[7.306] Clock / NTP out of sync

BarryG · #1 (**permalink**) 01-12-2010, 10:46 PM

Hi, all our systems' clocks were off by a minute today, including Astaro (our local NTP server).

Running 'ntpdate -q pool.ntp.org' on the console verified the clock was wrong but that the servers were reachable.

Restarting the NTP server in webadmin (at 14:33) reset the clock, but I'm worried that it's drifting so much.

Thanks,
Barry

Code:

fw2:/var/log # ntpdate -q  pool.ntp.org           
server 72.1.194.82, stratum 3, offset 67.531043, delay 0.12061
server 24.83.71.119, stratum 2, offset 67.536980, delay 0.06778
server 24.215.0.24, stratum 2, offset 67.530904, delay 0.12042
12 Jan 14:26:29 ntpdate[29707]: step time server 24.83.71.119 offset 67.536980 sec

fw2:/var/log # grep ntp *.log                   
confd.log:2010:01:12-14:33:06 (none) confd[29755]: id="310c" severity="info" sys="System" sub="confd" name="config node changed" client="index.plx" facility="webadmin" user="barry" srcip="10.40.8.35" node="ntp->status"
confd.log:2010:01:12-14:33:12 (none) confd[29755]: id="310c" severity="info" sys="System" sub="confd" name="config node changed" client="index.plx" facility="webadmin" user="barry" srcip="10.40.8.35" node="ntp->status"
named.log:2010:01:12-05:15:57 (none) named[3633]: too many timeouts resolving 'pool.ntp.org/A' (in 'pool.ntp.org'?): disabling EDNS
system.log:2010:01:12-02:22:57 (none) ntpd[5787]: synchronized to 174.133.44.162, stratum 2
system.log:2010:01:12-02:34:35 (none) ntpd[5787]: synchronized to LOCAL(0), stratum 10
system.log:2010:01:12-11:29:07 (none) ntpd[5787]: synchronized to 174.133.44.162, stratum 2
system.log:2010:01:12-12:24:07 (none) ntpd[5787]: synchronized to LOCAL(0), stratum 10
system.log:2010:01:12-14:33:08 (none) ntpd[5787]: ntpd exiting on signal 15
system.log:2010:01:12-14:33:10 (none) ntpd[30026]: ntpd 4.2.4@1.1437-o Wed Apr 18 07:34:56 UTC 2007 (1)
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: precision = 1.000 usec
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #0 wildcard, 0.0.0.0#123 Disabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #1 lo, 127.0.0.1#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #2 eth0, 64.34.248.134#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #3 eth0:HGbUIv, 146.12.79.3#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #4 eth0:COkNeZ, 146.12.79.10#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #5 eth0:BjzjWn, 146.12.79.1#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #6 eth0:LcgLys, 146.12.79.49#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #7 eth0:vwXnYU, 146.12.79.35#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #8 eth0:AwqoCd, 146.12.79.36#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #9 eth0:cjWrnJ, 146.12.79.21#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #10 eth0:TfmGul, 146.12.79.19#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #11 eth0:KTfmvW, 146.12.79.17#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #12 eth0:IKQWXP, 146.12.79.18#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #13 eth0:rtAiiT, 146.12.79.50#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #14 eth0:ekrneB, 146.12.79.51#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #15 eth0:VgPMGk, 146.12.79.52#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #16 eth0:sSYYpg, 146.12.79.53#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #17 eth0:UZmFte, 146.12.79.34#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #18 eth0:PmRTzi, 146.12.79.37#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #19 eth0:uROVOY, 146.12.79.38#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #20 eth0:MWwhYB, 146.12.79.33#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #21 eth0:bTsgUJ, 146.12.79.39#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #22 eth0:VKmFbf, 146.12.79.40#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #23 eth0:kwytDk, 146.12.79.41#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #24 eth0:nibcXD, 146.12.79.42#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #25 eth0:OOehBT, 146.12.79.54#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #26 eth1, 10.42.6.1#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #27 eth1:EdKVRC, 10.42.6.254#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: Listening on interface #28 tun0, 10.242.6.1#123 Enabled
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: kernel time sync status 0040
system.log:2010:01:12-14:33:10 (none) ntpd[30027]: frequency initialized 43.879 PPM from /var/ntp.drift
system.log:2010:01:12-14:33:15 (none) ntpd[30027]: ntpd exiting on signal 15
system.log:2010:01:12-14:33:16 (none) ntpd[30189]: ntpd 4.2.4@1.1437-o Wed Apr 18 07:34:56 UTC 2007 (1)
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: precision = 1.000 usec
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #0 wildcard, 0.0.0.0#123 Disabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #1 lo, 127.0.0.1#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #2 eth0, 64.34.248.134#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #3 eth0:HGbUIv, 146.12.79.3#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #4 eth0:COkNeZ, 146.12.79.10#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #5 eth0:BjzjWn, 146.12.79.1#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #6 eth0:LcgLys, 146.12.79.49#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #7 eth0:vwXnYU, 146.12.79.35#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #8 eth0:AwqoCd, 146.12.79.36#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #9 eth0:cjWrnJ, 146.12.79.21#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #10 eth0:TfmGul, 146.12.79.19#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #11 eth0:KTfmvW, 146.12.79.17#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #12 eth0:IKQWXP, 146.12.79.18#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #13 eth0:rtAiiT, 146.12.79.50#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #14 eth0:ekrneB, 146.12.79.51#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #15 eth0:VgPMGk, 146.12.79.52#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #16 eth0:sSYYpg, 146.12.79.53#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #17 eth0:UZmFte, 146.12.79.34#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #18 eth0:PmRTzi, 146.12.79.37#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #19 eth0:uROVOY, 146.12.79.38#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #20 eth0:MWwhYB, 146.12.79.33#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #21 eth0:bTsgUJ, 146.12.79.39#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #22 eth0:VKmFbf, 146.12.79.40#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #23 eth0:kwytDk, 146.12.79.41#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #24 eth0:nibcXD, 146.12.79.42#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #25 eth0:OOehBT, 146.12.79.54#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #26 eth1, 10.42.6.1#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #27 eth1:EdKVRC, 10.42.6.254#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: Listening on interface #28 tun0, 10.242.6.1#123 Enabled
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: kernel time sync status 0040
system.log:2010:01:12-14:33:16 (none) ntpd[30190]: frequency initialized 43.879 PPM from /var/ntp.drift
fw2:/var/log # date
Tue Jan 12 14:33:24 PST 2010
fw2:/var/log # ntpdate -q  pool.ntp.org           
dateserver 72.51.27.50, stratum 3, offset -0.017072, delay 0.06476
server 24.215.0.24, stratum 2, offset -0.023080, delay 0.12183
server 206.248.190.142, stratum 2, offset -0.022484, delay 0.12921
12 Jan 14:34:37 ntpdate[30197]: adjust time server 24.215.0.24 offset -0.023080 sec

