 |
|
|
|
Next: Setting up soundcard on FreeBSD laptop
|
| Author |
Message |
External
Since: Dec 25, 2003
Posts: 4
|
(Msg. 1) Posted: Thu Dec 25, 2003 4:10 pm
Post subject: Can't get ntp 4.2.0 running
Archived from groups: comp>unix>bsd>freebsd>misc (more info?)
|
|
|
Hi,
I don't know what to do any more, ntp is driving me nuts. Even the simple
example in the Freebsd handbook does not work for me. I am using Freebsd
5.1 and I have build ntp 4.2.0 from the ports. With the following config
I get the following output:
/etc/ntp.conf
server ntp.tuxfamily.net
restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap
driftfile /var/db/ntp.drift
---------------------------
When a client connects (started with ntpd -d):
ntpd 4.2.0.RemoveThis@1.1161-r Thu Dec 25 15:41:53 CET 2003 (1)
addto_syslog: ntpd 4.2.0.RemoveThis@1.1161-r Thu Dec 25 15:41:53 CET 2003 (1)
addto_syslog: precision = 1.397 usec
create_sockets(123)
addto_syslog: no IPv6 interfaces found
bind() fd 4, family 2, port 123, addr 0.0.0.0, flags=8
bind() fd 5, family 2, port 123, addr 192.168.0.2, flags=8
bind() fd 6, family 2, port 123, addr 192.168.0.3, flags=8
bind() fd 7, family 2, port 123, addr 192.168.0.4, flags=8
bind() fd 8, family 2, port 123, addr 192.168.0.5, flags=8
bind() fd 9, family 2, port 123, addr 192.168.0.6, flags=8
bind() fd 10, family 2, port 123, addr 127.0.0.1, flags=0
init_io: maxactivefd 10
local_clock: at 0 state 0
key_expire: at 0
peer_clear: at 0 assoc ID 54524 refid INIT
newpeer: 192.168.0.2->80.67.179.98 mode 3 vers 4 poll 6 10 flags 0x1 0x1 ttl 0 key 00000000
report_event: system event 'event_restart' (0x01) status 'sync_alarm, sync_unspec, 1 event, event_unspec' (0xc010)
transmit: at 1 192.168.0.2->80.67.179.98 mode 3
auth_agekeys: at 1 keys 1 expired 0
timer: refresh ts 0
receive: at 1 192.168.0.2<-80.67.179.98 mode 4 code 1
peer 80.67.179.98 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0xa014)
clock_filter: n 1 off 1.122231 del 0.017626 dsp 7.937505 jit 0.000002, age 1
receive: at 17 192.168.0.2<-192.168.0.10 mode 3 code 2
receive: at 18 192.168.0.2<-192.168.0.10 mode 3 code 2
receive: at 19 192.168.0.2<-192.168.0.10 mode 3 code 2
receive: at 20 192.168.0.2<-192.168.0.10 mode 3 code 2
The client yelds (ntpdate -q 192.168.0.2):
server 192.168.0.2, stratum 0, offset 0.000000, delay 0.00000
25 Dec 16:02:05 ntpdate[28354]: no server suitable for synchronization found
----------------------------------------------------------------------------
1. What's up with it? Even if the restrict line in ntp.conf is deleted
the behaviour is the same.
2. Why the heck does ntp grab all my existing IPs? I wanted to run it
in a jailed environment - but I only found a 1 year old patch to bind
it on one IP...
Thanks much
Stefan |
|
| Back to top |
|
 | |
External
Since: Dec 26, 2003
Posts: 1
|
(Msg. 2) Posted: Fri Dec 26, 2003 10:13 am
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Stefan Nicolin wrote:
> server ntp.tuxfamily.net
> restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap
> driftfile /var/db/ntp.drift
You have to add ntp.tuxfamily.net's ip address to restrict section for
ntpd to work correctly. To my surprise that sections affects also time
servers you want to synchronize with!
