Bug 127150
Summary: | ntpdate returns Server Dropped: no data | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Ben Lentz <blentz> | ||||
Component: | ntp | Assignee: | Harald Hoyer <harald> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 2 | CC: | paul, volker | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2004-08-25 12:20:07 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Ben Lentz
2004-07-02 18:44:53 UTC
cannot reproduce... ntpd needs a couple of minutes to sync, before it allows clients to get the time... so maybe, you have to wait... [harald@slash harald]$ sudo /usr/sbin/ntpdate -d localhost Password: 13 Jul 15:41:20 ntpdate[4995]: ntpdate 4.2.0 Thu Mar 11 11:46:40 EST 2004 (1) Looking for host localhost and service ntp host found : localhost.localdomain transmit(127.0.0.1) receive(127.0.0.1) transmit(127.0.0.1) receive(127.0.0.1) transmit(127.0.0.1) receive(127.0.0.1) transmit(127.0.0.1) receive(127.0.0.1) transmit(127.0.0.1) server 127.0.0.1, port 123 stratum 3, precision -20, leap 00, trust 000 refid [127.0.0.1], delay 0.02565, dispersion 0.00000 transmitted 4, in filter 4 reference time: c49e5fa0.ba5d28d0 Tue, Jul 13 2004 15:18:24.727 originate timestamp: c49e6500.f3817332 Tue, Jul 13 2004 15:41:20.951 transmit timestamp: c49e6500.f37ec354 Tue, Jul 13 2004 15:41:20.951 filter delay: 0.02588 0.02567 0.02565 0.02565 0.00000 0.00000 0.00000 0.00000 filter offset: 0.000104 0.000003 0.000002 0.000002 0.000000 0.000000 0.000000 0.000000 delay 0.02565, dispersion 0.00000 offset 0.000002 13 Jul 15:41:20 ntpdate[4995]: adjust time server 127.0.0.1 offset 0.000002 sec [harald@slash harald]$ sudo /usr/sbin/ntpdate -u localhost Looking for host localhost and service ntp host found : localhost.localdomain 13 Jul 15:41:26 ntpdate[5000]: adjust time server 127.0.0.1 offset 0.000004 sec [harald@slash harald]$ rpm -q ntp ntp-4.2.0-7 [harald@slash harald]$ /usr/sbin/ntpq -c peers remote refid st t when poll reach delay offset jitter ============================================================================== *harryh.home 195.145.119.188 2 u 473 1024 377 58.467 -15.605 23.270 [harald@slash harald]$ sudo /sbin/service ntpd restart ntpd herunterfahren: [ OK ] ntpd: Mit Zeit-Server synchronisieren: [ OK ] ntpd starten: [ OK ] [harald@slash harald]$ /usr/sbin/ntpq -c peers remote refid st t when poll reach delay offset jitter ============================================================================== harryh.home 195.145.119.188 2 u 4 64 1 3.663 -0.036 0.002 see the "*" in front of the ntp hostname? This indicates, that your ntp server is synced and ready to serve!! I'm not completely clear on what the reporter means by "No outside hosts can sync" ... but if he means that he has a server configuration on his FC2 machine, and outside _clients_ can't sync, then there's a change between ntpd 4.1 and 4.2 which might explain his problem. It seems that the meaning of the 'notrust' option of restrict has changed between 4.1 and 4.2 with the result that server configurations that worked with 4.1 fail silently with 4.2. Details can be found in the thread starting here, http://mailman.ntp.org/pipermail/questions/2004-July/004089.html It also seems as tho' the 'authenticate' keyword which is used in the default client ntp.conf that's generated during installation has gone away in 4.2 ... I'm now seeing lines like, ntpd[18362]: configure: keyword "authenticate" unknown, line ignored in /var/log/messages when ntpd is started. That was *exactly* the problem. Removing 'authenticate yes' and all references of notrust from the config file is allowing things to work now, no more inexplicable dropped packets. I'm not sure why, but I was still having this problem whilst connecting to localhost even though I had set "restrict localhost" (with nothing following it). I'm utterly flabbergasted that such a change would be made in the interpretation of the config file silently. What ever happened to deprecating an old meaning in favor for a different, new meaning? I'm glad that setting "notrust" didn't suddenly mean "Remove all files from /var". Created attachment 103067 [details]
Patch for ntp.conf
This patch removes the "notrust" restriction from ntp clients; this restriction
is no longer needed as its meaning has changed since older versions, and in
fact may prevent clients from accessing the time server if present.
The old "authenticate" keyword is also commented out.
fixed in ntp-4.2.0.a.20040616-3 |