1

My server is hosted in IDC, due to in this IDC server can't access to Internet, so I can use Internet NTP server. But IDC service provider have a atomic clock, so I can sync time with atomic clock.
Atomic clock's IP is 192.168.90.118 and my server's IP is 192.168.90.18. My server's OS is Debian 8.11 and I install ntp by sudo apt install ntp, the version of ntpd is 4.2.6p5.
Server's /etc/ntp.conf content like below:

driftfile /var/lib/ntp/ntp.drift
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
server 192.168.90.118 version 3
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
restrict 127.0.0.1
restrict ::1

And I tried execute below command to sync time with atomic clock, it shows 'no server found'

sudo service ntp stop
sudo ntpd -gq

I tried to ping the atomic clock's IP address, it is reachable and low latency. I tried to capture some packets between atomic clock and my server with tcpdim,it shwos below:

sudo tcpdump -vvv -ni eth0 port 123

16:43:44.802334 IP (tos 0x0, ttl 126, id 12371, offset 0, flags [none], proto UDP (17), lenth 76)  
    192.168.90.118.123 > 192.168.90.18.123: [udp sum ok]NTPv3, lenth 48
        Server, Leap indicator: (0), Stratum 6 (secondary reference), poll 6 (64s), pricision -6
Root Delay: 0.000000, Root disprsion: 10.371246, Reference-ID: 95.31.153.26
            Reference Timestamp: 3843677595.431751999 (2021/10/20 08:13:15)
            Originator Timestamp: 3843708224.802159560 (2021/10/20 16:43:44)
            Receive Timestamp: 3843708322.196751999 (2021/10/20 16:45:22)
            Transmit Timestamp: 3843708322.196751999 (2021/10/20 16:45:22)
                Originator - Receive Timestamp: +97.394592739
                Originator - Transmit Timestamp: +97.394592739
16:43:46.802173 IP (tos 0x0, ttl 64, id 19514, offset 0, flags [DF], proto UDP (17), lenth 76)  
    192.168.90.18.123 > 192.168.90.118.123: [bad udp cksum -> 0x4b29!]NTPv3, lenth 48
        Client, Leap indicator: clocl unsynchornized(192), Stratum 0 (unspecified), poll 6 (64s), pricision -23
Root Delay: 0.000000, Root disprsion: 0.000091, Reference-ID: (unspec)
            Reference Timestamp: 0.000000000
            Originator Timestamp: 3843708322.196751999 (2021/10/20 16:45:22)
            Receive Timestamp: 3843708224.1802334560 (2021/10/20 16:43:44)
            Transmit Timestamp: 3843708226.802159634 (2021/10/20 16:43:46)
                Originator - Receive Timestamp: -97.394417439
                Originator - Transmit Timestamp: -95.394592365

Above text are input manually. Base on above result, it seem that kernel received the ntp packets, and protocol between server and client are match. But my server's ntpd didn't received or didn't recongized the packets. How can I fix it?

I executed command ntpq -np, it shows below:

ntpq: read: Connection refused
Improve this question
14
  • Add the output of ntpq -np to your question. Wait at least a minute after starting ntpd and then run it. Wait another minute and run it again, and put both outputs in your answer if they are different. Commented Nov 4, 2021 at 5:00
  • I executed ntpq -np it shows 'ntps: read: Connection refused' Commented Nov 4, 2021 at 5:06
  • Try it again prefaced by sudo. Commented Nov 4, 2021 at 7:33
  • Check which ntp server has the port sudo lsof -i:ntp. Read man lsof. Commented Nov 4, 2021 at 7:37
  • 1
    ntpd -gq makes just a one-time adjustment to the system clock and then quits. After that, you don't have a local ntpd running and so ntpq -np will fail until you do a sudo service ntp start. Commented Nov 4, 2021 at 8:17

2 Answers 2

Reset to default
1

After ask my service provider, the NTP server is base on Windows, which protocol is SNTP. In Debian 8.11's default NTP software, it can't accept SNTP packets. So I need to upgrade ntp version.

Improve this answer
2
  • If your upstream server is SNTP only, you need to find another upstream server. Usually the default config file includes a handful of pool servers. Commented Nov 11, 2021 at 12:33
  • Well, for security reason, my server can't access to Internet. And in LAN, my data center service provider only have SNTP server, and refuse to provide ntp server. Not technical problem, but business problem. Commented Nov 15, 2021 at 3:08
0

You didn't state it in your question (but in comments) but you say that your system can't access internet, and can only access services in your data center, which do not include ntp but only sntp.

If a real ntp server is not available, and you can't get the alternative of GPS synchronization, then your only option is to disable ntpd on your system and use an sntp client, possibly in cron.

Improve this answer
2
  • Errrrrr, I mentioned that my server can't access to Internet in the first sentence in my question. And after few days later after I post this this question, I finally confirmed from my service provider that the server's protocol is not NTP but SNTP. And SNTP server seems working good with ntpd on CentOS and newer Debian version. Commented Nov 15, 2021 at 5:49
  • I didn't think it was clearly stated in the question, so I wanted to make sure the reasoning was clear in the answer. If ntpd -gq is working well with their sntp server, then it is acting as an sntp client, and you will need to disable ntpd as a daemon and just run that command in cron periodically. Commented Nov 15, 2021 at 12:25

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.