--
Mikolaj Rydzewski http://ceti.pl/~miki/
PGP KeyID: e17c4bd5
There are three kinds of people: men, women, and unix. |
|
| Back to top |
|
| |
External
Since: Dec 25, 2003
Posts: 4
|
(Msg. 3) Posted: Fri Dec 26, 2003 2:08 pm
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Fri, 26 Dec 2003 10:13:15 +0000 (UTC)
Mikolaj Rydzewski wrote:
> Stefan Nicolin wrote:
>
> > server ntp.tuxfamily.net
> > restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap
> > driftfile /var/db/ntp.drift
>
> You have to add ntp.tuxfamily.net's ip address to restrict section for
> ntpd to work correctly. To my surprise that sections affects also time
> servers you want to synchronize with!
But why? According to the ntpd man page the restrict section only
works for numerical ip adresses. Then there will be no use for the dns
names wich are strongly recomended because the ip's may change.
Thanks but I dont't belive that this is the solution to my problem.
Stefan
>
> --
> Mikolaj Rydzewski http://ceti.pl/~miki/
> PGP KeyID: e17c4bd5
> There are three kinds of people: men, women, and unix.
> >> Stay informed about: Can't get ntp 4.2.0 running |
|
| Back to top |
|
| |
External
Since: Jul 13, 2003
Posts: 30
|
(Msg. 4) Posted: Sat Dec 27, 2003 12:26 pm
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
In article Stefan Nicolin
writes:
>
>I don't know what to do any more, ntp is driving me nuts. Even the simple
>example in the Freebsd handbook does not work for me. I am using Freebsd
>5.1 and I have build ntp 4.2.0 from the ports.
Any particular reason to not use the version in the base system?
>The client yelds (ntpdate -q 192.168.0.2):
>server 192.168.0.2, stratum 0, offset 0.000000, delay 0.00000
>25 Dec 16:02:05 ntpdate[28354]: no server suitable for synchronization found
>----------------------------------------------------------------------------
>
>1. What's up with it? Even if the restrict line in ntp.conf is deleted
>the behaviour is the same.
How long did you wait for ntpd to synchronize to the remote server? What
is the output of 'ntpq -p 192.168.0.2'? It's not synchronized (and hence
won't serve time) until you see a '*' in column 1 of that output.
>2. Why the heck does ntp grab all my existing IPs? I wanted to run it
>in a jailed environment - but I only found a 1 year old patch to bind
>it on one IP...
Well, does it matter? I can't see that it would be meaningful or even
possible to run more than one instance of ntpd on a host, and it
still runs in the jail even if it tries to listen on all IP addresses (I
assume that it can only be reached on the IP address associated with the
jail).
But the general reason is that when a query is sent to ntpd, it must
send a response with a source IP address that is the same as the
destination IP address of the query (otherwise the client won't accept
the response since it's coming from the wrong address). And the only way
to find out the destination address of a received UDP packet via the
IPv4 socket interface is to open a listening socket for each possible
address and see which socket the packet arrives on.
--Per Hedeland
per DeleteThis @hedeland.org >> Stay informed about: Can't get ntp 4.2.0 running |
|
| Back to top |
|
| |
External
Since: Dec 25, 2003
Posts: 4
|
(Msg. 5) Posted: Sat Dec 27, 2003 7:21 pm
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Sat, 27 Dec 2003 12:26:31 +0000 (UTC)
per.TakeThisOut@hedeland.org (Per Hedeland) wrote:
> In article Stefan Nicolin
> writes:
> >
> >I don't know what to do any more, ntp is driving me nuts. Even the simple
> >example in the Freebsd handbook does not work for me. I am using Freebsd
> >5.1 and I have build ntp 4.2.0 from the ports.
>
> Any particular reason to not use the version in the base system?
Yes, I got the following error message:
addto_syslog: select(): nfound=-1, error: Interrupted system call
Description: http://bugzilla.ntp.org/show_bug.cgi?id=220
>
> >The client yelds (ntpdate -q 192.168.0.2):
> >server 192.168.0.2, stratum 0, offset 0.000000, delay 0.00000
> >25 Dec 16:02:05 ntpdate[28354]: no server suitable for synchronization found
> >----------------------------------------------------------------------------
> >
> >1. What's up with it? Even if the restrict line in ntp.conf is deleted
> >the behaviour is the same.
