From owner-freebsd-questions@FreeBSD.ORG Thu Jan 22 02:27:47 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 88F0516A4CF for ; Thu, 22 Jan 2004 02:27:47 -0800 (PST) Received: from boudica.360i.ca (boudica.360i.ca [216.194.85.48]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9190743D2F for ; Thu, 22 Jan 2004 02:27:45 -0800 (PST) (envelope-from earonyk@360i.ca) Received: from sedgemoor (h68-149-101-79.ed.shawcable.net [68.149.101.79]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by boudica.360i.ca (Postfix) with ESMTP id 17B2D615A3 for ; Thu, 22 Jan 2004 03:27:44 -0700 (MST) From: "Edward Aronyk" To: Date: Thu, 22 Jan 2004 03:28:25 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcPgyS40GHREqRdoRou4M9t4Ukv4KgAAYyWAAAHac3A= Message-Id: <20040122102744.17B2D615A3@boudica.360i.ca> Subject: RE: NTP doesn't work behind IPF firewall? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jan 2004 10:27:47 -0000 If I kill both ntpd processes so the socket is no longer in use, I can manually set the time with ntpdate. I can't figure out why two ntpd processes get spawned - it's like that on both servers, and even after a reboot both appear again... EA -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Scott Mitchell Sent: Thursday, January 22, 2004 2:42 AM To: 'Edward Aronyk'; freebsd-questions@freebsd.org Subject: RE: NTP doesn't work behind IPF firewall? owner-freebsd-questions@freebsd.org wrote: > I know ntp is running because it updates the driftfile, > and ps shows it's active: > > # ps -aux | grep ntp > root 81 0.0 0.2 1328 960 ?? Ss 9Jan04 1:06.65 > /usr/sbin/ntpd -p /var/run/ntpd.pid > root 83 0.0 0.2 1364 992 ?? S 9Jan04 0:15.67 > /usr/sbin/ntpd -p /var/run/ntpd.pid > root 47532 0.0 0.0 304 164 p0 R+ 2:14AM 0:00.00 grep > ntp I'm not sure why you have 2 ntpd processes running there - I only ever see one: (505) llama:~ $ ps uaxww | grep ntpd root 77934 0.0 0.2 1312 900 ?? Ss Sun04pm 0:12.45 /usr/sbin/ntpd -p /var/run/ntpd.pid I'd suggest killing both of those ntpd processes and starting it up again. Actually, before you restarting, try manually synchronising with one of your servers, eg: # ntpdate subitaneous.cpsc.ucalgary.ca That will at least tell you that you can talk NTP with this server. I assume all the servers in your ntp.conf are public ones that your host is allowed to use? The firewall rules look OK, although you might want to add 'log' to your default block rule while diagnosing a problem like this, so you'll be told if ipf is blocking any of the packets you're interested in. Scott _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"