fw2:/var/log # uptime
  2:35pm  up 51 days 14:59,  1 user,  load average: 1.45, 1.00, 0.80

wingman · #2 (**permalink**) 02-03-2010, 04:35 PM

Hi Barry

Are you still having this issue?

BarryG · #3 (**permalink**) 02-04-2010, 04:47 AM

Hi,
The time is correct (0.013 seconds offset according to ntpdate) at the moment, but other than restarting the NTP service, I haven't done anything to 'fix' it, and suspect it will happen again (the above post wasn't the first time I've had this problem in the 7.x series).

Thanks,
Barry

wingman · #4 (**permalink**) 02-04-2010, 10:03 AM

The issue I am having is that I can see all devices updating their clocks via NTP server from ASG with no issues. I can see the allowed NTP request on the firewall itself via the packet tracer but I am unable to perform windows update as it says the clocks are out of sync

wingman · #5 (**permalink**) 02-04-2010, 12:55 PM

UPDATE: I think there is something wrong with the NTP service. My domain controller was unable to connect to the ntp server and it was part of the NTP allowed networks.

I can see the block on the packet rule

UDP
192.168.2.1 : 123
→
192.43.244.18 : 123
I've disabled the NTP function and everything works fine at the moment. I think there is still an issue with 7.XX series

BAlfson · #6 (**permalink**) 02-04-2010, 03:17 PM

I'm not seeing this issue anywhere. Which servers do you have listed on the 'Time and Date' tab of 'Mnagement >> System Settings'?

Cheers - Bob

BarryG · #7 (**permalink**) 02-04-2010, 06:41 PM

Hi Wingman, I frequently see time sync errors on my WinXP boxes (syncing to Astaro 7.502). I've complained about that several times before here, but there doesn't seem to be a real fix.

It seems to fail about 50% of the time for me, so my computers still stay in pretty good sync and I've given up worrying about it at home.

The problem I mentioned here is with Astaro getting out of sync though.

Barry

wingman · #8 (**permalink**) 02-04-2010, 06:53 PM

Quote:

Originally Posted by BAlfson

I'm not seeing this issue anywhere. Which servers do you have listed on the 'Time and Date' tab of 'Mnagement >> System Settings'?

Cheers - Bob

I had my internal network (192.168.2.0/24) + my vpn pool
so really getting the block on the pf for 192.168.2.1 is strange. I've disabled though and add the appropriate rules and everything works fine