Re: ntpd just sits there and does nothing

[M. Warner Losh]

In message: [EMAIL PROTECTED]
Oliver Fromme [EMAIL PROTECTED] writes:
: [LoN]Kamikaze [EMAIL PROTECTED] wrote:
:   My original intention was just to say that openntpd works just out of the 
box,
:   while ntpd doesn't.
: 
: That's just plain wrong.  ntpd _does_ work out of the box
: (unless your configuration is broken), and it seems to be
: more accurate than openntpd.
: 
: Demanding to replace ntpd with openntpd in the FreeBSD
: base system because you cannot get the configuration right
: is ridiculous.

Especially since my company builds stratum 1 ntp servers that get time
from GPS, Loran and Hp5071A cesium standards.

Warner
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[[LoN]Kamikaze]

My original intention was just to say that openntpd works just out of the box,
while ntpd doesn't. And since openntpd works fine for me, I am not really
interested in resolving this. Anyway since so many of you seem to be, here is
the requested data:

 ntp.conf

server 0.de.pool.ntp.org minpoll 4 maxpoll 8
server 1.de.pool.ntp.org minpoll 4 maxpoll 8
server 2.de.pool.ntp.org minpoll 4 maxpoll 8
server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8

restrict default ignore
restrict 127.0.0.1

 ntpdc -p -c kerni -c loopi -c sysi -c syss

 remote   local  st poll reach  delay   offsetdisp
===
=time.as-compute 192.168.1.1216  2560 0.0  0.00 0.0
=mail.syncronisa 192.168.1.1216  2560 0.0  0.00 0.0
=proxy1.rz.uni-k 192.168.1.1216  2560 0.0  0.00 0.0
=proxy2.rz.uni-k 192.168.1.1216  2560 0.0  0.00 0.0
=proxy3.rz.uni-k 192.168.1.1216  2560 0.0  0.00 0.0
=proxy4.rz.uni-k 192.168.1.1216  2560 0.0  0.00 0.0
=crux.pmsf.net   192.168.1.1216  2560 0.0  0.00 0.0
pll offset:   0 s
pll frequency:0.000 ppm
maximum error:0.365516 s
estimated error:  1.6e-05 s
status:   2001  pll nano
pll time constant:0
precision:1e-09 s
frequency tolerance:  496 ppm
offset:   0.00 s
frequency:0.000 ppm
poll adjust:  0
watchdog timer:   730 s
system peer:  0.0.0.0
system peer mode: unspec
leap indicator:   11
stratum:  16
precision:-19
root distance:0.0 s
root dispersion:  0.01094 s
reference ID: [73.78.73.84]
reference time:   .  Thu, Feb  7 2036  7:28:16.000
system flags: auth monitor ntp kernel stats
jitter:   0.00 s
stability:0.000 ppm
broadcastdelay:   0.003998 s
authdelay:0.00 s
time since restart: 730
time since reset:   730
packets received:   87
packets processed:  0
current version:0
previous version:   0
bad version:0
access denied:  57
bad length or format:   0
bad authentication: 0
rate exceeded:  0

 ntpdate with -q in ntpdate_flags

# /etc/rc.d/ntpdate onestart
Setting date via ntp.
server 193.218.127.251, stratum 2, offset 0.631432, delay 0.04562
server 213.133.123.125, stratum 2, offset 0.630518, delay 0.03748
server 194.25.115.122, stratum 1, offset 0.633518, delay 0.04091
server 129.13.186.4, stratum 0, offset 0.00, delay 0.0
server 129.13.186.3, stratum 0, offset 0.00, delay 0.0
server 129.13.186.2, stratum 0, offset 0.00, delay 0.0
server 129.13.186.1, stratum 0, offset 0.00, delay 0.0
23 Jul 08:55:49 ntpdate[1772]: step time server 194.25.115.122 offset 0.633518 
sec

