NTP Server issue

Linux and Unix-Like Red Hat
1

Hi team,

I was like try to create an NTP time server under my RHEL6 box, but once I try to sync other Windows clients (and some Linux) I alway get an error with syncing with my NTP server, here is my non-hashed ntp.conf file parameters:

driftfile /var/lib/ntp/drift
restrict 192.168.238.0 mask 255.255.255.0 nomodify notrap #My Network
server 192.168.238.140 #This server
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys

Its good to know that I turned off my firewall (iptables) and my SELinux policies as well and I can easily ping between the clients and the server.

2

Exactly what error are you getting?

3

Like this:

[root@host1 ~]# ntpdate 192.168.238.140
21 Sep 18:13:14 ntpdate[2095]: no server suitable for synchronization found

Again, I don't have any firewall on all sides.

4

What do you get with

[root@host1 ~]# ntpq -np 192.168.238.140

?

5 
[root@host1 ~]# ntpq -np 192.168.238.140
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 192.168.238.140 .INIT.          16 u    -   64    0    0.000    0.000   0.000
[root@host1 ~]#
6

That's a misconfigured NTP server.
The NTP server must either refer to a hardware clock or to another server that has a path to a hardware clock.
You can use the own system HW clock like

server 127.127.0.1

Consult your man pages

man ntp.conf
7

But I already included the server clock for inquiery from the other clients, this code is part from my ntp.conf file

server 192.168.238.140 #This server
8

I mean the NTP server 192.168.238.140 is misconfigured. Check its ntp.conf!

9

What should I change in the ntp.conf of the NTP server to make it work?!

Again, this is my ntp.conf file's contain:

restrict 192.168.238.0 mask 255.255.255.0 nomodify notrap
server 127.127.0.1
10

That looks okay.
Add an unrestricted access from localhost

restrict 127.0.0.1

restart ntpd, and after a minute check with

ntpq -np
11

Now I got this when I implemented ntpq -np:

No association ID's returned

And I added already

restrict 127.0.0.1

When I try from other linux client #ntpdate 192.168.238.140 its return with

20 Sep 11:59:07 ntpdate[5015]: no server suitable for synchronization found

!!

---------- Post updated at 05:51 AM ---------- Previous update was at 05:28 AM ----------

And when I change the:
restrict 127.127.0.1

to

restrict 127.0.0.1

It gives me the following when I execute ntpq -np:

[root@host1 ~]# ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 127.0.0.1       .INIT.          16 l    -   64    0    0.000    0.000   0.000

I'm sort of lost now!

12

Any ntp messages in /var/log/messages?
Is this a virtual system (instance on vmware, xen, virtual box)? Then the HW clock is problematic.

13

Yes sir! The NTP server is running on VMware! and the other clients is on VMware too. Is that the reason behind this issue? and if its, what is the solution for such cases.

14

Yes I think this is your problem.
Unfortunately I don't know if there is possibility to have a VMware guest act as an NTP server.
Google for: ntp server on vmware guest
The safest metod is to use another server with real hardware.
The VMware ESX server itself can act as an NTP server.
Google for: ntp server on vmware ESX

1 Like
15

It is possible to have a NTP server running on VMware (5.1 in my case). But you have to make sure, that the host's clock is close to accurate, meaning ESXi's NTP client has to be configured properly.

That's because a VM syncs its time with the host at boot time, even if timesync is disabled in the VMs configuration. Now if the host's time is off by a greater timespan, the guest's clock is off too, because of the boot-time timesync with the host and the NTP daemon will not be able to adjust the guest's clock and synchronize to it's upstream NTP servers.