-18.catwhisker.org. 6.2-STABLE FreeBSD 6.2-STABLE #453: Wed Jul 18 06:40:27 PDT 2007 [EMAIL PROTECTED]:/common/S1/obj/usr/src/sys/CANARY i386 g1-18(6.2-S)[3] Peace, david -- David H. Wolfskill [EMAIL PROTECTED] Anything and everything is a (potential) cat toy. See http://www.catwhisker.org/~david/publickey.gpg for my public key. pgpYeAGAzj7iu.pgp Description: PGP signature
ntpd just sits there and does nothing
As the subject says, on my 6-stable systems ntpd just sits there and does nothing. The logs only mention when the daemon gets started or shut down. It complains when servers are not reachable, but does nothing when they are available. The drift file always contains 0.00. ntpdate and openntpd both successfully manage to set the time, so I suppose it's a problem with ntpd. It seems what ntpd has in complexity it lacks in robustness. I'd prefer to have openntpd in the base system. It seems to be very simple. And it works. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"