 /usr/local/sbin/ntpd -sd # This is openntpd

ntp engine ready
reply from 84.16.235.165: offset 0.573124 delay 0.011219, next query 8s
reply from 87.106.95.189: offset 0.573368 delay 0.014235, next query 8s
reply from 212.112.228.242: offset 0.574221 delay 0.014708, next query 7s
reply from 88.198.8.101: offset 0.573796 delay 0.015175, next query 6s
reply from 212.77.176.178: offset 0.574222 delay 0.016076, next query 5s
reply from 195.179.15.118: offset 0.541673 delay 0.022011, next query 5s
reply from 85.214.23.162: offset 0.568205 delay 0.022973, next query 9s
reply from 194.77.75.99: offset 0.573878 delay 0.033467, next query 8s
reply from 212.77.176.178: offset 0.570650 delay 0.014009, next query 7s
reply from 195.179.15.118: offset 0.537944 delay 0.020095, next query 5s
reply from 88.198.8.101: offset 0.570179 delay 0.013163, next query 9s
reply from 84.16.235.165: offset 0.568732 delay 0.009621, next query 6s
reply from 212.112.228.242: offset 0.569989 delay 0.013116, next query 5s
reply from 87.106.95.189: offset 0.568727 delay 0.013139, next query 6s
reply from 194.77.75.99: offset 0.570201 delay 0.029342, next query 6s
reply from 85.214.23.162: offset 0.562845 delay 0.021890, next query 9s
reply from 195.179.15.118: offset 0.536313 delay 0.021833, next query 7s
reply from 212.112.228.242: offset 0.567116 delay 0.012397, next query 7s
reply from 212.77.176.178: offset 0.567040 delay 0.014119, next query 7s
reply from 84.16.235.165: offset 0.565892 delay 0.010525, next query 6s
no reply from 129.13.186.4 received in time, next query 610s
no reply from 129.13.186.3 received in time, next query 607s
no reply from 129.13.186.2 received in time, next query 624s
no reply from 129.13.186.1 received in time, next query 600s
reply from 87.106.95.189: offset 0.565603 delay 0.013103, next query 7s
reply from 194.77.75.99: offset 0.564807 delay 0.031786, next 

Re: ntpd just sits there and does nothing

[Matthew Seaman]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

[LoN]Kamikaze wrote:
 My original intention was just to say that openntpd works just out of the box,
 while ntpd doesn't. And since openntpd works fine for me, I am not really
 interested in resolving this. Anyway since so many of you seem to be, here is
 the requested data:
 
 ntp.conf
 
 server 0.de.pool.ntp.org minpoll 4 maxpoll 8
 server 1.de.pool.ntp.org minpoll 4 maxpoll 8
 server 2.de.pool.ntp.org minpoll 4 maxpoll 8
 server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 
 restrict default ignore
 restrict 127.0.0.1

Err.. your configuration says ignore all NTP servers except
localhost.  You would need to let ntpd accept a time service from
all those machines you've told it are servers.  Since you're using
pool.ntp.org, you're going to need a blanket 'allow any server'
config like:

restrict default nomodify nopeer noquery
restrict 127.0.0.1

Cheers,

Matthew

- --
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
  Kent, CT11 9PW
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGpGwn8Mjk52CukIwRCKcjAJkBuV9WEBjb5XUOTLUGFyrivn/3KgCffnDa
8Ya5zpx5rZlQndLS377fPMA=
=5nqc
-END PGP SIGNATURE-
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Oliver Fromme]

[LoN]Kamikaze [EMAIL PROTECTED] wrote:
  My original intention was just to say that openntpd works just out of the 
  box,
  while ntpd doesn't.

That's just plain wrong.  ntpd _does_ work out of the box
(unless your configuration is broken), and it seems to be
more accurate than openntpd.

Demanding to replace ntpd with openntpd in the FreeBSD
base system because you cannot get the configuration right
is ridiculous.

   ntp.conf
  
  server 0.de.pool.ntp.org minpoll 4 maxpoll 8
  server 1.de.pool.ntp.org minpoll 4 maxpoll 8
  server 2.de.pool.ntp.org minpoll 4 maxpoll 8
  server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
  server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
  server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
  server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
  
  restrict default ignore
  restrict 127.0.0.1

You need to add proper restrict lines for the servers,
of course.  Basically you have configured ntpd to
ignore all servers.

