Advertisement
Hi,<\/p>\n
I have an NTP server (Cent OS IP 192.168.102.129) which is configured to sync time from Singapore NTP, the client is from Europe (also a Cent OS 192.168.102.140), I want the client to sync its time from the NTP server, but it doesnt not sync.<\/p>\n
I have changed the NTP server’s timezone to Singapore, thus not sure if it is the right way, googled and got the NTP server to sync from Singapore NTP server pool, this part works, I can’t get the client to sync from the Cent OS NTP Server.<\/p>\n
Could some one guide me how to get the client to sync it’s time from Singapore while being in Europe.<\/p>\n
I tried the settings I used for the NTP server, on the client, with server address of the NTP server, I get this error: no server suitable for synchronization found<\/strong> all the time when I try the ntpq -p command.<\/p>\n Both Cent OS are VM machines<\/p>\n Thank You<\/p>","upvoteCount":2,"answerCount":15,"datePublished":"2018-12-26T16:20:24.000Z","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"},"suggestedAnswer":[{"@type":"Answer","text":" Hi,<\/p>\n I have an NTP server (Cent OS IP 192.168.102.129) which is configured to sync time from Singapore NTP, the client is from Europe (also a Cent OS 192.168.102.140), I want the client to sync its time from the NTP server, but it doesnt not sync.<\/p>\n I have changed the NTP server’s timezone to Singapore, thus not sure if it is the right way, googled and got the NTP server to sync from Singapore NTP server pool, this part works, I can’t get the client to sync from the Cent OS NTP Server.<\/p>\n Could some one guide me how to get the client to sync it’s time from Singapore while being in Europe.<\/p>\n I tried the settings I used for the NTP server, on the client, with server address of the NTP server, I get this error: no server suitable for synchronization found<\/strong> all the time when I try the ntpq -p command.<\/p>\n Both Cent OS are VM machines<\/p>\n Thank You<\/p>","upvoteCount":2,"datePublished":"2018-12-26T16:20:24.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/1","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":" If you are using NTPD or Chrony, you need to allow clients in the config file (/etc/ntp.conf or /etc/chrony.conf). You also need to allow TCP and UDP access to port 123 in the firewall.<\/p>","upvoteCount":0,"datePublished":"2018-12-26T16:56:06.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/2","author":{"@type":"Person","name":"ericross1623","url":"https://community.spiceworks.com/u/ericross1623"}},{"@type":"Answer","text":" Thanks for the reply, this is for the client or the server or both…<\/p>","upvoteCount":0,"datePublished":"2018-12-26T17:07:01.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/3","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":" The server config file needs to allow access by clients on specific subnets. The server also needs to allow incoming traffic on port 123 in the firewall. Chrony is the replacement for NTPD (at least in the RHEL/CentOS world). I find it easier to use.<\/p>","upvoteCount":0,"datePublished":"2018-12-26T17:13:03.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/4","author":{"@type":"Person","name":"ericross1623","url":"https://community.spiceworks.com/u/ericross1623"}},{"@type":"Answer","text":" Tried to allow with the following using IP Tables, the client still does not sync with the server…<\/p>\n iptables -A INPUT -p udp -m state --state NEW -m udp --dport 123 -j ACCEPT # Allowing NTP via UDP port Thank you<\/p>","upvoteCount":0,"datePublished":"2018-12-26T19:19:40.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/5","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":" This is what I get…<\/p>\n 192.168.102.129 .INIT. 16 u - 128 0 0.000 0.000 0.000<\/p>\n [root@localhost ~]# netstat<\/p>\n unsynchronised<\/p>\n time server re-starting From the client, run ntpdate like this (substitute the correct server name) to see what response you get.<\/p>\n ntpdate -v myserver<\/p>\n This should show something like this:<\/p>\n 26 Dec 15:59:13 ntpdate[18377]: ntpdate [email protected] Fri Jan 26 02:18:05 UTC 2018 (1) You may need to install the ntpdate package.<\/p>","upvoteCount":0,"datePublished":"2018-12-26T20:02:30.