[TriLUG] RHEL ntp problem
Heath Roberts
htroberts at gmail.com
Tue Jun 28 12:40:35 EDT 2011
I have a problem on a redhat server. NTP appears not to be working. ntpq -p
takes ~15s to timeout and makes it appear that ntpd is only trying to get
time from localhost and failing:
[root@<hostname> init.d]# ntpq -p
localhost.localdomain: timed out, nothing received
***Request timed out
ntpdate also fails, whether run from command line or the ntpd startup
script:
[root@<hostname> init.d]# /etc/init.d/ntpd reload
Shutting down ntpd: [ OK ]
ntpd
: Synchronizing with time server: [FAILED]
Starting ntpd: [ OK ]
[root@<hostname> init.d]# ntpdate -d <----------- this is where
it takes ~15s to timeout
28 Jun 12:28:17 ntpdate[23039]: ntpdate 4.2.2p1 at 1.1570-o Thu Nov 26 11:34:35
UTC 2009 (1)
28 Jun 12:28:17 ntpdate[23039]: no servers can be used, exiting
I have another machine on similar (theoretically identical) hardware that
was built from the same repository at the same time that works. I've copied
its ntp.conf to the problem machine, with no change.
Any ideas?
Other information that seems potentially relevant (sorry, I have to
obfuscate hostnames and IP addresses):
[root@<hostname>init.d]# uname -a
Linux <hostname> 2.6.18-238.5.1.el5 #1 SMP Mon Feb 21 05:52:39 EST 2011
x86_64 x86_64 x86_64 GNU/Linux
[root@<hostname> init.d]# ls -l /etc/ntp.conf
-rw-r--r-- 1 root root 1368 Jun 28 12:11 /etc/ntp.conf
[root@<hostname> init.d]# cat /etc/ntp.conf
# The security options setup.
# ignore - Deny all packets and queries
# kod - Send Kiss-Of-Death packet on access violation
# nomodify - Deny ntpq / ntpdc queries that attempt to modify the server
# notrap - Deny control message trap service
# noquery - Deny all ntpq / ntpdc queries
# noserve - Deny all queries - except ntpq / ntpdc
# notrust - Deny access unless cryptographically authenticated
# nopeer - Deny all packets that attempt to establish a peer
association
# do not fail on large time jumps - need for vmware
tinker panic 0
# Prohibit general access to this service.
restrict default ignore
# Permit all access over the loopback interface.
restrict 127.0.0.1
driftfile /var/ntp/drift
broadcastdelay 0.008
# time syncronization is critical on this server. don't screw with this
# without talking to Heath Roberts in Network Services.
server w.x.y.z
restrict w.x.y.z mask 255.255.255.255 nomodify notrap noquery
server w.x.y.z
restrict w.x.y.z mask 255.255.255.255 nomodify notrap noquery
server w.x.y.z
restrict w.x.y.z mask 255.255.255.255 nomodify notrap noquery
server w.x.y.z
restrict w.x.y.z mask 255.255.255.255 nomodify notrap noquery
[root@<HOSTNAME> etc]# tcpdump udp port 123
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
12:15:48.777261 IP <source hostname>.31004 > <dest hostname 1>.ntp: NTPv2,
Reserved, length 12
12:15:53.777112 IP <source hostname>.31004 > <dest hostname 1>.ntp: NTPv2,
Reserved, length 12
12:16:07.384655 IP <source hostname>.ntp > <dest hostname 2>.ntp: NTPv4,
Client, length 48
12:16:07.477751 IP <dest hostname 2>.ntp > <source hostname>.ntp: NTPv4,
Server, length 48
12:16:09.383854 IP <source hostname>.ntp > <dest hostname 3>.ntp: NTPv4,
Client, length 48
12:16:09.395125 IP <dest hostname 3>.ntp > <source hostname>.ntp: NTPv4,
Server, length 48
12:16:11.383959 IP <source hostname>.ntp > <dest hostname 1>.ntp: NTPv4,
Client, length 48
12:16:11.384450 IP <dest hostname 1>.ntp > <source hostname>.ntp: NTPv4,
Server, length 48
12:16:15.384436 IP <source hostname>.ntp > <dest hostname 4>.ntp: NTPv4,
Client, length 48
12:16:15.468287 IP <dest hostname 4>.ntp > <source hostname>.ntp: NTPv4,
Server, length 48
10 packets captured
16 packets received by filter
0 packets dropped by kernel
[root@<HOSTNAME> etc]# tcpdump -v udp port 123
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
bytes
12:17:12.383409 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP
(17), length: 76) <source hostname>.ntp > <dest hostname 3>.ntp: NTPv4,
length 48
Client, Leap indicator: (0), Stratum 2, poll 6s, precision -20
Root Delay: 0.000411, Root dispersion: 0.007751, Reference-ID: <dest
hostname 1>
Reference Timestamp: 3518266571.384481638 (2011/06/28 12:16:11)
Originator Timestamp: 3518266569.389516592 (2011/06/28 12:16:09)
Receive Timestamp: 3518266569.395171970 (2011/06/28 12:16:09)
Transmit Timestamp: 3518266632.383346796 (2011/06/28 12:17:12)
Originator - Receive Timestamp: +0.005655385
Originator - Transmit Timestamp: +62.993830204
12:17:12.394454 IP (tos 0x0, ttl 56, id 10462, offset 0, flags [DF], proto:
UDP (17), length: 76) <dest hostname 3>.ntp > <source hostname>.ntp: NTPv4,
length 48
Server, Leap indicator: (0), Stratum 1, poll 6s, precision -20
Root Delay: 0.000000, Root dispersion: 0.000442, Reference-ID: GPS^@
Reference Timestamp: 3518266617.704929769 (2011/06/28 12:16:57)
Originator Timestamp: 3518266632.383346796 (2011/06/28 12:17:12)
Receive Timestamp: 3518266632.389916837 (2011/06/28 12:17:12)
Transmit Timestamp: 3518266632.390025585 (2011/06/28 12:17:12)
Originator - Receive Timestamp: +0.006570036
Originator - Transmit Timestamp: +0.006678800
12:17:13.383469 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP
(17), length: 76) <source hostname>.ntp > <dest hostname 2>.ntp: NTPv4,
length 48
Client, Leap indicator: (0), Stratum 2, poll 6s, precision -20
Root Delay: 0.000411, Root dispersion: 0.007766, Reference-ID: <dest
hostname 1>
Reference Timestamp: 3518266571.384481638 (2011/06/28 12:16:11)
Originator Timestamp: 3518266567.431153744 (2011/06/28 12:16:07)
Receive Timestamp: 3518266567.477801799 (2011/06/28 12:16:07)
Transmit Timestamp: 3518266633.383443862 (2011/06/28 12:17:13)
Originator - Receive Timestamp: +0.046648047
Originator - Transmit Timestamp: +65.952290117
--
Heath Roberts
htroberts at gmail.com
More information about the TriLUG
mailing list