Also, putting minpoll 4 maxpoll 8 on all servers is
somewhat suboptimal and puts an unnecessary burden on the
servers and networks without reason.  I recommend to use
low polling intervals and the iburst option for one or
two local servers only (e.g. for NTP servers located in
your direct upstream or at your ISP), and higher polling
intervals for other public servers.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH  Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

Software gets slower faster than hardware gets faster.
-- Niklaus Wirth
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Sean C. Farley]

On Mon, 23 Jul 2007, Matthew Seaman wrote:


[LoN]Kamikaze wrote:

My original intention was just to say that openntpd works just out of
the box, while ntpd doesn't. And since openntpd works fine for me, I
am not really interested in resolving this. Anyway since so many of
you seem to be, here is the requested data:


ntp.conf


server 0.de.pool.ntp.org minpoll 4 maxpoll 8
server 1.de.pool.ntp.org minpoll 4 maxpoll 8
server 2.de.pool.ntp.org minpoll 4 maxpoll 8
server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8

restrict default ignore
restrict 127.0.0.1


Err.. your configuration says ignore all NTP servers except
localhost.  You would need to let ntpd accept a time service from
all those machines you've told it are servers.  Since you're using
pool.ntp.org, you're going to need a blanket 'allow any server'
config like:

restrict default nomodify nopeer noquery
restrict 127.0.0.1


Do you actually need to open it up that way?  I have this on my server
which seems to work:

server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org
server 3.us.pool.ntp.org

restrict default ignore
restrict 0.us.pool.ntp.org nomodify nopeer noquery notrap
restrict 1.us.pool.ntp.org nomodify nopeer noquery notrap
restrict 2.us.pool.ntp.org nomodify nopeer noquery notrap
restrict 3.us.pool.ntp.org nomodify nopeer noquery notrap
restrict AAA.BBB.CCC.0 mask 255.255.255.0 nomodify nopeer notrap
restrict -6 :::::: mask ::::: nomodify 
nopeer notrap
restrict 127.0.0.1
restrict -6 ::1


# ntpdc -c peers
 remote   local  st poll reach  delay   offsetdisp
===
=AAA.BBB.CCC.DDD  3 1024  377 0.03639  0.014113 0.01482
*tock.jrc.us AAA.BBB.CCC.DDD  2 1024  377 0.05907  0.000169 0.01485
=nubtail.allbook AAA.BBB.CCC.DDD  3 1024  377 0.05696  0.000660 0.01485
=cletus.pettit.o AAA.BBB.CCC.DDD  2 1024  377 0.11273 -0.004489 0.01482

Sean
--
[EMAIL PROTECTED]
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Jeremy Chadwick]

On Mon, Jul 23, 2007 at 09:39:32AM -0500, Sean C. Farley wrote:
  Do you actually need to open it up that way?  I have this on my server
  which seems to work:

You don't *need* to.  The method he described allows you to avoid
having to make a restrict entry for each matching server, that's
all.

Your configuration is correct as well.  :-)

-- 
| Jeremy Chadwickjdc at parodius.com |
| Parodius Networking   http://www.parodius.com/ |
| UNIX Systems Administrator  Mountain View, CA, USA |
| Making life hard for others since 1977.  PGP: 4BD6C0CB |

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[[LoN]Kamikaze]

Oliver Fromme wrote:
 [LoN]Kamikaze [EMAIL PROTECTED] wrote:
   My original intention was just to say that openntpd works just out of the 
 box,
   while ntpd doesn't.
 
 That's just plain wrong.  ntpd _does_ work out of the box
 (unless your configuration is broken), and it seems to be
 more accurate than openntpd.

Obviously I'm too stupid to configure ntpd by myself. Thanks for all the
effort. I have watched ntpd do its magic for an hour, now. And it seems to aim
at running my clock half a second behind the server clocks. Maybe I just didn't
watch long enough, I understand that ntpd is trying to figure out how much my
clock goes wrong and only adjusts time very slowly.

