I had a server with ntp configuration that would not synchronize with the ntp server.
The configuraiton was the default ntp.conf file, and I added one line for my ntp server . Something along the lines of:
server 10.11.12.13
Btw, to check who you are synchronizing with you can issue : "ntpstat". Also "ntpq -p" is very useful (the active server is marked with a "*").
after much research, I discovered that Fedora (and RedHat enterprise) comes with ntp.conf that has the following line : restrict default ignore
This command causes all the ntp responses to be ignored!!
The solution was to add the line:
restrict 10.11.12.13
which caused the server to allow this specific address to answer. You can add additional limitations, but I didn't bother.
Moreover, you can just get rid of the global ignore line, but just be aware that it will open your server up to ntp traffic from other places..
one more quick note. If you want to synchronize your server right now, and not wait for ntp to do it slowly .. do the following:
1. stop ntpd
2. issue the command : ntpdate
3. start ntpd
This will align your clock with your server immidiately, and then you can let ntpd be "on-guard".
ok, now you have no excuse to be out of sync..
No comments:
Post a Comment