# problem with ntp



## douglasfim (Apr 16, 2011)

```
[root@FreeBSD-center /etc]# more /etc/ntp.conf
driftfile /var/db/ntpd.drift
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

server a.st1.ntp.br iburst
server b.st1.ntp.br iburst
server c.st1.ntp.br iburst
server d.st1.ntp.br iburst
server gps.ntp.br iburst
server a.ntp.br iburst
server b.ntp.br iburst
server c.ntp.br iburst
#server ntp.br iburst
server pool.ntp.org
#server 192.168.1.150

server 127.127.1.0
fudge 127.127.1.0 stratum 13

restrict default kod notrap nomodify nopeer
restrict -6 default kod notrap nomodify nopeer 
#restrict default kod notrap nomodify nopeer noquery
#restrict 127.0.0.1 nomodify

broadcast 192.168.255.255
disable auth
broadcastclient
```


```
[root@FreeBSD-center /etc]# cat /etc/rc.conf 

# -- sysinstall generated deltas -- # Thu Mar  3 11:58:50 2011
# Created: Thu Mar  3 11:58:50 2011
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
hostname="FreeBSD-center"
ifconfig_em0="DHCP"
ifconfig_em1="192.168.2.1"
ifconfig_em2="192.168.3.1"
ifconfig_em3="192.168.4.1"
keymap="us.pc-ctrl"
hald_enable="YES"
dbus_enable="YES"
usbd_enable="YES"
ntpd_enable="YES"
ntpd_config="/etc/ntp.conf"
dhcpd_enable="YES"
dhcpd_ifaces="em1 em2 em3"
sshd_enable="YES"
squid_enable="YES"
# IPFW
#firewall_enable="YES"
#firewall_type="open"
#firewall_logging="YES"
# PF
pf_enable="YES"
pf_rules="/etc/pf.conf"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
gateway_enable="YES"

# -- sysinstall generated deltas -- # Wed Mar  9 22:32:33 2011
moused_enable="YES"
```

The server time is not synchronized. The clients are not synchronizing.


----------



## mamalos (Apr 16, 2011)

Even though I hate this sort of answers, I cannot resist this time : Have you considered net/openntpd? It's ridiculously easy to configure, it's supported by the OpenBSD team, it works like a charm.

And, no, I have no idea how to answer your question, sorry .


----------



## douglasfim (Apr 16, 2011)

I'll try OpenNTPD


----------



## douglasfim (Apr 16, 2011)

```
[root@FreeBSD-center /usr/local/etc]# more ntpd.conf 
# $FreeBSD: ports/net/openntpd/files/ntpd.conf,v 1.1 2009/08/03 13:58:59 naddy Exp $
# sample ntpd configuration file, see ntpd.conf(5)

# Addresses to listen on (ntpd does not listen by default)
listen on *

# sync to a single server
server ntp.br

# use a random selection of NTP Pool Time Servers
# see http://support.ntp.org/bin/view/Servers/NTPPoolServers
servers pool.ntp.org
```

added the line in /etc/rc.conf

```
openntpd_enable="YES"
```

I added the lines in /etc/pf.conf

```
pass out on $INET proto tcp to any port ntp
pass out on $INET proto udp to any port ntp
```

A difference of 3 hours continues. I used nmap and port 22 is the only open.


----------



## mamalos (Apr 16, 2011)

Large time differences are usually addressed by first running *ntpdate* to manually sync with your server, and then relying on ntp. The algorithm for syncing time will correct such time differences, but it may take years to do it . As you've mentioned, network access to/from your ntp server(s) should be granted first.

Have you checked your /etc/localtime (timezone)? Is it set correctly?


----------



## Beastie (Apr 16, 2011)

mamalos said:
			
		

> Large time differences are usually addressed by first running *ntpdate* to manually sync with your server


ntpdate(8) is deprecated. I have this in root's crontab:

```
5       */3     *       *       *       ntpd -gq > /dev/null
```


----------



## jalla (Apr 16, 2011)

Or put this in rc.conf

```
ntpd_enable="YES"
ntpd_sync_on_start="YES"
```


----------



## Beastie (Apr 16, 2011)

But this only runs once.


----------



## douglasfim (Apr 16, 2011)

```
[root@FreeBSD-center /usr/share/zoneinfo/America]# cd /etc
[root@FreeBSD-center /etc]# ln -sf /usr/share/zoneinfo/America/Sao_Paulo localtime
```

port 123 would have to be open.


```
[root@FreeBSD-center /etc]# ntpdate a.ntp.br
16 Apr 17:01:54 ntpdate[1643]: no server suitable for synchronization found
[root@FreeBSD-center /etc]# ntpdate a.st1.ntp.br 
16 Apr 17:03:15 ntpdate[1644]: no server suitable for synchronization found
[root@FreeBSD-center /etc]# ntpdate pool.ntp.br  
16 Apr 17:03:41 ntpdate[1645]: no server suitable for synchronization found
```


----------



## douglasfim (Apr 16, 2011)

```
root@Douglao:/home/douglas# nmap -sU 192.168.1.150

Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-16 16:00 BRT
Nmap scan report for 192.168.1.150
Host is up (0.00068s latency).
Not shown: 894 closed ports, 105 open|filtered ports
PORT    STATE SERVICE
123/udp open  ntp
MAC Address: 08:00:27:4F:CF:4D (Cadmus Computer Systems)

Nmap done: 1 IP address (1 host up) scanned in 5.81 seconds
```


----------



## douglasfim (Apr 16, 2011)

```
[root@FreeBSD-center /etc]# ntpdate -u ntp.br
16 Apr 19:49:27 ntpdate[1988]: no server suitable for synchronization found
[root@FreeBSD-center /etc]# ntpdate -u pool.ntp.org
16 Apr 16:53:57 ntpdate[1991]: step time server 187.49.33.15 offset -10750.497413 sec
[root@FreeBSD-center /etc]# date
Sat Apr 16 16:54:01 BRT 2011
```


```
[root@FreeBSD-center /etc]# more /usr/local/etc/ntpd.conf     
# $FreeBSD: ports/net/openntpd/files/ntpd.conf,v 1.1 2009/08/03 13:58:59 naddy Exp $
# sample ntpd configuration file, see ntpd.conf(5)

# Addresses to listen on (ntpd does not listen by default)
listen on *

# sync to a single server
#server ntp.br

# use a random selection of NTP Pool Time Servers
# see http://support.ntp.org/bin/view/Servers/NTPPoolServers
servers pool.ntp.org
```

now it worked


----------

