|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Local NTPd Server "bad peer"
Hi all,
I can't seem to figure out what the problem is. I'm trying to have one of my OpenBSD (4.5) boxes act as a local NTP server. The box will fetch the time from the net and serve out to devices inside my network. The time seems accurate on this box. (BSD1) I have connected a second OpenBSD box (4.5) and directed it to use the first box as its NTP peer and get the follow error. Code:
Dec 13 15:34:57 BSD2 ntpd[13067]: bad peer 192.168.244.1 (192.168.244.1) These two machines are on the same subnet (192.168.244.0/24) similar to the below Internet <-> BSD1 <-> Switch <-> BSD2 BSD1 would also be the Gateway. ntpd.conf on BSD1 is: Code:
listen on 192.168.244.1 server 0.ca.pool.ntp.org server 1.ca.pool.ntp.org server 2.ca.pool.ntp.org Is there authentication? Please let me know, Thanks! |
|
|||
Assuming you have daemonized ntpd by not specifying the -d switch in /etc/rc.conf.local, the daemon will log to /var/log/daemon. Depending upon the accuracy of the system's crystal:
Quote:
Quote:
Quote:
You should become familiar with the ntpd(8) & ntpd.conf(5) manpages. Likewise, there has been a number of discussions on misc@ about "bad peer" proclamations: http://marc.info/?l=openbsd-misc&w=2...d+bad+peer&q=b Be forewarned that the syntax of ntpd.conf has changed over the last several releases, so read the oldest threads with caution. |
|
|||
Hi all,
Thanks for the replies. I'm a little confused by what was written above. I'm pretty sure the whole idea of listen is to allow incoming connections. Otherwise how do you setup an NTP server? I've adjusted my PF rules and I believe perhaps that they were conflicting. I now have a new "error", although from reading online I don't think its really an "error". Code:
Aug 20 13:28:44 BSD2 ntpd[16325]: reply from 192.168.244.1: not synced, next query 3259s I tried manually setting the clock but that didn't resolve the "errors". Any comments? Thanks! |
|
|||
What's hard to understand? before any NTP server can serve clients.. it first must be totally synchronized with another time source, whether that's a remote server or a local timedelta sensor.. it doesn't mater.
This is the kind of daemon that you simply ignore.. the time will be updated incrementally. You can use rdate(8) with the -n argument (..SNTP protocol) for immediate updates.. but if you're losing a lot of time, then it seems likely that the clock battery is dying and you'll need to replace it. Last edited by BSDfan666; 20th August 2009 at 05:58 PM. |
|
||||
ntpd(8) makes very small clock adjustments, unless you start it with the -s parameter. Two excerpts from the man page:
Quote:
If you want instant synchronization, use -s, or, as bsdfan and the man page say, use rdate. |
|
|||
Quote:
I already am running NTP as follows: Code:
ntpd_flags="-s" Quote:
Code:
server 0.ca.pool.ntp.org server 1.ca.pool.ntp.org server 2.ca.pool.ntp.org I tried manually using rdate first on the NTP Server and than on the BSD2 machine. on BSD1 came back with about 20 lines of: (rdate -ncv 0.ca.pool.ntp.org) rdate: Invalid cookie received, packet rejected and ended with: rdate: adjust local clock by 36.102187 seconds on BSD2 it seemed to just fail: (rdate -ncv 192.168.244.1) rdate: Ignoring NTP server with alarm flag set rdate: Unable to get a reasonable time estimate Thanks for your help. |
|
|||
The listen option allows you to select which interface you wish to listen on.. it accepts * as a wildcard for all interfaces, or the IPv4/IPv6 address of a single interface.
If the system you call BSD1 is 192.168.224.1, then the correct option would be listen on 192.168.244.1. Now all hosts on your subnet can add server 192.168.244.1 except for BSD1, get it? Hope that helps... EDIT: I'd also recommend trying to find a local NTP server, perhaps your ISP has one.. or a local college/university. Last edited by BSDfan666; 20th August 2009 at 11:01 PM. |
|
|||
Quote:
If the local time server is not synchronized with the upstream time servers, the local time server will also not be providing any NTP updates to your local clients -- hence it is not surprising that the clients may be exhibiting the wrong time if the local time server itself is not synchronized or configured correctly. No log messages has been posted from /var/log/daemon, so it is anyone's guess as to the current state of your local time server. |
|
||||
My /etc/hostname.fxp1
Code:
inet 192.168.2.1 255.255.255.0 192.168.2.255 \ media 100baseTX mediaopt full-duplex \ group inside description "SoHo LAN" inet alias 192.168.2.2 255.255.255.255 NONE inet alias 192.168.2.3 255.255.255.255 NONE My /etc/rc.conf.local Code:
ntpd_flags="-s" Code:
# $OpenBSD: ntpd.conf,v 1.8 2007/07/13 09:05:52 henning Exp $ # sample ntpd configuration file, see ntpd.conf(5) listen on 192.168.2.3 # my LAN listen on 127.0.0.1 listen on 192.168.3.3 # my WiFi listen on 192.168.7.3 # my VoIP and DMZ # server 0.ca.pool.ntp.org server 1.ca.pool.ntp.org server 2.ca.pool.ntp.org server 3.ca.pool.ntp.org # - Your /etc/pf.conf must PASS OUT on INTERNET interface UDP-NTP with state and PASS IN on LAN interface UDP-NTP with state from itself. Please post your pf.conf. /S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience. Last edited by s2scott; 21st August 2009 at 11:03 PM. |
|
||||
Note, as has been mentioned, the ntp daemon will NOT start serving time UNLESS and UNTIL it is sync's AND the DRIFT PRECISION (aka. CLOCK DISCIPLINE) self-adjusts to some very tight tolerance (stability).
http://www.openbsd.org/faq/faq6.html#OpenNTPD, reads, in part, Quote:
/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience. |
|
|||
Hi all. Thanks for your input.