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/7","author":{"@type":"Person","name":"ericross1623","url":"https://community.spiceworks.com/u/ericross1623"}},{"@type":"Answer","text":" Thanks, I got the below reply…<\/p>\n root@localhost ~]# ntpdate -v 192.168.102.129 This is from ntp.log<\/p>\n 26 Dec 21:00:00 ntpd[3577]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 Could you let me know what clarification I need to do on the Server and what on the client, this is what I have done:<\/p>\n Server<\/strong><\/p>\n timedatectl set-timezone “Asia/Singapore” # Set timezone to Singapore Firewall<\/strong> ntp.conf file<\/strong><\/p>\n driftfile /var/lib/ntp/drift<\/p>\n restrict default nomodify notrap nopeer noquery<\/p>\n restrict 127.0.0.1 restrict 192.168.102.0<\/strong> mask 255.255.255.0 nomodify notrap # The nomodify options changing the configuration, The notrap option prevents ntpdc control message protocol traps.<\/p>\n server 0.sg.pool.ntp.org<\/a> iburst<\/strong> #broadcast<\/span> 192.168.1.255 autokey ntpq -p Client<\/strong><\/p>\n What do I need to do on the client, haven’t been able to find anything on it, so I tried the same with the client, except in place of time servers I added the IP of NTP server created above, am I correct ?<\/p>\n Thank You<\/p>","upvoteCount":0,"datePublished":"2018-12-26T20:13:35.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/9","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":" I’m not an IP Tables wizard but you might try adding the state ESTABLISHED to your firewall state tables for both UDP and TCP<\/p>","upvoteCount":0,"datePublished":"2018-12-26T20:15:58.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/10","author":{"@type":"Person","name":"lewpaceley","url":"https://community.spiceworks.com/u/lewpaceley"}},{"@type":"Answer","text":" I get the below message when I try ntpq -p 192.168.102.129<\/p>\n ntpq: read: No route to host<\/p>","upvoteCount":0,"datePublished":"2018-12-26T20:53:00.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/11","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":" To run ntpdate, you’ll need to stop the ntpd service on the client.<\/p>\n I’m not seeing a problem with your configs. I used to have issues with ntpd in the past with clients, so I would use “ntpdate myserver > /dev/null” in crontab every hour to sync the time.<\/p>\n You could try using chrony instead (chronyd is the service chronyc is the CLI access). I’ve found it to work more reliably (at least for me). The syntax in /etc/chrony.conf is similar.<\/p>\n yum install -y chrony<\/p>\n systemctl enable chronyd<\/p>\n systemctl start chronyd<\/p>","upvoteCount":0,"datePublished":"2018-12-26T21:03:07.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/12","author":{"@type":"Person","name":"ericross1623","url":"https://community.spiceworks.com/u/ericross1623"}},{"@type":"Answer","text":" Appreciate that, receiving the below error with ntpdate… On the client, can you run an nmap scan:<\/p>\n nmap -sU myserver -p 123<\/p>\n The result should be something like:<\/p>\n PORT STATE SERVICE BTW, run chronyd on the server and the client as a replacement for ntpd.<\/p>","upvoteCount":0,"datePublished":"2018-12-26T21:15:50.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/14","author":{"@type":"Person","name":"ericross1623","url":"https://community.spiceworks.com/u/ericross1623"}},{"@type":"Answer","text":" Again, appreciate your consistent help…<\/p>","upvoteCount":0,"datePublished":"2018-12-26T21:40:13.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/15","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}}]}}
\niptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 123 -j ACCEPT # Allowing NTP via TCP port<\/p>\n<\/a>[root@localhost ~]# ntpq -pn
\nremote refid st t when poll reach delay offset jitter<\/h1>\n
\npolling server every 8 s
\nIts been like this for a very long time now…<\/p>","upvoteCount":0,"datePublished":"2018-12-26T19:22:37.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/6","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":"
\n26 Dec 15:59:13 ntpdate[18377]: adjust time server 192.168.0.1 offset 0.020776 sec<\/p>\n
\n26 Dec 21:07:07 ntpdate[4056]: ntpdate [email protected] Fri Apr 13 12:52:28 UTC 2018 (1)
\n26 Dec 21:07:07 ntpdate[4056]: the NTP socket is in use, exiting<\/p>\n
\n26 Dec 21:00:00 ntpd[3577]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