 Demanding to replace ntpd with openntpd in the FreeBSD
 base system because you cannot get the configuration right
 is ridiculous.

I wasn't really demanding, but saying that I'd (personally) prefer openntpd.
And my original argument still stands, it's much simpler than ntpd and though I
lack the intelligence to configure ntpd, it suffices for openntpd.

Seeing that nobody seems to agree with me, I'm happy with running openntpd from
ports.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Chuck Swiger]

On Jul 23, 2007, at 7:10 AM, Oliver Fromme wrote:

[LoN]Kamikaze [EMAIL PROTECTED] wrote:

server 0.de.pool.ntp.org minpoll 4 maxpoll 8
server 1.de.pool.ntp.org minpoll 4 maxpoll 8
server 2.de.pool.ntp.org minpoll 4 maxpoll 8
server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8

restrict default ignore
restrict 127.0.0.1


You need to add proper restrict lines for the servers,
of course.  Basically you have configured ntpd to
ignore all servers.

Also, putting minpoll 4 maxpoll 8 on all servers is
somewhat suboptimal and puts an unnecessary burden on the
servers and networks without reason.  I recommend to use
low polling intervals and the iburst option for one or
two local servers only (e.g. for NTP servers located in
your direct upstream or at your ISP), and higher polling
intervals for other public servers.


I wish to second what Oliver has said, only more strongly: using  
minpoll 4 is considered abusive and a misuse of the NTP pool.  From  
http://www.pool.ntp.org/use.html


Be friendly.  Many servers are provided by volunteers, and almost  
all time servers are really file or mail or webservers which just  
happen to also run ntp.  So don't use more than three time servers in  
your configuration, and don't play dirty tricks with burst or minpoll  
- all you will gain is that this project will be stopped sooner or  
later.


No machine should ever poll faster than once a minute (aka minpoll  
8) to someone else's timeserver without prior agreement.  For an  
example of a reasonable client config, MacOS X uses a minpoll of 12  
and a maxpoll of 17.


--
-Chuck

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[[LoN]Kamikaze]

Chuck Swiger wrote:
 On Jul 23, 2007, at 7:10 AM, Oliver Fromme wrote:
 [LoN]Kamikaze [EMAIL PROTECTED] wrote:
 server 0.de.pool.ntp.org minpoll 4 maxpoll 8
 server 1.de.pool.ntp.org minpoll 4 maxpoll 8
 server 2.de.pool.ntp.org minpoll 4 maxpoll 8
 server ntp1.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 server ntp2.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 server ntp3.rz.uni-karlsruhe.de minpoll 4 maxpoll 8
 server ntp4.rz.uni-karlsruhe.de minpoll 4 maxpoll 8

 restrict default ignore
 restrict 127.0.0.1

 You need to add proper restrict lines for the servers,
 of course.  Basically you have configured ntpd to
 ignore all servers.

 Also, putting minpoll 4 maxpoll 8 on all servers is
 somewhat suboptimal and puts an unnecessary burden on the
 servers and networks without reason.  I recommend to use
 low polling intervals and the iburst option for one or
 two local servers only (e.g. for NTP servers located in
 your direct upstream or at your ISP), and higher polling
 intervals for other public servers.
 
 I wish to second what Oliver has said, only more strongly: using
 minpoll 4 is considered abusive and a misuse of the NTP pool.  From
 http://www.pool.ntp.org/use.html

That was only for testing.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Chuck Swiger]

On Jul 23, 2007, at 12:22 PM, [LoN]Kamikaze wrote:

I wish to second what Oliver has said, only more strongly: using
minpoll 4 is considered abusive and a misuse of the NTP pool.  From
http://www.pool.ntp.org/use.html


That was only for testing.


Please use your own timeservers for testing, not the NTP pool.

