Sorry I don't have time to look at this for longer right now, but IIRC
in ntp4 by default {broad,multi}casts are not trusted (any idiot on
the net could start broadcasting anything) so you need to either
1. set up keys that are used to broadcast at the server end and
trusted at the client end
or
2. use "disable auth" to trust anything that is broadcast.
See
for #1 here http://www.eecis.udel.edu/~mills/ntp/html/authopt.html
and #2 here: http://www.eecis.udel.edu/~mills/ntp/html/miscopt.html#enable
On 02/03/2008, at 8:21 PM, UNIX admin wrote:
> I configured a startum-3 time server. When I do ntpq -p on the time
> server, I get:
>
> remote refid st t when poll reach delay
> offset disp
> =
> =
> =
> =
> =
> =
> =
> =
> ======================================================================
> ALL-SYSTEMS.MCA 0.0.0.0 16 - - 64 0 0.00
> 0.000 16000.0
> -spiffy.firsttra clock.sjc.he.ne 2 u 57 64 377 175.60
> -1.160 0.32
> -chiccp.net ntp.your.org 2 u 246 1024 377 127.73
> -3.634 0.52
> -hudson.firsttra ntp.your.org 2 u 108 1024 377 126.24
> -3.727 0.61
> -tick.meteonews. swisstime.ee.et 3 u 243 1024 377 10.79
> -3.205 3.13
> -ns1.toponline.c swisstime.ee.et 3 u 78 1024 377 10.24
> -3.081 0.52
> +zg2.ntp.CARNet. stratum1.ntp.ca 2 u 29 64 377 49.27
> 0.295 0.41
> +po.os.carnet.hr stratum1.ntp.ca 2 u 47 64 377 53.16
> 0.923 0.12
> -morcic.RI.CARNe stratum1.ntp.ca 2 u 39 64 377 50.69
> -0.409 0.87
> *duje.st.carnet. stratum1.ntp.ca 2 u 9 64 377 53.83
> 0.181 0.23
>
> Also, ntpdate w.x.y.z from the would-be NTP client works.
>
> The /etc/inet/ntp.conf on the server looks like this:
> server stratum2.sjc1.publicntp.net
> server stratum2.ord1.publicntp.net
> server stratum2.ord2.publicntp.net
> server tick.meteonews.ch
> server tack.meteonews.ch
> server zg2.ntp.carnet.hr
> server os.ntp.carnet.hr
> server ri.ntp.carnet.hr
> server st.ntp.carnet.hr
> driftfile /var/ntp/ntp.drift
> logconfig =syncstatus +sysevents +clockall
> broadcast 224.0.0.1
>
> On the client, the ntp.conf is thus:
> driftfile /var/ntp/ntp.drift
> logconfig =syncstatus +sysevents +clockall
> multicastclient
>
> When I do `svcadm enable ntp` on the client, I see:
> Mar 2 10:08:45 ntpclient xntpd[2769]: [ID 702911 daemon.notice]
> xntpd 3-5.93e+sun 03/08/29 16:23:05 (1.4)
> Mar 2 10:08:45 ntpclient xntpd[2769]: [ID 301315 daemon.notice]
> tickadj = 5, tick = 10000, tvu_maxslew = 495, est. hz = 100
> Mar 2 10:08:45 ntpclient xntpd[2769]: [ID 266339 daemon.notice]
> using kernel phase-lock loop 0041, drift correction 0.00000
>
> And here is my question: when I do `ntpq -p` I get:
>
> No association ID's returned
>
> Why? And I even waited for more than 20 minutes, still nothing. Why?
>
> Yet if I do:
>
> svcadm disable ntp
> ntpdate ntpserver
> 2 Mar 10:19:58 ntpdate[2806]: adjust time server w.x.y.z offset
> -0.047147 sec
>
> I don't understand.
> Why won't the client bind to the server? Must I perform additional
> steps on the server?
> Am I missing something?
> --
> This message posted from opensolaris.org
> _______________________________________________
> ntp-discuss mailing list
> ntp-discuss at opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/ntp-discuss
>