>
> How long did you wait for ntpd to synchronize to the remote server? What
> is the output of 'ntpq -p 192.168.0.2'? It's not synchronized (and hence
> won't serve time) until you see a '*' in column 1 of that output.
Hm, you are right - I was very impatient.
>
> >2. Why the heck does ntp grab all my existing IPs? I wanted to run it
> >in a jailed environment - but I only found a 1 year old patch to bind
> >it on one IP...
>
> Well, does it matter? I can't see that it would be meaningful or even
> possible to run more than one instance of ntpd on a host, and it
> still runs in the jail even if it tries to listen on all IP addresses (I
> assume that it can only be reached on the IP address associated with the
> jail).
That's the output of the jailed version:
(jail /jail/ntp time.nicolinux.home 192.168.0.6 /usr/local/bin/ntpd -d -p /var/run/ntpd.pid -l /var/log/ntpd.log)
addto_syslog: logging to file /var/log/ntpd.log
ntpd 4.2.0.TakeThisOut@1.1161-r Thu Dec 25 05:00:48 CET 2003 (1)
addto_syslog: logging to file /var/log/ntpd.log
addto_syslog: ntpd 4.2.0.TakeThisOut@1.1161-r Thu Dec 25 05:00:48 CET 2003 (1)
addto_syslog: precision = 1.397 usec
create_sockets(123)
addto_syslog: no IPv6 interfaces found
bind() fd 3, family 2, port 123, addr 0.0.0.0, flags=8
addto_syslog: bind() fd 5, family 2, port 123, addr 192.168.0.6, in_classd=0 flags=8 fails: Address already in use
init_io: maxactivefd 3
local_clock: at 0 state 0
resolving time.flygplats.net
addto_syslog: getaddrinfo: "192.168.0.10" invalid host address, line ignored
report_event: system event 'event_restart' (0x01) status 'sync_alarm, sync_unspec, 1 event, event_unspec' (0xc010)
auth_agekeys: at 1 keys 1 expired 0
timer: refresh ts 0
-------------------
the ntp.conf:
server time.flygplats.net
restrict 192.168.0.10 mask 255.255.255.0 notrust nomodify notrap
driftfile /var/db/ntp.drift
>
> But the general reason is that when a query is sent to ntpd, it must
> send a response with a source IP address that is the same as the
> destination IP address of the query (otherwise the client won't accept
> the response since it's coming from the wrong address). And the only way
> to find out the destination address of a received UDP packet via the
> IPv4 socket interface is to open a listening socket for each possible
> address and see which socket the packet arrives on.
>
Thanks
> --Per Hedeland
> per.TakeThisOut@hedeland.org >> Stay informed about: Can't get ntp 4.2.0 running |
|
| Back to top |
|
| |
External
Since: Jul 13, 2003
Posts: 30
|
(Msg. 6) Posted: Sat Dec 27, 2003 7:39 pm
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
In article Stefan Nicolin
writes:
>On Sat, 27 Dec 2003 12:26:31 +0000 (UTC)
>per@hedeland.org (Per Hedeland) wrote:
>
>> In article Stefan Nicolin
>> writes:
>> >
>> >I don't know what to do any more, ntp is driving me nuts. Even the simple
>> >example in the Freebsd handbook does not work for me. I am using Freebsd
>> >5.1 and I have build ntp 4.2.0 from the ports.
>>
>> Any particular reason to not use the version in the base system?
>
>Yes, I got the following error message:
>addto_syslog: select(): nfound=-1, error: Interrupted system call
>
>Description: http://bugzilla.ntp.org/show_bug.cgi?id=220
Hm, but that report is for the very version you use, from the ports -
4.2.0 RemoveThis @1.1161-r. As far as I can see the base system version in FBSD 5.1
is still 4.1.1b.
>Hm, you are right - I was very impatient.
So it works now?
>That's the output of the jailed version:
>bind() fd 3, family 2, port 123, addr 0.0.0.0, flags=8
>addto_syslog: bind() fd 5, family 2, port 123, addr 192.168.0.6,
>in_classd=0 flags=8 fails: Address already in use
So something else is listening on port 123? What?
