Re: ntpd as server logging...
On Thu, May 11, 2006 at 05:21:14PM -0600, Jeff Ross wrote: Hi, I've enabled ntpd with the -d flag to run as a server on a system on the lan with this conf file: [EMAIL PROTECTED]:/home/jross $ cat /etc/ntpd.conf # $OpenBSD: ntpd.conf,v 1.7 2004/07/20 17:38:35 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) # Addresses to listen on (ntpd does not listen by default) listen on * # sync to a single server #server ntp.example.org # use a random selection of 8 public stratum 2 servers # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers servers pool.ntp.org Is there a way to log update requests from other computers on the lan? I'm trying to sync some [EMAIL PROTECTED] workstations and the update request always fail--both with it and with other time servers. I can sync my openbsd workstation with it no problem, but nothing shows in the logs then, either. SNIP I run obsd on my firewall (of course). My firewall syncs it's clock with external time servers. The ntpd on my firewall listens only on the internal interface, so that my internal hosts can sync with it. I have a statement in my pf.conf file to allow my internal hosts to connect to the ntpd over udp 123: pass in log quick on $IntIF inet proto udp from any to 10.2.2.1 port 123 keep state Please note that I also use the log option in my rule. Hope that helps, A
Re: ntpd as server logging...
On 5/11/06, Jeff Ross [EMAIL PROTECTED] wrote: Hi, I've enabled ntpd with the -d flag to run as a server on a system on the lan with this conf file: [EMAIL PROTECTED]:/home/jross $ cat /etc/ntpd.conf # $OpenBSD: ntpd.conf,v 1.7 2004/07/20 17:38:35 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) # Addresses to listen on (ntpd does not listen by default) listen on * # sync to a single server #server ntp.example.org # use a random selection of 8 public stratum 2 servers # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers servers pool.ntp.org Is there a way to log update requests from other computers on the lan? I'm trying to sync some [EMAIL PROTECTED] workstations and the update request always fail--both with it and with other time servers. I can sync my openbsd workstation with it no problem, but nothing shows in the logs then, either. I do see the normal ntp related traffic in the logs: reply from 202.71.97.92: offset -22.959578 delay 0.358056, next query 54s reply from 202.71.97.92: offset -22.920072 delay 0.271411, next query 52s tcpdump on port 123 does show the tcp traffic between this system and other ntp servers, but nothing from the lan (and I don't find a udpdump port ;-). Here is a skeleton of a .reg file I use to manually setup NTP clients. After running this it might be a good idea to: net stop w32time and net start w32time. After this check eventvwr in System Tab and look for Source win32time look for Event ID 37 or 35. REGEDIT4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters] Type=NTP NTPServer=routerInternalIP Jonathan
Re: ntpd as server logging...
On Fri, 12 May 2006, Andrew Swisher wrote: On Thu, May 11, 2006 at 05:21:14PM -0600, Jeff Ross wrote: Hi, I've enabled ntpd with the -d flag to run as a server on a system on the lan with this conf file: [EMAIL PROTECTED]:/home/jross $ cat /etc/ntpd.conf # $OpenBSD: ntpd.conf,v 1.7 2004/07/20 17:38:35 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) # Addresses to listen on (ntpd does not listen by default) listen on * # sync to a single server #server ntp.example.org # use a random selection of 8 public stratum 2 servers # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers servers pool.ntp.org Is there a way to log update requests from other computers on the lan? I'm trying to sync some [EMAIL PROTECTED] workstations and the update request always fail--both with it and with other time servers. I can sync my openbsd workstation with it no problem, but nothing shows in the logs then, either. SNIP I run obsd on my firewall (of course). My firewall syncs it's clock with external time servers. The ntpd on my firewall listens only on the internal interface, so that my internal hosts can sync with it. I have a statement in my pf.conf file to allow my internal hosts to connect to the ntpd over udp 123: pass in log quick on $IntIF inet proto udp from any to 10.2.2.1 port 123 keep state Please note that I also use the log option in my rule. Hope that helps, A Thanks for the reply. I guess I should have made my question more clear. I'm more interested in the logging capabilities of ntpd in server mode. Because my OpenBSD workstation can sync to the server, ntpd is working. I thought logging might give me some clues about what is going on with XP. So far as I can tell right now, it isn't even attempting to contact the server. Everything involved is on the lan with a 192.168.0 address, hidden from the internet by a bridging firewall. PF isn't enabled on the ntpd-server-box in question. Jeff
Re: ntpd as server logging...
From: [EMAIL PROTECTED] Is there a way to log update requests from other computers on the lan? I'm trying to sync some [EMAIL PROTECTED] workstations and the update request always fail--both with it and with other time servers. I can sync my openbsd workstation with it no problem, but nothing shows in the logs then, either. Thanks for the reply. I guess I should have made my question more clear. I'm more interested in the logging capabilities of ntpd in server mode. Because my OpenBSD workstation can sync to the server, ntpd is working. I thought logging might give me some clues about what is going on with XP. So far as I can tell right now, it isn't even attempting to contact the server. You might try a tcpdump on your ntp box and see what (if anything) the windows systems is sending you. Ditto on the windows system. (Ethereal? windump?) See if it is even trying to talk to your ntp server on 123/udp. DS
Re: ntpd as server logging...
On Fri, 12 May 2006, Spruell, Darren-Perot wrote: From: [EMAIL PROTECTED] Is there a way to log update requests from other computers on the lan? I'm trying to sync some [EMAIL PROTECTED] workstations and the update request always fail--both with it and with other time servers. I can sync my openbsd workstation with it no problem, but nothing shows in the logs then, either. Thanks for the reply. I guess I should have made my question more clear. I'm more interested in the logging capabilities of ntpd in server mode. Because my OpenBSD workstation can sync to the server, ntpd is working. I thought logging might give me some clues about what is going on with XP. So far as I can tell right now, it isn't even attempting to contact the server. You might try a tcpdump on your ntp box and see what (if anything) the windows systems is sending you. Ditto on the windows system. (Ethereal? windump?) See if it is even trying to talk to your ntp server on 123/udp. DS Yes, I am an idiot. I forgot that tcpdump is the Swiss Army Knife of sniffing traffic. Anyway, it's working now. Without me making any additional changes on the windows box. Thanks to all, Jeff
ntpd as server logging...
Hi, I've enabled ntpd with the -d flag to run as a server on a system on the lan with this conf file: [EMAIL PROTECTED]:/home/jross $ cat /etc/ntpd.conf # $OpenBSD: ntpd.conf,v 1.7 2004/07/20 17:38:35 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) # Addresses to listen on (ntpd does not listen by default) listen on * # sync to a single server #server ntp.example.org # use a random selection of 8 public stratum 2 servers # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers servers pool.ntp.org Is there a way to log update requests from other computers on the lan? I'm trying to sync some [EMAIL PROTECTED] workstations and the update request always fail--both with it and with other time servers. I can sync my openbsd workstation with it no problem, but nothing shows in the logs then, either. I do see the normal ntp related traffic in the logs: reply from 202.71.97.92: offset -22.959578 delay 0.358056, next query 54s reply from 202.71.97.92: offset -22.920072 delay 0.271411, next query 52s tcpdump on port 123 does show the tcp traffic between this system and other ntp servers, but nothing from the lan (and I don't find a udpdump port ;-). Thanks, Jeff
