Thanks Steve and David,
On 21/10/2008, at 7:28 AM, Steve Kostecke wrote: > On 2008-10-20, John Zornig <[EMAIL PROTECTED]> wrote: > >> On an isolated network, not connected to the internet, I have a >> timeserver appliance connected to GPS which is doing NTP broadcast >> across a UDP one way link to the client system I am trying to >> configure as a broadcast client. > > Good! You have a time source. > >> On my client I have the following in the ntp.conf file. Note: >> novolley >> is used as there is no return network path to the timeserver >> appliance. >> >> broadcastclient novolley >> disable auth > > Since you are using 'novolley' ntpd has no way of calculating the > broadcast delay. The default broadcast delay is 4.0 ms (see > http://doc.ntp.org/4.2.2/confopt.html). If the delay across your UDP > link is different you may set it with the 'broadcastdelay' command. Once I have it working I'll set up an equivalent two-way network link and calculate the delay accurately. > > > ntpd needs to have a driftfile to store the frequency correction. On > my > Debian system it is specified like this: > > driftfile /var/lib/ntp/ntp.drift I do have the drift file, writable by the ntp user. > > > The directory should exist and be writeable by the ntp user. > >> The clock on the client is within 2 minutes of the correct time. I >> run >> ntpd and it does not set the time to match the timeserver. >> >> I run ntpd on the client with -D and I get regular messages >> coinciding >> with the arrival of the udp packets. >> receive: at 1205 10.9.2.1<-10.9.2.2 mode 5 code 6 keyid 00000001 len >> 48 mac 20 auth 2 > > That shows that the client is receiving the broadcast packets. > > The broadcast server sends out NTP packets at 64 second intervals. So, > the maximum delay before the client sees the first broadcast packet is > 64 seconds after startup. After ntpd receives the first broadcast > packet > you will see a 1 in the "reach" column of the ntpq peers billboard > ('ntpq -p'). Then, at 64 second intervals, you should see the reach > increase (e.g. 1, 3, 7, 11, 13, 17 ... assuming that it receives every > broadcast packet) until it reaches 377. The client ntpd should sync to > the server within 5 minutes. Once the client is synced to the server > you'll see an asterisk '*' to the left of the server name in the > client's ntpq peer billboard ('ntpq -p'). ntpq reports there are no peers or associations > > > Please check the ntpq peer billboard on the client and paste it here > if > you need further assistance. >> Here is some more detailed output. ----- tcpdump of three consecutive incoming ntp broadcasts ------------ tcpdump -vvnnet udp port 123 tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 00:a0:69:01:9d:6f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 110: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 96) 10.10.9.1.123 > 10.10.255.255.123: NTPv4, length 68 Broadcast, Leap indicator: (0), Stratum 1, poll 6s, precision -18 Root Delay: 0.000000, Root dispersion: 0.000427, Reference-ID: FREE Reference Timestamp: 3433530124.959565401 (2008/10/21 08:22:04) Originator Timestamp: 0.000000000 Receive Timestamp: 0.000000000 Transmit Timestamp: 3433530136.959934234 (2008/10/21 08:22:16) Originator - Receive Timestamp: 0.000000000 Originator - Transmit Timestamp: 3433530136.959934234 (2008/10/21 08:22:16) 00:a0:69:01:9d:6f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 110: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 96) 10.10.9.1.123 > 10.10.255.255.123: NTPv4, length 68 Broadcast, Leap indicator: (0), Stratum 1, poll 6s, precision -18 Root Delay: 0.000000, Root dispersion: 0.000411, Reference-ID: FREE Reference Timestamp: 3433530190.962332248 (2008/10/21 08:23:10) Originator Timestamp: 0.000000000 Receive Timestamp: 0.000000000 Transmit Timestamp: 3433530202.962812721 (2008/10/21 08:23:22) Originator - Receive Timestamp: 0.000000000 Originator - Transmit Timestamp: 3433530202.962812721 (2008/10/21 08:23:22) 00:a0:69:01:9d:6f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 110: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 96) 10.10.9.1.123 > 10.10.255.255.123: NTPv4, length 68 Broadcast, Leap indicator: (0), Stratum 1, poll 6s, precision -18 Root Delay: 0.000000, Root dispersion: 0.000335, Reference-ID: FREE Reference Timestamp: 3433530258.965310037 (2008/10/21 08:24:18) Originator Timestamp: 0.000000000 Receive Timestamp: 0.000000000 