3

The problem I'm trying to solve is that NTP won't synchronize:

$ sudo ntpstat
unsynchronised
  time server re-starting
   polling server every 64 s

Edit: Here's some ntpq output:

$ sudo ntpq -c peers
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 ntp.eecs.wsu.ed .INIT.          16 u    -   64    0    0.000    0.000   0.000
 71.19.224.242   .INIT.          16 u    -   64    0    0.000    0.000   0.000
 ntp4.vps.net    .INIT.          16 u    -   64    0    0.000    0.000   0.000
 mercury.z0p.org .INIT.          16 u    -   64    0    0.000    0.000   0.000
 li506-17.member .INIT.          16 u    -   64    0    0.000    0.000   0.000
 4.53.160.75     .INIT.          16 u    -   64    0    0.000    0.000   0.000
 ntp1.ResComp.Be .INIT.          16 u    -   64    0    0.000    0.000   0.000

I have the default RHEL6 /etc/ntp.conf configuration. Servers bit:

server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org

When I stop ntpd and try to run ntpdate manually, I get a "no server suitable for synchronization found" for all of those servers. Here's ntpdate with debug output:

$ ntpdate -dq 1.rhel.pool.ntp.org
10 May 10:02:42 ntpdate[13320]: ntpdate 4.2.4p8@1.1612-o Thu May 13 14:38:25 UTC 2010 (1)
Looking for host 1.rhel.pool.ntp.org and service ntp
host found : caprica.willglynn.com
transmit(208.88.126.226)
transmit(66.225.61.66)
transmit(149.20.68.17)
transmit(4.53.160.75)
transmit(208.88.126.226)
transmit(66.225.61.66)
transmit(149.20.68.17)
transmit(4.53.160.75)
transmit(208.88.126.226)
transmit(66.225.61.66)
transmit(149.20.68.17)
transmit(4.53.160.75)
transmit(208.88.126.226)
transmit(66.225.61.66)
transmit(149.20.68.17)
transmit(4.53.160.75)
transmit(208.88.126.226)
transmit(66.225.61.66)
transmit(149.20.68.17)
transmit(4.53.160.75)
208.88.126.226: Server dropped: no data
66.225.61.66: Server dropped: no data
149.20.68.17: Server dropped: no data
4.53.160.75: Server dropped: no data
server 208.88.126.226, port 123
stratum 0, precision 0, leap 00, trust 000
refid [208.88.126.226], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  1:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  1:28:16.000
transmit timestamp:  d5377c86.25dd5f5a  Fri, May 10 2013 10:02:46.147
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

server 66.225.61.66, port 123
stratum 0, precision 0, leap 00, trust 000
refid [66.225.61.66], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  1:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  1:28:16.000
transmit timestamp:  d5377c86.591061f7  Fri, May 10 2013 10:02:46.347
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

server 149.20.68.17, port 123
stratum 0, precision 0, leap 00, trust 000
refid [149.20.68.17], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  1:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  1:28:16.000
transmit timestamp:  d5377c86.8c427d35  Fri, May 10 2013 10:02:46.547
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

server 4.53.160.75, port 123
stratum 0, precision 0, leap 00, trust 000
refid [4.53.160.75], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  1:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  1:28:16.000
transmit timestamp:  d5377c86.bf762a87  Fri, May 10 2013 10:02:46.747
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

10 May 10:02:47 ntpdate[13320]: no server suitable for synchronization found

I can ping some of the NTP servers the pool directs me to:

$ ping caprica.willglynn.com
PING caprica.willglynn.com (208.88.126.226) 56(84) bytes of data.
64 bytes from caprica.willglynn.com (208.88.126.226): icmp_seq=1 ttl=52 time=60.2 ms
64 bytes from caprica.willglynn.com (208.88.126.226): icmp_seq=2 ttl=52 time=59.6 ms
64 bytes from caprica.willglynn.com (208.88.126.226): icmp_seq=3 ttl=52 time=59.9 ms
64 bytes from caprica.willglynn.com (208.88.126.226): icmp_seq=4 ttl=52 time=59.8 ms

Netstat for port 123:

$ netstat -ano|grep 123
udp        0      0 10.0.116.6:123              0.0.0.0:*                               off (0.00/0/0)
udp        0      0 127.0.0.1:123               0.0.0.0:*                               off (0.00/0/0)
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               off (0.00/0/0)
udp        0      0 :::123                      :::*                                    off (0.00/0/0)

iptables and ip6tables are off, but there is an external firewall that should have port 123 open for UDP.

Leo
  • 973
  • 6
  • 21
  • 38
  • "external firewall that should have port 123 open.." to me means you haven't verified and confirmed there are no weird NAT/access rules in place on the external firewall preventing communication. From my point of view, the evidence looks like it points to a firewall/connectivity issue. – Rex May 10 '13 at 14:49
  • 2
    Your client is not able to reach the NTP server.. It may be because of many issues.. Is there a firewall that is preventing the access?.. This would be my likely guess... – vijay rajah May 10 '13 at 14:31
  • It turned out to be a corporate firewall issue between the zone the server was in and the rest of the internet. I have now been able to run ntpdate manually, and I'm assuming ntpd will start working shortly. – Leo May 13 '13 at 14:41
  • 1
    can you close this question so people dont waste their time trying to answer open questions? – dfc Jan 21 '14 at 06:02

1 Answers1

5

Make sure there isn't an external firewall between the machine and the rest of the internet. If there is, request that the people administering the firewall open port 123.

Leo
  • 973
  • 6
  • 21
  • 38