I'll start from the earlier posts first. (will post new configs...etc at the end) BSDfan666: In regards to the listen address...etc I have had all of that set already. I had modified my NTP servers to be "more" local however I don't see this as being beneficial over a round-robin relay "server 0.ca.pool.ntp.org" ocicat: Quote:
Quote:
s2scott: Thanks your configs look pretty much the same as mine when I started with the exception of your interfaces. Configs and Logs: [BSD1] /etc/ntpd.conf Code:
listen on 192.168.244.1 server 128.100.56.135 #tick.utoronto.ca server 128.100.100.128 #tock.utoronto.ca server 136.159.2.254 #subitaneous.cpsc.ucalgary.ca server 128.233.3.101 #tock.usask.ca server 128.233.3.100 #tick.usask.ca I've noticed daemon is getting fairly cluttered. Is it possible to send NTP to it's own log? Recent Logs of synchronization: Code:
Aug 25 13:09:17 BSD1 ntpd[24780]: peer 128.100.100.128 now valid Aug 25 13:13:20 BSD1 ntpd[27339]: adjusting local clock by 4309.229700s Aug 25 13:13:51 BSD1 ntpd[27339]: adjusting local clock by 4309.074970s Aug 25 13:18:06 BSD1 ntpd[27339]: adjusting local clock by 4307.826573s ... Note this seems to be fairly constant and has been going all weekend with no noticeable difference in the actual time Aprox system date related to logs (minute/sec maybe slightly off) # date Tue Aug 25 13:19:50 EDT 2009 Actual time is Tue Aug 25 14:xx:xx EDT 2009 Thanks for your help! |
|
||||
Quote:
|
|
|||
Thanks for your replies.
Quote:
Code:
/usr/share/zoneinfo Quote:
However 1 h or 1h 11m is still not good in either case. lol I'm curious on investigating this time zone/daylight settings more. If there are further settings than specifying my zone than those must be the cause. Thanks! |
|
||||
Solve one problem at a time. Lets get your local server synced properly, which is only one of your problems:
Step 1: Get your system you want acting as a time server into sync, at once. a) Stop your ntpd client, b) restart ntpd, and use the -s option to sync immediately. # pkill ntpd # ntpd -s Step 2: Check your local time $ date Step 3: Are you still running with the wrong time now? One hour off? Minutes off? Multiple hours off? If you are exactly one hour off, you likely have a timezone problem. Confirm you are using the correct timezone file:If the time is still incorrect after ntpd -s, but something other than exactly one hour, please let us know. |
|
|||
Thanks for the reply.
I have done as indicated. On BSD1: killing and running ntpd seems to have helped. I did on both, waiting a bit before running on BSD2. /var/log/daemon Code:
Aug 26 12:18:51 BSD1 ntpd[24780]: ntp engine exiting Aug 26 12:18:51 BSD1 ntpd[27339]: Terminating Aug 26 12:18:58 BSD1 ntpd[6422]: listening on 192.168.244.1 Aug 26 12:18:58 BSD1 ntpd[6422]: ntp engine ready Aug 26 13:23:58 BSD1 ntpd[20099]: set local clock to Wed Aug 26 13:23:58 EDT 2009 (offset 3899.397859s) Aug 26 13:24:20 BSD1 ntpd[6422]: peer 128.100.56.135 now valid Aug 26 13:24:22 BSD1 ntpd[6422]: peer 128.100.100.128 now valid Aug 26 13:24:23 BSD1 ntpd[6422]: peer 136.159.2.254 now valid Aug 26 13:28:57 BSD1 ntpd[6422]: 3 out of 5 peers valid Aug 26 13:28:57 BSD1 ntpd[6422]: bad peer 128.233.3.101 (128.233.3.101) Aug 26 13:28:57 BSD1 ntpd[6422]: bad peer 128.233.3.100 (128.233.3.100) Aug 26 13:29:33 BSD1 ntpd[6422]: clock is now synced BSD2: /var/log/daemon Code:
Aug 26 13:31:59 BSD2 ntpd[2659]: ntp engine exiting Aug 26 13:32:06 BSD2 ntpd[24777]: ntp engine ready Aug 26 13:32:58 BSD2 ntpd[1217]: set local clock to Wed Aug 26 13:32:58 EDT 2009 (offset 51.747407s) I will keep any eye on this for the next little while to see if the changes "stick" this time. :P Thanks for all your help! Glad the time is finally working. |
|
|||
Well come to think of it, why isn't "-s" working as normal? I have always had it in my rc.conf.local. Should it not be applied at boot? I've rebooted several times.
Code:
ntpd_flags="-s" |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Opera Port - conflicting pkgs in "make install" | IronForge | OpenBSD Packages and Ports | 5 | 29th October 2009 05:10 AM |
Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia" | jb_daefo | Guides | 0 | 5th October 2009 09:31 PM |
"Thanks" and "Edit Tags". | diw | Feedback and Suggestions | 2 | 29th March 2009 12:06 AM |
Scripted sysinstall fails with "Command 'system' failed" | PeterSteele | FreeBSD Installation and Upgrading | 0 | 13th November 2008 11:31 PM |