Re: [OpenIndiana-discuss] NTP trouble and 123 port

Mon, 28 Apr 2014 05:17:26 -0700

On sort of the same topic. I've set up ntpd as a client, similar to what you described but I can't seem to get it to work. ntpq -p always shows all the peers in INIT state with a stratum of 16. (That's not exactly true, every once in a while I get an ipv6 peer through my 4to6 tunnel to initialize but that's a rare occurrence).
To make matters more confusing, ntpdate works as expected with any of the peers on my server list. Because of this, I've disabled nptd and use ntpdate using cron but I was wondering if anyone had a clue to why ntpd would fail while ntpdate succeeds or how to debug this. 

Gary

On 04/25/2014 09:23 AM, Gary Mills wrote:

On Fri, Apr 25, 2014 at 11:15:31AM +0200, Jozsef Brogyanyi wrote:

I have trouble with 123 port. I wanted to set a NTP client not a server.
I received an e-mail my ISP with a complain. Someone use my server 123 port.

I'll bounce you the message I sent to this mailing list in February.
It explains how to avoid the NTP amplification exploit that your ISP
complained about.


My NTP settings is the next:

cp /etc/inet/ntp.client /etc/inet/ntp.conf
nano /etc/inet/ntp.conf

Insert these lines. May be the these are not good.

server 0.hu.pool.ntp.org iburst
server 1.hu.pool.ntp.org iburst
server 2.hu.pool.ntp.org iburst
server 3.hu.pool.ntp.org iburst

I don't know what `iburst' means, but `man ntpd' describes it
partially.  I don't use it.


svcadm enable ntp
svcs ntp
svcs -x ntp
ntpq -p
How can I solve this problem if I need the NTP client?

Here are the non-comment lines from my ntp.conf:

  $ egrep -v '^#|^$' /etc/inet/ntp.conf
  restrict default kod nomodify notrap nopeer noquery
  restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap nopeer
  restrict 127.0.0.1
  restrict -6 ::1
  server 0.pool.ntp.org
  server 1.pool.ntp.org
  server 2.pool.ntp.org
  server 3.pool.ntp.org
  driftfile /var/ntp/ntp.drift
  statsdir /var/ntp/ntpstats/
  filegen peerstats file peerstats type day enable
  filegen loopstats file loopstats type day enable

You likely won't need the `192.168.0.0' line.  That's for my private
network.

It works:

  $ ntpq -p
       remote           refid      st t when poll reach   delay   offset  jitter
  ==============================================================================
  +time.netspectru 208.90.144.52    3 u  489  512  377   34.130    0.809   0.739
  *penguin.hopcoun 209.51.161.238   2 u  140  512  377   31.145    0.683   1.324
  -mongrel.ahem.ca 208.81.2.13      2 u  144  512  377   24.124   -9.238   4.130
  +mirror.mountain 200.98.196.212   2 u  508  512  377   31.867    1.559   2.638





_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss






















					Reply via email to