I'm not trying to be mean, but I've got three NTP servers in the  
pool, and just a handful of misconfigured clients which poll more  
often than once a minute consume more bandwidth than 60 to 1000  
normal clients do


--
-Chuck

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Jeremy Chadwick]

On Mon, Jul 23, 2007 at 12:18:59PM -0700, Chuck Swiger wrote:
  No machine should ever poll faster than once a minute (aka minpoll 8) to 
  someone else's timeserver without prior agreement.  For an example of a 
  reasonable client config, MacOS X uses a minpoll of 12 and a maxpoll of 17.

And an addendum to this:

Our servers use maxpoll 9 for a very specific reason: it appears to
work around an issue where on FreeBSD ntpd continually flips between
PLL and FLL mode.  The default for maxpoll is 10 (1024 seconds).

Taken from our ntp.conf is this comment:

# maxpoll 9 is used to work around PLL/FLL flipping, which
# happens at exactly 1024 seconds (the default maxpoll value).
# Another FreeBSD member recommended using 9 instead.
# http://lists.freebsd.org/pipermail/freebsd-stable/2006-December/031512.html

-- 
| Jeremy Chadwickjdc at parodius.com |
| Parodius Networking   http://www.parodius.com/ |
| UNIX Systems Administrator  Mountain View, CA, USA |
| Making life hard for others since 1977.  PGP: 4BD6C0CB |

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[doug]

On Sat, 21 Jul 2007, Kevin Oberman wrote:


Hi,

[LoN]Kamikaze wrote:

Doug Hardie wrote:


On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:



As the subject says, on my 6-stable systems ntpd just sits there and does
nothing. The logs only mention when the daemon gets started or shut
down. It
complains when servers are not reachable, but does nothing when they
are available.

The drift file always contains 0.00.


Mostly likely this means you are not communicating with the ntp servers. You 
never gave us your ntpd.conf file (that I saw anyway) and what do you get with 
'ntpdc -p', or the more complex command suggested earlier?



ntpd will not change time if the difference is too big - I think it
should be less then 1000s.
ntpdate will :)


If ntpd is working your clock will not vary from the server by more than a 
second, much less 1000 secs. If ntpdate does reset the clock, it suggests that 
your firewalls are not the problem and at least one of the servers will answer 
your queries. You can see if ntp packets are being passed by using tcpdump.


I suppose you have made sure its running by something like 'ps -aux | grep ntp'.


ntpdate is deprecated and is not recommended these days. The proper answer is
to start ntpd with the -g option and to add the 'iburst' option to one or more
of the servers in /etc/ntp.conf. The 'iburst' will speed up th initial sync to
close to that of ntpdate, but have much greater accuracy.

You can get the '-g' by adding 'ntpd_sync_on_start=YES' to rc.conf.
--

yea but so does 'ntpdate_enable=YES', but I still like nslookup too :)

The problem clearly seems to be you are not communicating with the ntp 
servers. The possibilities have all been stated: bad ntp.conf, firewall (you 
said there were two levels), or the servers you chose are not accepting your 
queries. Without seeing the data requested we are all guessing.


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Kevin Oberman]

 Hi,
 
 [LoN]Kamikaze wrote:
  Doug Hardie wrote:

  On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:
 
  
  As the subject says, on my 6-stable systems ntpd just sits there and does
  nothing. The logs only mention when the daemon gets started or shut
  down. It
  complains when servers are not reachable, but does nothing when they
  are available.
 
  The drift file always contains 0.00.
 
  ntpdate and openntpd both successfully manage to set the time, so I
  suppose
  it's a problem with ntpd.

  Are you on a static IP address?  If not, ntpd obtains its IP address
  when it starts up and uses it forever.  If your IP address changes then
  it will not be able to communicate with the upstream ntp servers.  It
  has to be restarted everytime your IP address changes.
  
 
  I have a static address. The trouble is it seems to operate fine, only it
  forgets to change the time when it differs from the time servers too much.
  Sometimes my clock goes wrong more than 1 second within a day.

 ntpd will not change time if the difference is too big - I think it 
 should be less then 1000s.
 ntpdate will :)

ntpdate is deprecated and is not recommended these days. The proper answer is 
to start ntpd with the -g option and to add the 'iburst' option to one or more 
of the servers in /etc/ntp.conf. The 'iburst' will speed up th initial sync to 
close to that of ntpdate, but have much greater accuracy.