Transmit Timestamp: 3433530265.965564072 (2008/10/21 08:24:25) Originator - Receive Timestamp: 0.000000000 Originator - Transmit Timestamp: 3433530265.965564072 (2008/10/21 08:24:25) ---- Full ntp.conf file ---------------- cat /etc/ntp.conf logconfig all restrict 10.10.9.1 restrict 127.0.0.1 disable auth broadcastclient novolley driftfile /var/lib/ntp/drift ---------ntp command and output ------------- ntpd -u ntp:ntp -p /var/run/ntpd.pid -g -D 2 Debug1: 2 -> 2 = 2 ntpd [EMAIL PROTECTED] Thu Jan 17 18:14:08 UTC 2008 (1) Debug1: 2 -> 2 = 2 addto_syslog: set_process_priority: Leave priority alone: priority_done is <2> addto_syslog: precision = 1.000 usec create_sockets(123) addto_syslog: no IPv6 interfaces found addto_syslog: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 bind() fd 16, family 2, port 123, addr 0.0.0.0, flags=9 Added addr 0.0.0.0 to list of addresses flags for fd 16: 04002 addto_syslog: Listening on interface wildcard, 0.0.0.0#123 Disabled bind() fd 17, family 2, port 123, addr 127.0.0.1, flags=5 Added addr 127.0.0.1 to list of addresses flags for fd 17: 04002 addto_syslog: Listening on interface lo, 127.0.0.1#123 Enabled bind() fd 18, family 2, port 123, addr 10.6.1.9, flags=25 Added addr 10.6.1.9 to list of addresses flags for fd 18: 04002 addto_syslog: Listening on interface eth2, 10.6.1.9#123 Enabled bind() fd 19, family 2, port 123, addr 10.6.2.9, flags=25 Added addr 10.6.2.9 to list of addresses flags for fd 19: 04002 addto_syslog: Listening on interface eth3, 10.6.2.9#123 Enabled bind() fd 20, family 2, port 123, addr 10.10.1.9, flags=25 Added addr 10.10.1.9 to list of addresses flags for fd 20: 04002 addto_syslog: Listening on interface eth0, 10.10.1.9#123 Enabled bind() fd 21, family 2, port 123, addr 172.27.128.254, flags=25 Added addr 172.27.128.254 to list of addresses flags for fd 21: 04002 addto_syslog: Listening on interface eth4, 172.27.128.254#123 Enabled bind() fd 22, family 2, port 123, addr 10.11.1.1, flags=25 Added addr 10.11.1.1 to list of addresses flags for fd 22: 04002 addto_syslog: Listening on interface eth5, 10.11.1.1#123 Enabled bind() fd 23, family 2, port 123, addr 10.1.1.9, flags=25 Added addr 10.1.1.9 to list of addresses flags for fd 23: 04002 addto_syslog: Listening on interface eth1, 10.1.1.9#123 Enabled create_sockets: Total interfaces = 8 interface 0: fd=16, bfd=-1, name=wildcard, flags=0x9, scope=0 sin=0.0.0.0 bcast=0.0.0.0, mask=255.255.255.255 Disabled interface 1: fd=17, bfd=-1, name=lo, flags=0x5, scope=0 sin=127.0.0.1, mask=255.0.0.0 Enabled interface 2: fd=18, bfd=-1, name=eth2, flags=0x19, scope=0 sin=10.6.1.9 bcast=10.6.1.255, mask=255.255.255.0 Enabled interface 3: fd=19, bfd=-1, name=eth3, flags=0x19, scope=0 sin=10.6.2.9 bcast=10.6.2.255, mask=255.255.255.0 Enabled interface 4: fd=20, bfd=-1, name=eth0, flags=0x19, scope=0 sin=10.10.1.9 bcast=10.10.255.255, mask=255.255.0.0 Enabled interface 5: fd=21, bfd=-1, name=eth4, flags=0x19, scope=0 sin=172.27.128.254 bcast=172.27.128.255, mask=255.255.255.0 Enabled interface 6: fd=22, bfd=-1, name=eth5, flags=0x19, scope=0 sin=10.11.1.1 bcast=10.11.1.255, mask=255.255.255.0 Enabled interface 7: fd=23, bfd=-1, name=eth1, flags=0x19, scope=0 sin=10.1.1.9 bcast=10.1.1.255, mask=255.255.255.0 Enabled init_io: maxactivefd 23 local_clock: time 0 base 0.000000 offset 0.000000 freq 0.000 state 0 Debug2: 2 -> 2 = 2 ntp_syslogmask = 0x0000ffff (all) getnetnum given 10.10.9.1, got 10.10.9.1 getnetnum given 127.0.0.1, got 127.0.0.1 bind() fd 24, family 2, port 123, addr 10.6.1.255, flags=8 Added addr 10.6.1.255 to list of addresses flags for fd 24: 04002 Broadcast enabled on socket 24 for address 10.6.1.9 Modifying addr 10.6.1.9 in list of addresses addto_syslog: io_setbclient: Opened broadcast client on interface 2, socket: 24 bind() fd 25, family 2, port 123, addr 10.6.2.255, flags=8 Added addr 10.6.2.255 to list of addresses flags for fd 25: 04002 Broadcast enabled on socket 25 for address 10.6.2.9 Modifying addr 10.6.2.9 in list of addresses addto_syslog: io_setbclient: Opened broadcast client on interface 3, socket: 25 bind() fd 26, family 2, port 123, addr 10.10.255.255, flags=8 Added addr 10.10.255.255 to list of addresses flags for fd 26: 04002 Broadcast enabled on socket 26 for address 10.10.1.9 Modifying addr 10.10.1.9 in list of addresses addto_syslog: io_setbclient: Opened broadcast client on interface 4, socket: 26 bind() fd 27, family 