I want to setup a small NTP server with ubuntu for a local network. I want that time is taken only from this server and not from outsdie network servers.Also, I want to enable to send MONLIST to clients that request it. I modified the NTP.conf file but I don't think is working. Can you help me? The server has IP address and the client that requires time and MONLIST has IP address The 2 network are connected using a firewall Here is the ntp.conf file

# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift

# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# Specify one or more NTP servers.

# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst

server iburst
fudge stratum 16

# Use Ubuntu's ntp server as a fallback.
#pool ntp.ubuntu.com

enable monitor

# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
#restrict -4 default kod notrap nomodify nopeer noquery limited
#restrict -6 default kod notrap nomodify nopeer noquery limited

# Local users may interrogate the ntp server more closely.
restrict ::1

# Needed for adding pool entries
restrict source notrap nomodify noquery

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict mask notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
disable auth

#Changes recquired to use pps synchonisation as explained in documentation:

#server mode 135 prefer    # Meinberg GPS167 with PPS
#fudge time1 0.0042        # relative to PPS for my hardware

#server                   # ATOM(PPS)
#fudge flag3 1            # enable PPS API
  • Why do you think it isn't working? What happens when you query the server from the client? And from the server itself? Anything in the log files? – Paul Haldane Nov 15 '16 at 10:04
  • if I execute `ntpdc -n -c monlist` from my client machine to my private ntp server it says " timed out, nothing received" @PaulHaldane – Domenico Picerno Nov 15 '16 at 10:33
  • What do you get if you try that command on the NTP server itself? – Paul Haldane Nov 15 '16 at 12:02
  • I get the same message also on the NTP server @PaulHaldane – Domenico Picerno Nov 15 '16 at 12:07
  • Have you made sure the NTP server is running? – Tero Kilkanen Nov 15 '16 at 16:21
  • Yes, NTP service is running. I think the error is in the ntp.conf file but i don't understand where @TeroKilkanen – Domenico Picerno Nov 15 '16 at 17:25
  • Possible duplicate of [How to set up local ntp server without internet access on ubuntu?](https://serverfault.com/questions/806274/how-to-set-up-local-ntp-server-without-internet-access-on-ubuntu) Also, you're fudging your reference clock to stratum 16, ie, unsynced. No client will sync to that. Try fudging to stratum 8 instead. – MadHatter Dec 04 '18 at 14:13

1 Answers1


Your clients are on different subnet than the NTP Server. Look in your network topology again. Maybe it is a firewall thing..! Leave 123 tcp port and 123 utp port open on both sides of your subnets or put the NTP Server on the same subnets with your clients and try again.! How are the two subnets connected together?? through a router ? or are they VLANS??? What???