You can get the '-g' by adding 'ntpd_sync_on_start=YES' to rc.conf.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: [EMAIL PROTECTED]   Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751




pgpEVvJs4P11r.pgp
Description: PGP signature

Re: ntpd just sits there and does nothing

[Stefan Lambrev]

Hi,

[LoN]Kamikaze wrote:

Doug Hardie wrote:
  

On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:



As the subject says, on my 6-stable systems ntpd just sits there and does
nothing. The logs only mention when the daemon gets started or shut
down. It
complains when servers are not reachable, but does nothing when they
are available.

The drift file always contains 0.00.

ntpdate and openntpd both successfully manage to set the time, so I
suppose
it's a problem with ntpd.
  

Are you on a static IP address?  If not, ntpd obtains its IP address
when it starts up and uses it forever.  If your IP address changes then
it will not be able to communicate with the upstream ntp servers.  It
has to be restarted everytime your IP address changes.



I have a static address. The trouble is it seems to operate fine, only it
forgets to change the time when it differs from the time servers too much.
Sometimes my clock goes wrong more than 1 second within a day.
  
ntpd will not change time if the difference is too big - I think it 
should be less then 1000s.

ntpdate will :)

Also if you have increased your kernel secure level 2+ :

  In addition, kernel time changes are restricted to less than or
  equal to one second.  Attempts to change the time by more 
than this

  will log the message ``Time adjustment clamped to +1 second''.

So grep for ntpd in /var/log/messages and I'm sure you will find the 
problem.


Other problem that I see is if you are behind NAT/firewall.
Because ntpd make a request and wait for response on different port, so 
check your firewall configuration and blocked packets.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]
  


--

Best Wishes,
Stefan Lambrev
ICQ# 24134177

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[[LoN]Kamikaze]

Stefan Lambrev wrote:
 Hi,
 
 [LoN]Kamikaze wrote:
 Doug Hardie wrote:
  
 On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:


 As the subject says, on my 6-stable systems ntpd just sits there and
 does
 nothing. The logs only mention when the daemon gets started or shut
 down. It
 complains when servers are not reachable, but does nothing when they
 are available.

 The drift file always contains 0.00.

 ntpdate and openntpd both successfully manage to set the time, so I
 suppose
 it's a problem with ntpd.
   
 Are you on a static IP address?  If not, ntpd obtains its IP address
 when it starts up and uses it forever.  If your IP address changes then
 it will not be able to communicate with the upstream ntp servers.  It
 has to be restarted everytime your IP address changes.
 

 I have a static address. The trouble is it seems to operate fine, only it
 forgets to change the time when it differs from the time servers too
 much.
 Sometimes my clock goes wrong more than 1 second within a day.
   
 ntpd will not change time if the difference is too big - I think it
 should be less then 1000s.
 ntpdate will :)
 
 Also if you have increased your kernel secure level 2+ :
 
   In addition, kernel time changes are restricted to less than or
   equal to one second.  Attempts to change the time by more than
 this
   will log the message ``Time adjustment clamped to +1 second''.
 
 So grep for ntpd in /var/log/messages and I'm sure you will find the
 problem.
 
 Other problem that I see is if you are behind NAT/firewall.
 Because ntpd make a request and wait for response on different port, so
 check your firewall configuration and blocked packets.

My securelevel is -1, even starting with an accurate clock ntpd just slowly
lets it drift away. I'm behind a 2 NATs, one of which I have no access to.
However openntpd and ntpdate don't seem to be troubled by this.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Vince]

Can you send the output of ntp.conf?



[LoN]Kamikaze wrote:
 Stefan Lambrev wrote:
 Hi,

 [LoN]Kamikaze wrote:
 Doug Hardie wrote:
  
 On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:


 As the subject says, on my 6-stable systems ntpd just sits there and
 does
 nothing. The logs only mention when the daemon gets started or shut
 down. It
 complains when servers are not reachable, but does nothing when they
 are available.

