ntpdate problem: no servers suitable for synchronisation

Q I have a small, self-contained network for testing VoIP, and every machine has a static IP in the range 192.168.254.x. I've assigned the machine with address 192.168.254.200 to be the NTP server. NTPD is installed and starts fine, but if I ask another machine to sync with it using ntpdate I get: no servers suitable for synchronisation.

This happens on both my Linux servers and on my Mac, so the problem appears to be in the config of the NTP server rather than the clients. I've also got some Cisco IP phones that use Simple NTP rather than full NTP and they pick the time up from the server no problem. NTP configuration seems to be very poorly documented. The ntp.conf file on the server contains the following (and I just want machines on the network to be able to get the time):

restrict 192.168.254.0 mask 255.255.255.0
nomodify notra

As I understand it, that will allow any machine with an IP in the range 192.168.254.x to get the time off the server for itself but not to modify the time on the server. I also tried setting the stratum level, but to no avail.

A The first step to diagnosing this is to run ntpdate with the -d (debug) argument. This causes ntpdate to show details of the communication with the server, but not alter the system clock. I suspect you'll see something like

192.168.254.200: Server dropped: strata too high

This is usually caused by the server being too far out of sync with the upstream servers, so it sets an artificially high stratum value to prevent other computers trusting it. In effect, the server is saying, "Here's the time, but I'm not that sure of it", to which the client responds, "OK, I'll leave it, thanks" This probably also accounts for the more simple clients accepting its time. Leave the server running for a few hours to allow it to bring itself into sync with the upstream servers from pool.ntp.org or wherever you've set in ntp.conf. Running ntpq -p 192.168.254.200 will give some useful information, reporting the peers known to the server and their accuracy. You want most of them to have a * or + in the first column and a low value in the st (stratum) column for them to be considered authoritative. The stratum setting in ntpd.conf can only be used to increase the stratum level, which won't help here. You're right about the NTP documentation. It's written by those with thorough knowledge of the subject, which is good, but assumes a similar level of understanding among readers, which is not.

Follow us on Identi.ca or Twitter

Username:   Password:
Create Account | About TuxRadar