From owner-freebsd-questions@FreeBSD.ORG Mon Nov 14 18:23:07 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91A3716A41F for ; Mon, 14 Nov 2005 18:23:07 +0000 (GMT) (envelope-from dmehler26@woh.rr.com) Received: from ms-smtp-03-eri0.ohiordc.rr.com (ms-smtp-03-smtplb.ohiordc.rr.com [65.24.5.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0166743D55 for ; Mon, 14 Nov 2005 18:23:06 +0000 (GMT) (envelope-from dmehler26@woh.rr.com) Received: from satellite (cpe-65-31-43-91.woh.res.rr.com [65.31.43.91]) by ms-smtp-03-eri0.ohiordc.rr.com (8.12.10/8.12.7) with SMTP id jAEIN3YF016920 for ; Mon, 14 Nov 2005 13:23:03 -0500 (EST) Message-ID: <002301c5e947$5c4c6ef0$0900a8c0@satellite> From: "Dave" To: References: <000901c5e7da$2bf28cd0$0900a8c0@satellite> <44iruv9suv.fsf@be-well.ilk.org> Date: Mon, 14 Nov 2005 13:15:14 -0500 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2670 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 X-Virus-Scanned: Symantec AntiVirus Scan Engine Subject: Re: ntp handling in 6.0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Dave List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2005 18:23:07 -0000 Hello, Thanks for your reply. My server box does indeed have ntpd running i confirmed it with ps -aux and it does have a pf firewall. The rules are: # allow UDP requests to port 123 from firewall to exit ext_if_if # in order to contact internet ntp servers # (keep state on this connection) pass out quick on $ext_if inet proto { tcp, udp} from $ext_if to any port 123 keep state # allow UDP requests to ports 67, 68, and 123 from # in order to perform dhcp and ntp queries on the firewall # ( Keep state on this connection) pass in quick on $int_if inet proto { tcp,udp } from $int_net to $int_if port { 67, 68, 123 } keep state and ntpdc shows me a prompt. Hope this helps. Dave. ----- Original Message ----- From: "Lowell Gilbert" To: "Dave" Cc: Sent: Monday, November 14, 2005 10:00 AM Subject: Re: ntp handling in 6.0 > "Dave" writes: > >> Hello, >> Has ntp handling changed in 6.0-RELEASE? I've been through the >> handbook and /etc/defaults/rc.conf but haven't found the answer to >> this. I've got a machine acting as an ntp server for a network. When i >> run ntpdate -b from another machine i get the error "No servers >> suitable for synchronization found". Ntpd from these other boxes shows >> the same. From the local ntp server to the ntp servers on the internet >> works fine. >> The local ntp server's configuration is as follows: >> >> /etc/rc.conf >> ntpdate_enable="YES" >> ntpdate_flags="-b servername" >> ntpd_enable="YES" >> ntpd_flags="-c /etc/ntp.conf -p /var/run/ntpd.pid" >> >> ntp.conf >> server servername prefer >> server servername >> servername >> driftfile /etc/ntp.drift >> restrict 192.168.9.0 mask 255.255.255.0 notrust nomodify notrap >> >> and on client boxes: >> >> /etc/rc.conf >> ntpdate_enable="YES" >> ntpdate_flags="-b local ntp server IP" >> ntpd_enable="YES" >> ntpd_flags="-c /etc/ntp.conf -p /var/run/ntpd.pid" >> >> /etc/ntp.conf >> server local-ntp-server-ip prefer >> driftfile /etc/ntp.drift > > Is there an ntpd running? > Is there a firewall in the way? > What does ntpdc tell you?