 The drift file always contains 0.00.

 ntpdate and openntpd both successfully manage to set the time, so I
 suppose
 it's a problem with ntpd.
   
 Are you on a static IP address?  If not, ntpd obtains its IP address
 when it starts up and uses it forever.  If your IP address changes then
 it will not be able to communicate with the upstream ntp servers.  It
 has to be restarted everytime your IP address changes.
 
 I have a static address. The trouble is it seems to operate fine, only it
 forgets to change the time when it differs from the time servers too
 much.
 Sometimes my clock goes wrong more than 1 second within a day.
   
 ntpd will not change time if the difference is too big - I think it
 should be less then 1000s.
 ntpdate will :)

 Also if you have increased your kernel secure level 2+ :

   In addition, kernel time changes are restricted to less than or
   equal to one second.  Attempts to change the time by more than
 this
   will log the message ``Time adjustment clamped to +1 second''.

 So grep for ntpd in /var/log/messages and I'm sure you will find the
 problem.

 Other problem that I see is if you are behind NAT/firewall.
 Because ntpd make a request and wait for response on different port, so
 check your firewall configuration and blocked packets.
 
 My securelevel is -1, even starting with an accurate clock ntpd just slowly
 lets it drift away. I'm behind a 2 NATs, one of which I have no access to.
 However openntpd and ntpdate don't seem to be troubled by this.
 ___
 freebsd-stable@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-stable
 To unsubscribe, send any mail to [EMAIL PROTECTED]

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[David Wolfskill]

On Fri, Jul 20, 2007 at 10:37:14AM +0300, Stefan Lambrev wrote:
 ...
 ntpd will not change time if the difference is too big - I think it 
 should be less then 1000s.
 ntpdate will :)
...

Please try to be a little more careful: the above is incorrect.

From ntpd(8):

 -g  Normally, ntpd exits with a message to the system log if the off-
 set exceeds the panic threshold, which is 1000 s by default.
 This option allows thetime to be set to any value without
 restriction; however, this can happen only once.  If the thresh-
 old is exceeded after that, ntpd will exit with a message to the
 system log.  This option can be used with the -q and -x options.
 See the tinker command for other options.

From ntpdate(8):

DESCRIPTION
 Note: The functionality of this program is now available in the ntpd(8)
 program.  See the -q command line option in the ntpd(8) page.  After a
 suitable period of mourning, the ntpdate utility is to be retired from
 this distribution.

Peace,
david
-- 
David H. Wolfskill  [EMAIL PROTECTED]
Anything and everything is a (potential) cat toy.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.


pgpMOPhEdpBMb.pgp
Description: PGP signature

Re: ntpd just sits there and does nothing

[Vivek Khera]

On Jul 20, 2007, at 3:37 AM, Stefan Lambrev wrote:


Other problem that I see is if you are behind NAT/firewall.
Because ntpd make a request and wait for response on different  
port, so check your firewall configuration and blocked packets.


we have zero problems with ntpd behind a NAT firewall.  The firewall  
has no special rules for ntp, but does 1:1 map the NTP server.


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[David Wolfskill]

On Thu, Jul 19, 2007 at 07:08:21PM +0200, [LoN]Kamikaze wrote:
 As the subject says, on my 6-stable systems ntpd just sits there and does
 nothing
 
 It seems what ntpd has in complexity it lacks in robustness. I'd prefer to 
 have
 openntpd in the base system. It seems to be very simple. And it works.

