Re: ntp handling in 6.0
Don't top-post, please. Dave [EMAIL PROTECTED] writes: Thanks for your reply. My server box does indeed have ntpd running i confirmed it with ps -aux and it does have a pf firewall. The rules are: # allow UDP requests to port 123 from firewall to exit ext_if_if # in order to contact internet ntp servers # (keep state on this connection) pass out quick on $ext_if inet proto { tcp, udp} from $ext_if to any port 123 keep state # allow UDP requests to ports 67, 68, and 123 from # in order to perform dhcp and ntp queries on the firewall # ( Keep state on this connection) pass in quick on $int_if inet proto { tcp,udp } from $int_net to $int_if port { 67, 68, 123 } keep state There's probably a syntax issue here; I don't use pf, so the fact that I don't personally see a problem may not mean anthing. You could try debugging it by seeing whether the request packets actually get out of the firewall, and whether responses come back. and ntpdc shows me a prompt. But does it see any peers? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ntp handling in 6.0
Dave [EMAIL PROTECTED] writes: Hello, Has ntp handling changed in 6.0-RELEASE? I've been through the handbook and /etc/defaults/rc.conf but haven't found the answer to this. I've got a machine acting as an ntp server for a network. When i run ntpdate -b IP from another machine i get the error No servers suitable for synchronization found. Ntpd from these other boxes shows the same. From the local ntp server to the ntp servers on the internet works fine. The local ntp server's configuration is as follows: /etc/rc.conf ntpdate_enable=YES ntpdate_flags=-b servername ntpd_enable=YES ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid ntp.conf server servername prefer server servername servername driftfile /etc/ntp.drift restrict 192.168.9.0 mask 255.255.255.0 notrust nomodify notrap and on client boxes: /etc/rc.conf ntpdate_enable=YES ntpdate_flags=-b local ntp server IP ntpd_enable=YES ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid /etc/ntp.conf server local-ntp-server-ip prefer driftfile /etc/ntp.drift Is there an ntpd running? Is there a firewall in the way? What does ntpdc tell you? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ntp handling in 6.0
Hello, Thanks for your reply. My server box does indeed have ntpd running i confirmed it with ps -aux and it does have a pf firewall. The rules are: # allow UDP requests to port 123 from firewall to exit ext_if_if # in order to contact internet ntp servers # (keep state on this connection) pass out quick on $ext_if inet proto { tcp, udp} from $ext_if to any port 123 keep state # allow UDP requests to ports 67, 68, and 123 from # in order to perform dhcp and ntp queries on the firewall # ( Keep state on this connection) pass in quick on $int_if inet proto { tcp,udp } from $int_net to $int_if port { 67, 68, 123 } keep state and ntpdc shows me a prompt. Hope this helps. Dave. - Original Message - From: Lowell Gilbert [EMAIL PROTECTED] To: Dave [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Sent: Monday, November 14, 2005 10:00 AM Subject: Re: ntp handling in 6.0 Dave [EMAIL PROTECTED] writes: Hello, Has ntp handling changed in 6.0-RELEASE? I've been through the handbook and /etc/defaults/rc.conf but haven't found the answer to this. I've got a machine acting as an ntp server for a network. When i run ntpdate -b IP from another machine i get the error No servers suitable for synchronization found. Ntpd from these other boxes shows the same. From the local ntp server to the ntp servers on the internet works fine. The local ntp server's configuration is as follows: /etc/rc.conf ntpdate_enable=YES ntpdate_flags=-b servername ntpd_enable=YES ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid ntp.conf server servername prefer server servername servername driftfile /etc/ntp.drift restrict 192.168.9.0 mask 255.255.255.0 notrust nomodify notrap and on client boxes: /etc/rc.conf ntpdate_enable=YES ntpdate_flags=-b local ntp server IP ntpd_enable=YES ntpd_flags=-c /etc/ntp.conf -p /var/run/ntpd.pid /etc/ntp.conf server local-ntp-server-ip prefer driftfile /etc/ntp.drift Is there an ntpd running? Is there a firewall in the way? What does ntpdc tell you? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]