\n26 Dec 21:00:00 ntpd[3577]: Listen and drop on 1 v6wildcard :: UDP 123
\n26 Dec 21:00:00 ntpd[3577]: Listen normally on 2 lo 127.0.0.1 UDP 123
\n26 Dec 21:00:00 ntpd[3577]: Listen normally on 3 ens33 192.168.102.140 UDP 123
\n26 Dec 21:00:00 ntpd[3577]: Listen normally on 4 virbr0 192.168.122.1 UDP 123
\n26 Dec 21:00:00 ntpd[3577]: Listen normally on 5 lo ::1 UDP 123
\n26 Dec 21:00:00 ntpd[3577]: Listening on routing socket on fd #22<\/span> for interface updates
\n26 Dec 21:00:01 ntpd[3577]: 0.0.0.0 c016 06 restart
\n26 Dec 21:00:01 ntpd[3577]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
\n26 Dec 21:00:01 ntpd[3577]: 0.0.0.0 c011 01 freq_not_set
\n26 Dec 21:00:08 ntpd[3577]: 0.0.0.0 c61c 0c clock_step +67.542247 s
\n26 Dec 21:01:16 ntpd[3577]: 0.0.0.0 c614 04 freq_mode
\n26 Dec 21:01:18 ntpd[3577]: 0.0.0.0 c618 08 no_sys_peer
\n26 Dec 21:03:36 ntpd[3830]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
\n26 Dec 21:03:36 ntpd[3830]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
\n26 Dec 21:03:36 ntpd[3830]: Listen and drop on 1 v6wildcard :: UDP 123
\n26 Dec 21:03:36 ntpd[3830]: Listen normally on 2 lo 127.0.0.1 UDP 123
\n26 Dec 21:03:36 ntpd[3830]: Listen normally on 3 ens33 192.168.102.140 UDP 123
\n26 Dec 21:03:36 ntpd[3830]: Listen normally on 4 virbr0 192.168.122.1 UDP 123
\n26 Dec 21:03:36 ntpd[3830]: Listen normally on 5 lo ::1 UDP 123
\n26 Dec 21:03:36 ntpd[3830]: Listening on routing socket on fd #22<\/span> for interface updates
\n26 Dec 21:03:36 ntpd[3830]: 0.0.0.0 c016 06 restart
\n26 Dec 21:03:36 ntpd[3830]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
\n26 Dec 21:03:36 ntpd[3830]: 0.0.0.0 c011 01 freq_not_set
\n26 Dec 21:03:44 ntpd[3830]: 0.0.0.0 c614 04 freq_mode
\n26 Dec 21:04:32 ntpd[3830]: ntpd exiting on signal 15
\n26 Dec 21:04:32 ntpd[3877]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
\n26 Dec 21:04:32 ntpd[3877]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
\n26 Dec 21:04:32 ntpd[3877]: Listen and drop on 1 v6wildcard :: UDP 123
\n26 Dec 21:04:32 ntpd[3877]: Listen normally on 2 lo 127.0.0.1 UDP 123
\n26 Dec 21:04:32 ntpd[3877]: Listen normally on 3 ens33 192.168.102.140 UDP 123
\n26 Dec 21:04:32 ntpd[3877]: Listen normally on 4 virbr0 192.168.122.1 UDP 123
\n26 Dec 21:04:32 ntpd[3877]: Listen normally on 5 lo ::1 UDP 123
\n26 Dec 21:04:32 ntpd[3877]: Listening on routing socket on fd #22<\/span> for interface updates
\n26 Dec 21:04:32 ntpd[3877]: 0.0.0.0 c016 06 restart
\n26 Dec 21:04:32 ntpd[3877]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
\n26 Dec 21:04:32 ntpd[3877]: 0.0.0.0 c011 01 freq_not_set<\/p>","upvoteCount":0,"datePublished":"2018-12-26T20:08:30.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/8","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":"
\nyum install ntp -y
\nsystemctl start ntpd
\nsystemctl enable ntpd
\nsystemctl status ntpd<\/p>\n
\niptables -A INPUT -p udp --dport 123 -j ACCEPT
\niptables -A OUTPUT -p udp --sport 123 -j ACCEPT<\/p>\n<\/a>For more information about this file, see the man pages<\/h1>\n
<\/a>ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).<\/h1>\n
<\/a>Permit time synchronization with our time source, but do not<\/h1>\n
<\/a>permit the source to query or modify the service on this system.<\/h1>\n
<\/a>Permit all access over the loopback interface. This could<\/h1>\n
<\/a>be tightened as well, but to do so would effect some of<\/h1>\n
<\/a>the administrative functions.<\/h1>\n
\nrestrict ::1<\/p>\n<\/a>Hosts on local network are less restricted.<\/h1>\n
<\/a>Use public servers from the pool.ntp.org<\/a> project.<\/h1>\n
<\/a>Please consider joining the pool ( pool.ntp.org: Join the NTP Pool!<\/a>) .<\/h1>\n
\nserver 1.sg.pool.ntp.org<\/a> iburst<\/strong>
\nserver 2.sg.pool.ntp.org<\/a> iburst<\/strong>
\nserver 3.sg.pool.ntp.org<\/a> iburst<\/strong><\/p>\n
\n#broadcastclient<\/span>
\n#broadcast<\/span> 224.0.1.1 autokey
\n#multicastclient<\/span> 224.0.1.1
\n“ntp.conf” 62L, 2133C<\/p>\n
\nsystemctl restart ntpd
\nntpstat<\/p>\n
\n26 Dec 22:05:55 ntpdate[3330]: no servers can be used, exiting<\/p>","upvoteCount":0,"datePublished":"2018-12-26T21:08:55.000Z","url":"https://community.spiceworks.com/t/ntp-client-not-syncing-from-ntp-server/690127/13","author":{"@type":"Person","name":"tryllz","url":"https://community.spiceworks.com/u/tryllz"}},{"@type":"Answer","text":"
\n123/udp open|filtered ntp<\/p>\n