2

Today one of my servers hosted on Digital Ocean (the only one hosted there) is reporting wrong time. It's two hours late.

sudo dpkg-reconfigure tzdata
# then I set up the timezone to Europe/Rome

Current default time zone: 'Europe/Rome'
Local time is now:      Sat Jan 31 12:35:21 CET 2015.
Universal Time is now:  Sat Jan 31 11:35:21 UTC 2015.

But the time now is 10:35 in Rome and 9:35 UTC.

The command date is reporting the same time. I tried updating the time with:

sudo ntpdate -s ntp.ubuntu.com
# the same
sudo ntpdate -s time.nist.gov
# same again

By removing the -s flag I receive some errors:

sudo ntpdate time.nist.gov
31 Jan 14:11:49 ntpdate[18243]: sendto(time-a.timefreq.bldrdoc.gov): Operation not permitted
31 Jan 14:11:51 ntpdate[18243]: sendto(time-a.timefreq.bldrdoc.gov): Operation not permitted
31 Jan 14:11:53 ntpdate[18243]: sendto(time-a.timefreq.bldrdoc.gov): Operation not permitted
31 Jan 14:11:55 ntpdate[18243]: sendto(time-a.timefreq.bldrdoc.gov): Operation not permitted
31 Jan 14:11:57 ntpdate[18243]: no server suitable for synchronization found

What else do I have to change in order to fix the problem ?

Nicola Ferraro
  • 129
  • 3
  • Drop the `-s` flag to `ntpdate`, for a start: we'd like to see the output, and forcibly sending it to syslog isn't the best way of doing that! It may be, for example, that `ntpd` is running, in which case `ntpdate` won't fix the clock *and* `ntpd` won't fix it because you're running without `-g` and the clock's two hours wrong. Only more output can help us isolate these issues! – MadHatter Jan 31 '15 at 11:04
  • Right, if I drop the `-s` flag I receive some errors. I have updated the post. – Nicola Ferraro Jan 31 '15 at 11:14
  • Is this a containerised server using OpenVZ? – MadHatter Jan 31 '15 at 11:39
  • It is a virtual server, but I do not know which technology is Digital Ocean using. I also opened a support there ticket but received no response yet. – Nicola Ferraro Jan 31 '15 at 12:01
  • If it's virtualised, my comments don't apply; but if it's merely containerised, see eg http://serverfault.com/questions/446289/changing-time-or-offsetting-it-in-openvz-contained-server - you usually can't set the clock inside a container. Yet Another Reason why containers are *not* a cheap substitute for virtualisation, no matter how much the container sellers pretend that they are. – MadHatter Jan 31 '15 at 12:03
  • What's the output of `uname -a` and `mount`? – MadHatter Jan 31 '15 at 12:04
  • Probably I have found the issue: iptables was missing the rules for ntp. I disabled it temporary and it worked. Now I need to set the correct rules for the future. Thanks anyway. – Nicola Ferraro Jan 31 '15 at 12:13
  • 1
    Are you allowing 123/udp out through your firewall? – Håkan Lindqvist Jan 31 '15 at 13:31
  • 1
    @MadHatter DigitalOcean are all KVM. No containers. – Michael Hampton Jan 31 '15 at 15:17
  • No. Is it just 123/UDP out? No in? – Nicola Ferraro Jan 31 '15 at 18:27

0 Answers0