2

I've got a NAS that is Linux-based (Linux version 2.6.32.11-svn70860) and it is not able to set its time using ntp. The previous SysAdmin is long gone so I have no idea whether this problem just started happening, or whether it's been this way for years. I'm also contacting the manufacturer, but don't have a lot of confidence in their tech support - which is why I'm here!

In /var/log/daemon.log I see lines like this:

Jan 13 09:28:37 ntpdate[16529]: can't find host pool.ntp.org
Jan 13 09:28:37 ntpdate[16529]: can't find host time.windows.com
Jan 13 09:28:37 ntpdate[16529]: can't find host pool.ntp.org
Jan 13 09:28:37 ntpdate[16529]: no servers can be used, exiting

So I started investigating ntpdate. If I execute

ntpdate pool.ntp.org

it responds

Error : Name or service not known
16 Jan 09:16:38 ntpdate[22019]: can't find host pool.ntp.org
16 Jan 09:16:38 ntpdate[22019]: no servers can be used, exiting

but if I execute

ping pool.ntp.org

it responds

PING pool.ntp.org (207.32.191.59) 56(84) bytes of data.
64 bytes from 207.32.191.59: icmp_seq=1 ttl=56 time=97.1 ms
64 bytes from 207.32.191.59: icmp_seq=2 ttl=56 time=97.0 ms
64 bytes from 207.32.191.59: icmp_seq=3 ttl=56 time=97.4 ms

which makes me think the Internet connection, IP configuration, DNS, etc. are all fine.

Where do I go from here?

UPDATE 1

nslookup pool.ntp.org

returns

;; Got recursion not available from A.B.C.D, trying next server
Server:     205.171.2.65
Address:    205.171.2.65#53
Non-authoritative answer:
Name:   pool.ntp.org
Address: 209.114.111.1
Name:   pool.ntp.org
Address: 173.242.114.154
Name:   pool.ntp.org
Address: 204.235.61.9
Name:   pool.ntp.org
Address: 64.6.144.6

A.B.C.D is an IP address inside our company, not sure why it's showing up.

UPDATE 2

I read about nslookup being deprecated in favor of dig, so I gave it a try.

dig pool.ntp.org

; <<>> DiG 9.5.1-P3 <<>> pool.ntp.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 56646
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;pool.ntp.org.          IN  A
;; Query time: 50 msec
;; SERVER: A.B.C.D#53(A.B.C.D)
;; WHEN: Thu Jan 16 11:03:40 2014
;; MSG SIZE  rcvd: 30

where A.B.C.D is that same internal name server.

Betty Crokker
  • 231
  • 1
  • 4
  • 10
  • Is port UDP 123 (NTP) open at firewall side (if any) for outgoing connexions to Internet ? – krisFR Jan 16 '14 at 17:12
  • Yeah, we have been investigating that, it looks like it's open but nobody here is an expert on the SonicWall so we're not 100% sure. Is there a program I could run (command-line Linux is best but I could run something on a Mac or Linux or Windows too) that would check whether port 123 is open? – Betty Crokker Jan 16 '14 at 17:17
  • What is the result for `ntpdate 207.32.191.59` ? – krisFR Jan 16 '14 at 17:34
  • Interesting, I think that works! It responded "16 Jan 10:34:58 ntpdate[27038]: step time server 207.32.191.59 offset 55.843776 sec". Is ntpdate somehow not able to talk DNS (even though clearly the connection is there since 'ping' works)? – Betty Crokker Jan 16 '14 at 17:35
  • 1
    `dig pool.ntp.org` - **`WARNING: recursion requested but not available`** Whatever you are using for DNS servers is not doing recursive lookups. Fix that. – Zoredache Jan 16 '14 at 18:15

1 Answers1

1

Solution: The folks in charge of our DNS server had to enable recursion.

Betty Crokker
  • 231
  • 1
  • 4
  • 10
  • I'm not sure how to do this then - I'm the OP, and based on the questions user2196728 and Zoredache asked I was able to ascertain that enabling recursion on the DNS server was the solution. – Betty Crokker Jan 16 '14 at 22:54
  • I guess this is the approp. way then. Perhaps you could expand what they did? – slm Jan 16 '14 at 23:20
  • I can find out what they did, but it will be specific to one DNS server, and is kind of off-topic (since my question is about ntpdate) – Betty Crokker Jan 16 '14 at 23:32
  • I understand what you're saying but then how is this Q&A of consequence to any future visitors? If someone were to run into the same issue would this answer guide them is all I'm saying. – slm Jan 16 '14 at 23:59