[LON-CAPA-users] ntp

Martin Siegert lon-capa-users@mail.lon-capa.org
Mon, 25 Feb 2002 12:02:29 -0800 

On Sun, Feb 24, 2002 at 09:56:11PM -0500, Scott Harrison wrote:
> Dear Lars:
> 
> > I guess ntp.msu.edu doesn't accept requests
> > from us.

Not necessarily. At SFU we block connections to port 123 (ntp) from
everywhere except a few selected time servers. Thus, it is actually the
other way round: We are not accepting connections from ntp.msu.edu.

> I have been using ntp.msu.edu from remote locations without problem.
> 
> > To fix this I replaced in /etc/ntp.conf the line ntp.msu.edu
> The line in ntp.conf should read (CVS:loncom/ntp.conf):
> server  ntp.msu.edu
> 
> The line in /etc/step-tickers should read (CVS:loncom/ntp/step-tickers):
> ntp.msu.edu
> 
> > with several lines of time servers that work for us. My question is
> > whether this will fix the problem?
> 
> To test whether a time server works for you, do this command:
> 
> /usr/sbin/ntpdate -b ntp.msu.edu
> 
> and see if anything happens.

ntpdate will tell you whether the specified time server serves time to you.
It will also initialize the clock. It will actually not tell you, whether
ntpd will use that time server. I have seen many ntp daemons that quite
happily bind to themselves (127.0.0.1), which will work ok for a few days
but not in the long run. To prevent that from happening you can put a line

restrict 127.0.0.1 notrust

into /etc/ntp.conf. 

To check whether ntpd is working correctly on your box execute the command

ntpq -p

(you don't even have to be root for this).
You should see something like

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+whistler.sfu.ca tick.usno.navy.  2 u  309  512  377    1.342    7.318   0.096
*seymour.sfu.ca  clock.isc.org    2 u  315  512  377    2.993   -0.151   0.548
 morgoth.sfu.ca  0.0.0.0         16 u    -   64    0    0.000    0.000 4000.00
+rm-rstar.sfu.ca tock.usno.navy.  2 u  364  512  377    3.648    5.072   0.194

Look at the st column (stratum). If it shows 16 for a particular time server,
it basically tells you that ntpd is not excepting time from that server (for
whatever reason). If you see only "16" in the st column, ntpd is not working
correctly.

Regards,
Martin

========================================================================
Martin Siegert
Academic Computing Services                        phone: (604) 291-4691
Simon Fraser University                            fax:   (604) 291-4242
Burnaby, British Columbia                          email: siegert@sfu.ca
Canada  V5A 1S6
========================================================================