2, port 123, addr 172.27.128.255, flags=8 Added addr 172.27.128.255 to list of addresses flags for fd 27: 04002 Broadcast enabled on socket 27 for address 172.27.128.254 Modifying addr 172.27.128.254 in list of addresses addto_syslog: io_setbclient: Opened broadcast client on interface 5, socket: 27 bind() fd 28, family 2, port 123, addr 10.11.1.255, flags=8 Added addr 10.11.1.255 to list of addresses flags for fd 28: 04002 Broadcast enabled on socket 28 for address 10.11.1.1 Modifying addr 10.11.1.1 in list of addresses addto_syslog: io_setbclient: Opened broadcast client on interface 6, socket: 28 bind() fd 29, family 2, port 123, addr 10.1.1.255, flags=8 Added addr 10.1.1.255 to list of addresses flags for fd 29: 04002 Broadcast enabled on socket 29 for address 10.1.1.9 Modifying addr 10.1.1.9 in list of addresses addto_syslog: io_setbclient: Opened broadcast client on interface 7, socket: 29 io_setbclient: Opened broadcast clients addto_syslog: frequency initialized 0.000 PPM from /var/lib/ntp/drift local_clock: time 0 base 0.000000 offset 0.000000 freq 0.000 state 1 addto_syslog: system event 'event_restart' (0x01) status 'sync_alarm, sync_unspec, 1 event, event_unspec' (0xc010) report_event: system event 'event_restart' (0x01) status 'sync_alarm, sync_unspec, 1 event, event_unspec' (0xc010) auth_agekeys: at 1 keys 1 expired 0 timer: refresh ts 0 receive: at 35 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 35 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 60 keys 1 expired 0 receive: at 100 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 100 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 120 keys 1 expired 0 receive: at 164 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 164 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 180 keys 1 expired 0 receive: at 227 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 227 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 240 keys 1 expired 0 receive: at 358 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 358 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 360 keys 1 expired 0 auth_agekeys: at 420 keys 1 expired 0 receive: at 423 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 423 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 480 keys 1 expired 0 receive: at 487 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 487 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 540 keys 1 expired 0 receive: at 550 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 550 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 600 keys 1 expired 0 receive: at 613 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 613 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 auth_agekeys: at 660 keys 1 expired 0 receive: at 676 10.10.1.9<-10.10.9.1 flags 39 restrict 000 receive: at 676 10.10.1.9<-10.10.9.1 mode 5 code 6 keyid 00000002 len 48 mac 20 auth 2 ----------ntpq -p----------- ntpq -p receive: at 149 127.0.0.1<-127.0.0.1 flags 5 restrict 000 sendpkt(fd=17 dst=127.0.0.1, src=127.0.0.1, ttl=-6, len=12) No association ID's returned -----------ntpq output requested by David ------ ntpq -i ntpq> peers receive: at 313 127.0.0.1<-127.0.0.1 flags 5 restrict 000 sendpkt(fd=17 dst=127.0.0.1, src=127.0.0.1, ttl=-6, len=12) No association ID's returned ntpq> assoc receive: at 317 127.0.0.1<-127.0.0.1 flags 5 restrict 000 sendpkt(fd=17 dst=127.0.0.1, src=127.0.0.1, ttl=-6, len=12) No association ID's returned ntpq> rv 0 receive: at 328 127.0.0.1<-127.0.0.1 flags 5 restrict 000 sendpkt(fd=17 dst=127.0.0.1, src=127.0.0.1, ttl=-6, len=388) assID=0 status=c011 sync_alarm, sync_unspec, 1 event, event_restart, version="ntpd [EMAIL PROTECTED] Thu Jan 17 18:14:08 UTC 2008 (1)", processor="x86_64", system="Linux/2.6.18-92.1.13.el5", leap=11, stratum=16, precision=-20, rootdelay=0.000, rootdispersion=4.920, peer=0, refid=INIT, reftime=00000000.00000000 Thu, Feb 7 2036 16:28:16.000, poll=6, clock=cca7853d.2eadbfd0 Tue, Oct 21 2008 8:31:25.182, state=1, offset=0.000, frequency=0.000, jitter=0.001, noise=0.001, stability=0.000, tai=0 ntpq> John Zornig Specialist Systems Analyst Australian Access Federation AusCERT & Strategic Technologies Group Information Technology Services (ITS) The University of Queensland Brisbane Qld, 4072 Ph: +61 7 336 54288 Mob: +61 434 351 532 [EMAIL PROTECTED] http://www.uq.edu.au/~uqjzorni/ _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
