Re: Connect problem 4.1.2-4 redhat server
- From: Steve Kostecke <kostecke@xxxxxxxxxxx>
- Date: 16 Aug 2005 04:33:51 GMT
On 2005-08-15, t_pascal@xxxxxxxxxxx <t_pascal@xxxxxxxxxxx> wrote:
> >Please see http://ntp.isc.org/Support/AccessRestrictions for information
> >about how to control access to your ntpd.
>
> This was a good resource, and I was hopeful it would fix a strange
> problem I have.
>
> Server: RedHat ES3, ntp 4.1.2-4, address 192.168.100.a
> Per the suggestion in the document, I tried this "restrict 192.168.0.0
> mask 255.255.0.0 nomodify"
Why do you feel that you need this restriction?
> Client1: RedHat 7.3 kernel 2.4.30, ntp 4.1.1-2 address 192.168.100.b
> Client2: RedHat ES3, ntp 4.1.2-4, address 192.168.101.c
> Client3: RedHat 7.3 kernel 2.4.30, ntp 4.1.1-2 address 192.168.101.d
>
> Server connects to external (internet) servers and synchs well via
> firewall.
> Client1 connects to Server perfectly and syncs well, with or without
> "notrust" option.
The meaning of "notrust" has changed. Please see
http://ntp.isc.org/bin/view/Support/AccessRestrictions#Section_6.4.3.1.
> Client2 cannot connect to Server at all, tried every number of options
> and settings. NOT A ROUTING or FIREWALL ISSUE, believe me. Packets
> are received on Server, but nothing happens.
> Client3 can sync the time with ntpdate, but not with ntpd. This is
> some further proof that there is no routing or firewall issue, but
> makes the problem extremely strange.
>
> Sorry to self-followup, but I reversed Client2 and Client3. Basically,
> the two versions cooperate fully on the same subnet. The 4.1.2 server
> will reply to a 4.1.2 client via ntpdate ONLY (across a different
> subnet). The 4.1.1 clients are totally ignored across subnets (but
> work fine on the same subnet as noted).
It is possible that ntpdate is being invoked with '-u', for "use an
unprivileged source port. That would explain why ntpdate works even
though port 123/UDP is not completely open between the two sub-nets.
>> Any help, other the version numbers? I am using standard RedHat issued
>> software for the ES servers, but I suppose I can downgrade to 4.1.1 (if
>> that will help?) Or do I upgrade? Note that upgrading to 4.1.2-4 on
>> the 7.3 servers would break them. :(
>>
> I wasn't clear enough here. Downgrading my clients to 4.1.1 would only
> work on the same subnet. Upgrading clients to 4.1.2 on different
> subnets only gets a reply to ntpdate and would prefer to use ntpd to
> discipline the clocks.
It would be helpful to see the ntp.conf files for all 4 systems.
--
Steve Kostecke <kostecke@xxxxxxxxxxx>
NTP Public Services Project - http://ntp.isc.org/
.
- Follow-Ups:
- Re: Connect problem 4.1.2-4 redhat server
- From: t_pascal
- Re: Connect problem 4.1.2-4 redhat server
- References:
- Connect problem 4.1.2-4 redhat server
- From: t_pascal
- Re: Connect problem 4.1.2-4 redhat server
- From: t_pascal
- Connect problem 4.1.2-4 redhat server
- Prev by Date: Re: PPS source not always being chosen?
- Next by Date: Re: PPS source not always being chosen?
- Previous by thread: Re: Connect problem 4.1.2-4 redhat server
- Next by thread: Re: Connect problem 4.1.2-4 redhat server
- Index(es):
Relevant Pages
|