Eh; seems to work for me:

g1-18(6.2-S)[1] ntpdc -np
 remote   local  st poll reach  delay   offsetdisp
===
*172.16.8.12 172.17.1.18  4  128  377 0.00322 -0.003667 0.00871
g1-18(6.2-S)[2] uname -a
FreeBSD g1-18.catwhisker.org. 6.2-STABLE FreeBSD 6.2-STABLE #453: Wed Jul 18 
06:40:27 PDT 2007 [EMAIL PROTECTED]:/common/S1/obj/usr/src/sys/CANARY  i386
g1-18(6.2-S)[3] 

Peace,
david
-- 
David H. Wolfskill  [EMAIL PROTECTED]
Anything and everything is a (potential) cat toy.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.


pgpYeAGAzj7iu.pgp
Description: PGP signature

Re: ntpd just sits there and does nothing

[Doug Hardie]

On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:

As the subject says, on my 6-stable systems ntpd just sits there  
and does
nothing. The logs only mention when the daemon gets started or shut  
down. It
complains when servers are not reachable, but does nothing when  
they are available.


The drift file always contains 0.00.

ntpdate and openntpd both successfully manage to set the time, so I  
suppose

it's a problem with ntpd.


Are you on a static IP address?  If not, ntpd obtains its IP address  
when it starts up and uses it forever.  If your IP address changes  
then it will not be able to communicate with the upstream ntp  
servers.  It has to be restarted everytime your IP address changes.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[[LoN]Kamikaze]

Doug Hardie wrote:
 
 On Jul 19, 2007, at 10:08, [LoN]Kamikaze wrote:
 
 As the subject says, on my 6-stable systems ntpd just sits there and does
 nothing. The logs only mention when the daemon gets started or shut
 down. It
 complains when servers are not reachable, but does nothing when they
 are available.

 The drift file always contains 0.00.

 ntpdate and openntpd both successfully manage to set the time, so I
 suppose
 it's a problem with ntpd.
 
 Are you on a static IP address?  If not, ntpd obtains its IP address
 when it starts up and uses it forever.  If your IP address changes then
 it will not be able to communicate with the upstream ntp servers.  It
 has to be restarted everytime your IP address changes.

I have a static address. The trouble is it seems to operate fine, only it
forgets to change the time when it differs from the time servers too much.
Sometimes my clock goes wrong more than 1 second within a day.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Nicolas Rachinsky]

* Doug Hardie [EMAIL PROTECTED] [2007-07-19 10:32 -0700]:
  Are you on a static IP address?  If not, ntpd obtains its IP address when it 
  starts up and uses it forever.  If your IP address changes then it will not 
  be able to communicate with the upstream ntp servers.  It has to be 
  restarted everytime your IP address changes.

I use the attached patch to avoid the restarts. I used a similar patch
on 4.X for some years and noticed no bad effects.

Nicolas

-- 
http://www.rachinsky.de/nicolas
--- contrib/ntp/ntpd/ntp_io.c.orig  Tue Jul 20 17:01:27 2004
+++ contrib/ntp/ntpd/ntp_io.c   Fri Oct  6 00:32:31 2006
@@ -466,6 +466,14 @@
if (scan_ipv6 == ISC_FALSE  family == AF_INET6)
continue;
 
+   if(strncmp(isc_if.name,tun,3)==0)
+   {
+   if (debug)
+   printf(ignoring %s (tun*)\n, isc_if.name);
+   continue;
+   }
+
+
/* Check to see if we are going to use the interface */
if (address_okay(isc_if) == ISC_TRUE) {
convert_isc_if(isc_if, inter_list[idx], port);
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ntpd just sits there and does nothing

[Peter Jeremy]

On 2007-Jul-19 19:08:21 +0200, [LoN]Kamikaze [EMAIL PROTECTED] wrote:
As the subject says, on my 6-stable systems ntpd just sits there and does
nothing. The logs only mention when the daemon gets started or shut down. It
complains when servers are not reachable, but does nothing when they are 
available.

I have been running ntpd on FreeBSD 2.x thru 7.x without problems so I
suspect it's something in your configuration.

What does your 'ntp.conf' contain?
What does 'ntpdc -p -c kerni -c loopi -c sysi -c syss' give you?

openntpd in the base system. It seems to be very simple. And it works.

So does ntpd.

-- 
Peter Jeremy


pgpfaPadVFfmf.pgp
Description: PGP signature