Re: ntp handling in 6.0

2005-11-15 Thread Lowell Gilbert 
Don't top-post, please.

Dave [EMAIL PROTECTED] writes:

 Thanks for your reply. My server box does indeed have ntpd running
 i confirmed it with ps -aux and it does have a pf firewall. The rules
 are:
 
 # allow UDP requests to port 123 from firewall to exit ext_if_if
 # in order to contact internet ntp servers
 # (keep state on this connection)
 pass out quick on $ext_if inet proto { tcp, udp} from $ext_if to any port 123 
 keep state
 
 # allow UDP requests to ports 67, 68, and 123 from # in order to perform dhcp 
 and ntp queries on the firewall
 # ( Keep state on this connection)
 pass in quick on $int_if inet proto { tcp,udp } from $int_net to $int_if port 
 { 67, 68, 123 } keep state

There's probably a syntax issue here; I don't use pf, so the fact that
I don't personally see a problem may not mean anthing.  You could try
debugging it by seeing whether the request packets actually get out of
the firewall, and whether responses come back.

 and ntpdc shows me a prompt.

But does it see any peers?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntp handling in 6.0

2005-11-14 Thread Lowell Gilbert 
Dave [EMAIL PROTECTED] writes:

 Hello,
 Has ntp handling changed in 6.0-RELEASE? I've been through the
 handbook and /etc/defaults/rc.conf but haven't found the answer to
 this. I've got a machine acting as an ntp server for a network. When i
 run ntpdate -b IP from another machine i get the error No servers
 suitable for synchronization found. Ntpd from these other boxes shows
 the same. From the local ntp server to the ntp servers on the internet
 works fine.
 The local ntp server's configuration is as follows:
 
 /etc/rc.conf
 ntpdate_enable=YES
 ntpdate_flags=-b servername
 ntpd_enable=YES
 ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid
 
 ntp.conf
 server servername prefer
 server servername
 servername
 driftfile /etc/ntp.drift
 restrict 192.168.9.0 mask 255.255.255.0 notrust nomodify notrap
 
 and on client boxes:
 
 /etc/rc.conf
 ntpdate_enable=YES
 ntpdate_flags=-b local ntp server IP
 ntpd_enable=YES
 ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid
 
 /etc/ntp.conf
 server local-ntp-server-ip prefer
 driftfile /etc/ntp.drift

Is there an ntpd running?
Is there a firewall in the way?
What does ntpdc tell you?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntp handling in 6.0

2005-11-14 Thread Dave 

Hello,
   Thanks for your reply. My server box does indeed have ntpd running i 
confirmed it with ps -aux and it does have a pf firewall. The rules are:


# allow UDP requests to port 123 from firewall to exit ext_if_if
# in order to contact internet ntp servers
# (keep state on this connection)
pass out quick on $ext_if inet proto { tcp, udp} from $ext_if to any port 
123 keep state


# allow UDP requests to ports 67, 68, and 123 from # in order to perform 
dhcp and ntp queries on the firewall

# ( Keep state on this connection)
pass in quick on $int_if inet proto { tcp,udp } from $int_net to $int_if 
port { 67, 68, 123 } keep state


and ntpdc shows me a prompt.
Hope this helps.
Dave.


- Original Message - 
From: Lowell Gilbert [EMAIL PROTECTED]

To: Dave [EMAIL PROTECTED]
Cc: freebsd-questions@freebsd.org
Sent: Monday, November 14, 2005 10:00 AM
Subject: Re: ntp handling in 6.0



Dave [EMAIL PROTECTED] writes:


Hello,
Has ntp handling changed in 6.0-RELEASE? I've been through the
handbook and /etc/defaults/rc.conf but haven't found the answer to
this. I've got a machine acting as an ntp server for a network. When i
run ntpdate -b IP from another machine i get the error No servers
suitable for synchronization found. Ntpd from these other boxes shows
the same. From the local ntp server to the ntp servers on the internet
works fine.
The local ntp server's configuration is as follows:

/etc/rc.conf
ntpdate_enable=YES
ntpdate_flags=-b servername
ntpd_enable=YES
ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid

ntp.conf
server servername prefer
server servername
servername
driftfile /etc/ntp.drift
restrict 192.168.9.0 mask 255.255.255.0 notrust nomodify notrap

and on client boxes:

/etc/rc.conf
ntpdate_enable=YES
ntpdate_flags=-b local ntp server IP
ntpd_enable=YES
ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid

/etc/ntp.conf
server local-ntp-server-ip prefer
driftfile /etc/ntp.drift


Is there an ntpd running?
Is there a firewall in the way?
What does ntpdc tell you? 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]