[vox-tech] I'm also having ntp problems :-(

vox-tech@lists.lugod.org vox-tech@lists.lugod.org
Thu, 25 Apr 2002 01:04:04 -0400 

On Wed, Apr 24, 2002 at 09:37:08PM -0700, Ryan wrote:
> On Wednesday 24 April 2002 08:16 pm, msimons@moria.simons-clan.com wrote:
> >   I would recommend you drop localhost from your configuration then pick
> > a series of time servers which are the same stratum.
> 
> Ok, didn't help...
> 
> > > [root@bob root]# ntpdate nat
> > > 24 Apr 18:02:18 ntpdate[3482]: no server suitable for synchronization
> > > found
> >
> >   If you add -q it will show you the results from each machines it tried,
> > and which one it would pick.  A -d to see what it's doing, in the
> > output look for a line like this:
> > # stratum 16, precision -17, leap 11, trust 000
> >   When a machine reports itself at stratum 16, it is basically saying
> > don't trust me, I don't think I'm synchronized against anything.
> 
> [root@bob root]# ntpdate -q nat
> transmit(192.168.0.1)
> transmit(192.168.0.1)
> transmit(192.168.0.1)
> transmit(192.168.0.1)
> transmit(192.168.0.1)
> 192.168.0.1: Server dropped: no data

  Something is preventing port 123 UDP packets from going between 
bob and nat, you can see packets be transmitted and no reply.  It
could also be that your ntpd is configured to not accept connections
from bob.

  Below are two commands as they show up on my local network,
if you could verify that the UDP packets are not being dropped,
then send the output from the following commands it would help.


root@star:/tmp# 
  strace -e connect,socket,sendto ntpq -ddn -c peers 10.1.1.1 2>&1 | 
    grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'

# socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
# connect(3, {sin_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("10.1.1.1")}}, 16) = 0
# Got packet, size = 24
# Packet okay
#      remote           refid      st t when poll reach   delay   offset  jitter
# ==============================================================================
# Got packet, size = 428
# Packet okay
# Got packet, size = 192
# Packet okay
# +169.237.105.80  192.5.41.41      2 u   28  256  377   32.159  -11.673   4.231


root@star:/tmp# 
  strace -e connect,socket,sendto ntpdate -qd 10.1.1.1 | 
    grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'

# socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
# 24 Apr 21:59:09 ntpdate[12079]: ntpdate 4.1.0 Mon Mar 25 23:39:50 UTC 2002 (2)
# --- SIGALRM (Alarm clock) ---
# transmit(10.1.1.1)
# sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, {sin_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("10.1.1.1")}}, 16) =
# 48
# receive(10.1.1.1)
# transmit(10.1.1.1)
# sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, {sin_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("10.1.1.1")}}, 16) =
# 48

Now on the firewall...

root@seawolf:~# strace -p `pidof ntpd` -e recvfrom

# --- SIGALRM (Alarm clock) ---
# recvfrom(6, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0, {sin_family=AF_INET, sin_port=htons(1458), sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48
# recvfrom(6, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0, {sin_family=AF_INET, sin_port=htons(1458), sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48
# recvfrom(6, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0, {sin_family=AF_INET, sin_port=htons(1458), sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48
# recvfrom(6, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0, {sin_family=AF_INET, sin_port=htons(1458), sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48
# --- SIGALRM (Alarm clock) ---