>init_io: maxactivefd 3
>local_clock: at 0 state 0
>resolving time.flygplats.net
>addto_syslog: getaddrinfo: "192.168.0.10" invalid host address, line ignored
>
>report_event: system event 'event_restart' (0x01) status 'sync_alarm,
>sync_unspec, 1 event, event_unspec' (0xc010)
>auth_agekeys: at 1 keys 1 expired 0
>timer: refresh ts 0
>-------------------
>the ntp.conf:
>server time.flygplats.net
>restrict 192.168.0.10 mask 255.255.255.0 notrust nomodify notrap
Well, this line is clearly invalid, since <address> & 255.255.255.0 will
never yield 192.168.0.10. Not sure if that's what the getaddrinfo line
complains about.
By the way, I have to wonder whether it's really possible to run ntpd in
a jail. After all, the primary purpose of ntpd is to control your system
clock, and I don't think a jailed process should be able to do that.
Perhaps it could work just serving time to other hosts, without
controlling the local system clock, but that may need some tweaks to the
config.
--Per Hedeland
per RemoveThis @hedeland.org >> Stay informed about: Can't get ntp 4.2.0 running |
|
| Back to top |
|
| |
External
Since: Dec 25, 2003
Posts: 4
|
(Msg. 7) Posted: Mon Dec 29, 2003 12:35 am
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Sat, 27 Dec 2003 19:39:26 +0000 (UTC)
per.DeleteThis@hedeland.org (Per Hedeland) wrote:
> In article Stefan Nicolin
> writes:
> >On Sat, 27 Dec 2003 12:26:31 +0000 (UTC)
> >per@hedeland.org (Per Hedeland) wrote:
> >
> >> In article Stefan Nicolin
> >> writes:
> >> >
> >> >I don't know what to do any more, ntp is driving me nuts. Even the simple
> >> >example in the Freebsd handbook does not work for me. I am using Freebsd
> >> >5.1 and I have build ntp 4.2.0 from the ports.
> >>
> >> Any particular reason to not use the version in the base system?
> >
> >Yes, I got the following error message:
> >addto_syslog: select(): nfound=-1, error: Interrupted system call
> >
> >Description: http://bugzilla.ntp.org/show_bug.cgi?id=220
>
> Hm, but that report is for the very version you use, from the ports -
> 4.2.0.DeleteThis@1.1161-r. As far as I can see the base system version in FBSD 5.1
> is still 4.1.1b.
I got confused by the two versions. First I didn't notice that I hat two
versions installed.
>
> >Hm, you are right - I was very impatient.
>
> So it works now?
Didn't have the time to check. It came to my mind that it might also be
the firewall. I'am using Openbsd with nat routing. I also setup a
redirect rule for the specific ip for the ntp host - in the short time
i have tried it, it made no progress.
>
> >That's the output of the jailed version:
>
> >bind() fd 3, family 2, port 123, addr 0.0.0.0, flags=8
> >addto_syslog: bind() fd 5, family 2, port 123, addr 192.168.0.6,
> >in_classd=0 flags=8 fails: Address already in use
>
> So something else is listening on port 123? What?
That can not be. Checked it with netstat. The ip is a alias
(doh' - then I should use 255.255.255.255)
>
> >init_io: maxactivefd 3
> >local_clock: at 0 state 0
> >resolving time.flygplats.net
> >addto_syslog: getaddrinfo: "192.168.0.10" invalid host address, line ignored
> >
> >report_event: system event 'event_restart' (0x01) status 'sync_alarm,
> >sync_unspec, 1 event, event_unspec' (0xc010)
> >auth_agekeys: at 1 keys 1 expired 0
> >timer: refresh ts 0
> >-------------------
> >the ntp.conf:
> >server time.flygplats.net
> >restrict 192.168.0.10 mask 255.255.255.0 notrust nomodify notrap
>
> Well, this line is clearly invalid, since <address> & 255.255.255.0 will
> never yield 192.168.0.10. Not sure if that's what the getaddrinfo line
> complains about.
Why is this invalid?
>
> By the way, I have to wonder whether it's really possible to run ntpd in
> a jail. After all, the primary purpose of ntpd is to control your system
> clock, and I don't think a jailed process should be able to do that.
