Date: Thu, 25 Nov 2004 11:40:39 -0800 From: Michael Collette <Metrol@Metrol.net> To: freebsd-questions@freebsd.org Subject: Time sync with NTP questions Message-ID: <41A63537.8090300@Metrol.net>
next in thread | raw e-mail | index | archive | help
On my network I have a machine in my DMZ I wish to use NTP to synchronize to a public server for it's time. I then want to have another machine in my private network synchronize time to this box in the DMZ. From there I want to have all my other machines in my private network to sync in to it. Boy I hope that makes sense. Just in case, a fun filled ASCII diagram Public NTP Server | DMZ Server | Private Server | All the rest of my servers All my boxes are running 5.3-STABLE. I have my DMZ box connecting to public NTP servers through my firewall now. That part works great. Able to ntpdate and run ntpd. My private server is able to both ntpdate and ntpd to a public server. What I can't seem to get going here is to have the private server synchronize to the DMZ server with NTP. Also can't get other machines sync in with what I want to be my primary NTP server on the private network. Heck, I can't seem to get any two FreeBSD boxes to sync with eachother. I've also been trying to get this to play with two boxes on the same subnet. I can get one box to sync to another using timed, but I can't seem to get ntp to work. I conistently get... "no server suitable for synchronization found" The client side can query what I'd like to be the ntp server with ntpq, but ntpdate or ntp -q always fail. The client IS able to ntpdate to a public server. The server has the following rc.conf flags... ntpdate_enable="YES" ntpdate_flags="ntp.ucsd.edu" ntpd_enable="YES" ntpd_flags="-A -c /etc/ntp.conf -p /var/run/ntpd.pid -f /etc/ntp/ntpd.drift" /etc/ntp.conf looks very similar too... server ntp.somedomain.com restrict ntp.somedomain.com mask 255.255.255.255 nomodify notrap noquery restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap restrict 127.0.0.1 driftfile /etc/ntp/ntp.drift There's actually 5 public NTP servers configured in my real ntp.conf and they all seem to work. 192.168.1.0 is, of course, where my clients would query this server. So what am I missing here to make a working NTP server for my network?? Thanks, -- "In theory, there is no difference between theory and practice. In practice, there is." - Yogi Berra
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41A63537.8090300>