Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to set up NTP server - client in test environment.

Status
Not open for further replies.

marcq

Technical User
Aug 18, 2011
34
PL
Hello.
I'm practising linux continuously and faced one problem for that I can't find solution.
According to book that I have I did all properly to set it up but it doesn't work.
I also searched internet with no results.
I even found similiar thread but after following replies I was lost anyway.
Someone can help on that?

I have two linux machines (actually it is centos).
Both have ntp package installed and running.

On one host (lets name it just server) I defined local host as clock source:
server 127.127.1.0
fudge 127.127.1.0 stratum 10
I commented external ntp servers in /etc/ntp.conf because I don't have internet connection and assume my server is the time source.

Second hosts is configuring when booting and using dhcp - including ntp server.
I commented external ntp servers in /etc/ntp.conf obviously.
When booted I see in the file /etc/ntp.conf correct IP of my ntp server (it is there with comment # added by dhclient-script)
Now. ntpq -p shows in refid column .INIT.
I did try ntpdate then and noticed that "no servers can be used, exiting"
What is still wrong?
I assume it is quite obvious to set up "ntp internal network" if one doesn't want to synchronise to external network.
And if I read the book carefully I optional choise for time source and it might be external source over internet or local or radio clock.






 
localhost is 127.0.0.1

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Yes
localhost is 127.0.0.1 but not in this case I'm adraid.
 
What do you mean by, " but not in this case I'm adraid."?
From your original post it wasn't entirely clear, but my interpretation was that machine A (ntp server) was set to and address of 127.127.1.0 and machine B (NTP client) is not able to connect to machine A as an NTP server.

The address range, 127.0.0.1/8 is defined as the loopback address. The first 8 bits, which declare the 127 octet, specify the address range. This means that any address in the 127.x.x.x range WILL NOT ROUTE past that NIC and you can not access any other machine in this address range. Consequently, machine B will NOT be able to route traffic to machine A in this range - by design.


 
hello Noway2.
It had to be "I'm afraid" but mispelled. (I mean = I'm sorry, Unfortunately etc...)
Ok. Let me clarify further more detailed.
A and B are in the same internal network.
No access outside and no matter if time on A is synchronised correctly with "world" <- this is internal network (test).
So the IP of 127.127.1.0 is set on machine A as "ntp server" - per default this is server time when no other source is available.
BTW I don't get the idea anyway what is it for other way than the fact that if we want to have the machine configured as server then
we have to provide some time source to it.
So I assume if A wants to be ntp server it has to have some superior ntp server (source) configured as a must.
Then here it is local 127.127.1.0
Now. When ntp starts on A I see it is synchronising to itself - I presume it's all right.
Next step is start ntp on B and provide IP of A as ntp server.
However when trying set up date with ntpdate it fails with the mentioned error
"no servers can be used, exiting"



 
have you tried removing ths line "fudge 127.127.1.0 stratum 10" on the server?

Tony ... aka chgwhat

When in doubt,,, Power out...
 
Hi.
I've done it right now and tested.
Result the same.
 
Now. When ntp starts on A I see it is synchronising to itself - I presume it's all right.
Next step is start ntp on B and provide IP of A as ntp server.
B can not talk to at at address 127.127.1.0 or any 127.x.x.x address. A and B can talk to themselves only at those addresses. Instead of 127.x.x.x you will need to use another RFC 1989 address range, like 10.x.x.x, 192.168.x.x, or 172.16.x.x. This will still be unavailable from the public internet, which I assume is the security concern in justifying 127 addresses; it will only work across your LAN.

 
I meant to say B can not talk to A, not talk to at.
 

127.0.0.0/8 - This block is assigned for use as the Internet host
loopback address. A datagram sent by a higher level protocol to an
address anywhere within this block should loop back inside the host.
This is ordinarily implemented using only 127.0.0.1/32 for loopback,
but no addresses within this block should ever appear on any network
anywhere [RFC1700, page 5].

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Hello again.
Now. I'm sorry.
I can't conclude from advices what should I don now.
Look. Host A has address in ntp.conf which is default ntp server IP in case no external services.
Then host B has ntp server configured of IP of A server - not 127.127.1.0
 
Then host B has ntp server configured of IP of A server - not 127.127.1.0
....
So the IP of 127.127.1.0 is set on machine A as "ntp server"
Are you saying that machine A, your ntp server, has a different address? Is this a route-able address? If you scan this address from machine B, what ports are open and what server processes are listening? NTP works on UDP port 123. Are you seeing a service listening on this protocol/port? If not is it blocked by firewall?

 
Hi Noway2.
No.
A and B are in the same network, IPs (x.y.z.A/25 and x.y.z.B/25) assigned to eth0 on both and can talk each other.
Server node (A) listens on ip&port - x.y.z.A:123
In ntp.conf file of machine A - which should work as server - there is entry for "Undisciplined Local Clock. Fake driver..."
It's IP is per default 127.127.1.0 and it's used if no outside synchronisation source is available.
So.
I assume now that if host B has IP (x.y.z.A) - machine A in ntp.conf - it should synchronise clock with time of A - which is ntp server here.
Isn't it so?




 
@marcq What is needed to convince you that 127.ANYTHING AT ALL will resolve to the loopback connector of the machines NiC, so are not routeable.
Open a command prompt and type in
Code:
route print
To see the routing table for the machine,

in CDIR terms 127/8 should NEVER be used for any LAN addressing scheme.


OR is this a long standing typo and you are actually using the reserved range of 172.16.0.0 to 172.31.255.255


Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
At this point, I would suggest that we also dispense with attempts at obfuscating the IP address and spell things out as it is making it near impossible address your question directly. If you are using RFC 1918 addresses, publicizing them will not allow anyone to come to your doorstep and the difficulties caused by attempting to hide them are proving greater than any gain to be had by knowing what range your using behind your security apparatus.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top