> Perhaps it could work just serving time to other hosts, without
> controlling the local system clock, but that may need some tweaks to the
> config.
That should be its only use - serving time to my clients.
>
> --Per Hedeland
> per.DeleteThis@hedeland.org
> >> Stay informed about: Can't get ntp 4.2.0 running |
|
| Back to top |
|
| |
External
Since: Jul 13, 2003
Posts: 30
|
(Msg. 8) Posted: Mon Dec 29, 2003 7:53 pm
Post subject: Re: Can't get ntp 4.2.0 running [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
In article Stefan Nicolin
writes:
>On Sat, 27 Dec 2003 19:39:26 +0000 (UTC)
>per@hedeland.org (Per Hedeland) wrote:
>> In article Stefan Nicolin
>> writes:
>> >That's the output of the jailed version:
>>
>> >bind() fd 3, family 2, port 123, addr 0.0.0.0, flags=8
>> >addto_syslog: bind() fd 5, family 2, port 123, addr 192.168.0.6,
>> >in_classd=0 flags=8 fails: Address already in use
>
>> So something else is listening on port 123? What?
>
>That can not be. Checked it with netstat. The ip is a alias
>(doh' - then I should use 255.255.255.255)
Hm, well, "Address already in use" generally means just that - don't
know if jails can make it happen for other reasons.
>> >the ntp.conf:
>> >server time.flygplats.net
>> >restrict 192.168.0.10 mask 255.255.255.0 notrust nomodify notrap
>>
>> Well, this line is clearly invalid, since <address> & 255.255.255.0 will
>> never yield 192.168.0.10. Not sure if that's what the getaddrinfo line
>> complains about.
>
>Why is this invalid?
"restrict <foo> mask <bar> <whatever>" means "apply <whatever> to
incoming packets where (<source-IP-address> bitwise-and <bar>) equals
<foo>". There is no IP address that when bitwise-and'ed with
255.255.255.0 will equal 192.168.0.10, since bitwise-and'ing any IP
address with 255.255.255.0 will always yield something where the last
octet is 0. Hence the restrict line above will never have any effect,
and it might be the case that this is detected as the line is parsed.
>> By the way, I have to wonder whether it's really possible to run ntpd in
>> a jail. After all, the primary purpose of ntpd is to control your system
>> clock, and I don't think a jailed process should be able to do that.
>> Perhaps it could work just serving time to other hosts, without
>> controlling the local system clock, but that may need some tweaks to the
>> config.
>
>That should be its only use - serving time to my clients.
So you don't want the local clock of the box running ntpd to be kept in
sync with reality? IIRC, you can get this effect with 'disable ntp' in
the ntp.conf, but the exact wording may be dependent on the version of
NTP code.
--Per Hedeland
per RemoveThis @hedeland.org >> Stay informed about: Can't get ntp 4.2.0 running |
|
| Back to top |
|
| |
| Related Topics: | Installation & fdisk partitioning (slices) - I picked up a copy of the "FreeBSD Handbook 2nd Ed" the other day, it came with a installation disk for version 5.1 Current and that is what I am trying to install. This is my first attempt to do anything with FreeBSD. First let me describe my...
CVSup vs. portupgrade - Reading from the FreeBSD handbook on "Using the Ports Collection" leaves me a bit confused wrt CVSup and portupgrade... do these utilities accomplish the same thing? Thanks, Jay _______________________________________________..
configuring freebsd dhcp server/router to listen on device - Hello, Im trying to move away from my linksys wireless router and move onto an old Pentium 200 Mhz I have. It will be the gateway between my modem and my network. I installed isc-dhcp3 on the box and took the sample dhcp.conf file in the freebsd..
PPP - Hi! I'm french and don't understand the chapter 18.2.1.2 (Creating PPP device Nodes) in the freeBSD handbook. Precicely I don't understand what is N in the first paragraph. Is it necessary to change the tun0? I have an other question.(I'm sorry if it..
PPP - Hi!! In the FreeBSD handbook, the chapter 18.3.3 talk about the file /etc/ppp/options. I think I must create it and copy that it's written in the handbook concerning this file but I'm not sure. Xavier --------------------------------- Yahoo! Mail... |
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Search
Profile
Private Messages
Log in
