[lug] NTP question

Nate Duehr nate at natetech.com
Mon Mar 17 23:39:02 MST 2003


Forgot to mention, if you wait about a day (depending on your slew rate),
you'd get a "time synchronized to XXX.XXX.XXX.XXX" type message as the clock
slowly gets slewed over to the right now.

You'll also see big network hiccups as "lost synchronization" messages in
ntp.

Oh... and all those servers below are Stratum 2 or 3 right?  You're not
beating up Stratum 1 servers across the (unreliable) Internet, eh?
(GRIN)...  oh I've *never* done that when I was in a hurry!  (Yeah right.)

If you're synching more than one box, run one to the external servers (or
two if you have a lot of boxes) and sync all the others off of those... if
you're not looking for ultra-accuracy to the 100ms level type junk and just
keeping the clocks right and the logs in order.  On a big network, a couple
of GPS clock sources on a couple of machines with ntp and you have your own
mini-Stratum-1 clock source!  (GRIN)

If you really want to get fancy, have your network admin turn on multicast
support across the "right" routers in your network and use ntp's ability to
multicast time sync info... and ntp's key exchanges for security... and...
(oh there's a ton of "stuff" in ntp... it's cool).

Oh and not that they'll care much, but the network folks if they're using
them... most IOS based Cisco's can synch their clocks to NTP sources also...
if the network folks are good about sending all their logs to a syslog
server or similar management tool off-board from the routers, having the
router clocks themselves syncronized to a known source is nice too...

(And good time synch written policy and followed up with procedures can help
with computer crime investigation and lend credibility to the original data
if collected correctly.... yadda yadda yadda...)

Nate Duehr, nate at natetech.com

----- Original Message -----
From: "Steve Sullivan" <sullivan at mathcom.com>
To: <lug at lug.boulder.co.us>
Sent: Monday, March 17, 2003 6:32 PM
Subject: [lug] NTP question


> Hi,
>
> I'm learning to use NTP, but it doesn't seem to work.
> I'm running Redhat 7.3 on a pentium.
>
> ntpdate works great.
>
> So I decided to try ntpd.  I deliberately set my clock 20 seconds off,
> and set up /etc/ntp.conf.  Then I started /etc/rc.d/init.d/ntpd,
> and waited.  And waited.  And waited.  45 minutes later and my clock
> is still 20 seconds off.  What am I doing wrong here?
>
> Here is my /etc/ntpd file:
> =========== /etc/ntpd ========
> restrict default ignore
> restrict 127.0.0.1
> server 204.34.198.41
> server 132.163.4.103
> server 128.138.140.44
> server 164.67.62.194
> driftfile /etc/ntp/drift
> ========== end file ========
>
> And the only log entries during that period are ...
> Mar 17 17:49:23 helix ntpd[27373]: ntpd 4.1.1 at 1.786 Mon Apr  8 06:30:52
EDT 2002 (1)
> Mar 17 17:49:23 helix ntpd[27373]: precision = 31 usec
> Mar 17 17:49:23 helix ntpd[27373]: kernel time discipline status 0040
> Mar 17 17:49:23 helix ntpd[27373]: frequency initialized 0.000 from
/etc/ntp/drift
> Mar 17 17:49:23 helix ntpd: ntpd startup succeeded
>
>
> Meanwhile it appears that ntpd hasn't touched a thing in file /etc/ntp:
> $ ls -al /etc/ntp
>    4 drwxr-xr-x    2 ntp      ntp          4096 May  8  2002 ./
>    8 drwxr-xr-x   79 root     root         8192 Mar 17 17:47 ../
>    4 -rw-r--r--    1 ntp      ntp             4 Apr  8  2002 drift
>    4 -rw-------    1 root     root          266 Apr  8  2002 keys
>    0 -rw-r--r--    1 root     root            0 Apr  8  2002 step-tickers
>
>
> What have I overlooked here?
>
> Many thanks!
>
> Steve
>
>
>
> ========================================
> Steve Sullivan    sullivan at mathcom.com
>
>    Mathcom Solutions Inc.: Custom Software Development.
>     * Mathematical optimization, simulation, and modeling.
>     * Data mining, information retrieval.
>     * Java, XML, C++, Mathematica, Matlab, XSLT, XQuery, SOAP, RMI, ...
>
> http://www.mathcom.com    303-494-7115
> ========================================
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>





More information about the LUG mailing list