NTP is not synching with server

Latest response

Hi All,

I have installed chronyc package in Node1 Server and Node2 Client server.

Started both servers chronyd deamon service and all firewall,iptables and selinux are OK.

Server side config:
grep allow /etc/chrony.conf

allow 192.168.0.0/16

allow 192.168.253.135/16

Client side config:
cat /etc/chrony.conf
server 192.168.253.134 iburst

Problem:
1. Node2 client time is not synching with Node1 server
2.telnet also not happening from server to client and client to server
telnet 192.168.253.134 323

Requirement:
Why telnet is not happening
Why time sync is not happening immediately incase if it is in configuration then how to do forcefully

Responses

Hi Ibrahim,

The telnet failure is due to using the wrong port.

grep 123 /etc/services|head -2
ntp             123/tcp
ntp             123/udp                         # Network Time Protocol

ntp works one way, client pull from server so if both telnet session work, it means both nodes are configured as client and server (which is common).

allow 192.168.253.135/16

This a double declaration of the same ip-range, do you see any messages using grep chrony /var/log/messages indicating issues?

Regards,

Jan Gerrit

Hi Jan,

I tried also with 123 port number but telnet is not connecting

Also checked /var/log/messages it is not updating

Server Side: ip r --> 192.168.253.134 systemctl status chronyd ---> Running grep -w ntp /etc/services ---> ntp 123/tcp ntp 123/udp # Network Time Protocol date ---> Wed Nov 24 23:11:24 IST 2021

Client Side: ip r ---> 192.168.253.135 systemctl status chronyd ---> Running telnet 192.168.253.134 123 ---> Trying 192.168.253.134... telnet: connect to address 192.168.253.134: Connection refused date ---> Wed 24 Nov 01:27:45 IST 2021 chronyc -a makestep ---> 200 OK date ---> Wed 24 Nov 01:28:07 IST 2021

Hi Jan,

Here problem is why NTP client is not synching with NTP server

How to do force sync in NTP client online

Hi Ibrahim,

Are there no firewalls running on the servers, like "firewalld, iptables or nftables"?

Regards,

Jan Gerit

Hi Jan,

I have stopped all the rules like firewall,iptables and selinux

What does netstat -tulpan|grep 123 show on both nodes?

Hi Jan,

Server Side: [root@localhost ~]# netstat -tulpan|grep 123 udp 0 0 0.0.0.0:123 0.0.0.0:* 16530/chronyd

Client Side: No Output

Hi Ibrahim,

As the chronyd process only listens for udp requests telnet does not work, as it is a tcp only program.

you will have to test with nmap -PU 123 or chronyc sources

HI Jan,

Please check below response

[root@localhost ~]# chronyc sources 210 Number of sources = 1

MS Name/IP address Stratum Poll Reach LastRx Last sample

^? 192.168.253.134 0 7 0 - +0ns[ +0ns] +/- 0ns [root@localhost ~]# [root@localhost ~]# nmap -PU 123 Starting Nmap 7.70 ( https://nmap.org ) at 2021-11-25 02:52 IST setup_target: failed to determine route to 123 (0.0.0.123) WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.07 seconds

[root@localhost ~]# nmap -PU 123 192.168.253.134 Starting Nmap 7.70 ( https://nmap.org ) at 2021-11-25 02:53 IST setup_target: failed to determine route to 123 (0.0.0.123) Nmap scan report for 192.168.253.134 Host is up (0.00035s latency). Not shown: 994 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds MAC Address: 00:0C:29:C1:05:40 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 3.18 seconds [root@localhost ~]#

Hi Jan,

Below output form client

chronyc sources ^? 192.168.253.134

If it is * only then sync can you help me how to get

Hi Jan,

Please help the same

Hi Ibrahim,

I am out of clues.

you might have to open a support case, or may be a fellow member on the forum may have another option to test.

MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ source1      1  10   377   294   -487us[ -507us] +/- 4940us
^+ source2      1  10   377   29m   -557us[ -613us] +/- 3690us
^* source3      1  10   377   259   -459us[ -479us] +/- 3833us
^+ source4     1  10   377   837   -315us[ -334us] +/- 5628us

0 or more ^+ , and 1 ^* are to be expected

Regards,

Jan Gerrit

test

 nmap -PU 123 192.168.253.134