xntpd Time Server 2

[khalidaaa]

Hi Guys,

We have two P5 570s machines with 12 LPARs. I'm trying to create a Time Server on two of the LPARs (one for each system) and letting the other LPARs synchronize the time with them.

That's the /etc/ntp.conf on the Server

#broadcastclient
server 127.127.1.0
fudge 127.127.1.0 stratum 10
#peer 10.1.1.150
#server 10.1.1.200
peer 10.1.1.151
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace

and that's the ntp.conf for one of the clients:

#broadcastclient
server 127.127.1.0
fudge 127.127.1.0 stratum 10
server 10.1.1.150
server 10.1.1.151
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace

I started the xntpd daemon from smitty xntpd and now its running.

now my question how do i know that what i did is working! and the main question is how to integrate what i did with a Windows Time server that we have in our Active Directory network.

I was trying to use the IP (10.1.1.200) for the Windows AD Time Server but i don't know whether it was working or not! It might not work because my LPARs are not authenticated on the AD.

Any Information is appreciated.

Thanks,

Regards,
Khalid

 

[Gloups]

To verify what you did use "ntpq -p" command

It will list all your ntp servers and the one choose as main sever will apear with a "*" character at the begining of it's name.

But looking at your configuration files, servers and client have the same stratum. You may give a lower stratum to your servers. With your config, if the server elected as main get down your client may choose their internal clock instead of the peer server (peer 10.1.1.151)

here commes my ouptput of ntpq -p for example

remote refid st t when poll reach delay offset jitter
==============================================================================
*saturne .PPS. 1 u 366 1024 377 1.065 -1.758 0.031
LOCAL(0) LOCAL(0) 10 l 45 64 377 0.000 0.000 0.008


Server saturne is declared as main server with stratum 1. Have a look to the star at the begining of the line

 

[khalidaaa]

Thanks Gloups for the useful information. but could you please modify my npt.conf shown above to clarify what you meant? i just got confused!

So i should assign a stratum of 9 (lower than 10 for the clients?) and how to do that?

Regards,
Khalid

 

[Gloups]

In the stratum hierarchy, the as low in the value as good is considered your time sserver.

In my example my server saturne has stratum 1 beause it's a GPS reciever and so considered as having a top quality clock.

For your config files, you can do something like:

For servers:

server 127.127.1.0
fudge 127.127.1.0 stratum 9
peer 10.1.1.151
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace


For clients:

server 127.127.1.0
fudge 127.127.1.0 stratum 10
server 10.1.1.150
server 10.1.1.151
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace

with this config, your clients will elect 10.1.1.150 or 10.1.1.151 as main server beacause they have a lower stratum then it's own clock wich have stratum 10.

If your two main servers are not available, the client will take it's own clock as reference with a lower quality represented by the stratum increase (10 instead of 9)

 

[khalidaaa]

Sure i will do that Thank you very much

But now how can i connect this to the AD Windows Time Server?

 

[Gloups]

If your AD domain controler has a time server installed and configured to act as a time server. You juste have to add it's adress as your primary server.

Ntp is OS independent

 

[khalidaaa]

Yeah but i tried adding it but i don't think that it was getting the time from it! how to check that it is recieving the time from the AD Time server?

 

[khalidaaa]

I did this:

#broadcastclient
server 127.127.1.0
fudge 127.127.1.0 stratum 9
#peer 10.1.1.150
server 10.1.1.200
peer 10.1.1.151
driftfile /etc/ntp.drift
tracefile /etc/ntp.trace
"ntp.conf" 46 lines, 1096 characters 

root@s1cdbp:/etc
# refresh -s xntpd
0513-095 The request for subsystem refresh was completed successfully.

root@s1cdbp:/etc
# ntpq -p         
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
 LOCAL(0)        LOCAL(0)         9 l    9   64    1     0.00    0.000 15885.0
 10.1.1.200      .LOCL.           1 u    8   64    1     0.50  1019.52 15875.0
 s2cdbs          0.0.0.0         16 -    -   64    0     0.00    0.000 16000.0

 

[khalidaaa]

I'm still trying commands but i don't know how to translate them:

root@s1cdbp:/etc
# ntpq -p        
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
 LOCAL(0)        LOCAL(0)         9 l   25   64  377     0.00    0.000   10.01
#10.1.1.200      .LOCL.           1 u   24   64  377     0.37  1054.72    0.24
 s2cdbs          LOCAL(0)        10 u   48   64  376     0.47   -0.007    0.63

root@s1cdbp:/etc
# ntpq -p
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
 LOCAL(0)        LOCAL(0)         9 l   63   64    1     0.00    0.000 15885.0
 10.1.1.200      .LOCL.           1 u   62   64    1     0.40  1072.28 15875.0
 s2cdbs          LOCAL(0)        10 u   29   64    1     0.49    0.012 15875.5

root@s1cdbp:/etc
# ntptrace -dv
DoTransmit(127.0.0.1)
DoTransmit to 127.0.0.1
ReceiveBuf(127.0.0.1, 127.0.0.1)
server 127.0.0.1, port 123
stratum 16, precision -17, leap 11
refid s2cdbs delay 0.00012, dispersion 0.00000 offset -0.000190
rootdelay 0.00047, rootdispersion 2.95905, synch dist 2.95927
reference time:      c854c4ea.21853000  Tue, Jul  4 2006 13:43:54.130
originate timestamp: c854c557.9f26c000  Tue, Jul  4 2006 13:45:43.621
transmit timestamp:  c854c557.9f2cf000  Tue, Jul  4 2006 13:45:43.621

DoTransmit(10.1.1.151)
DoTransmit to 10.1.1.151
ReceiveBuf(10.1.1.151, 10.1.1.151)
server 10.1.1.151, port 123
stratum 10, precision -17, leap 00
refid 127.127.1.0 delay 0.00032, dispersion 0.00000 offset -0.000223
rootdelay 0.00000, rootdispersion 0.01025, synch dist 0.01025
reference time:      c854c542.0f0a8000  Tue, Jul  4 2006 13:45:22.058
originate timestamp: c854c557.a09e9000  Tue, Jul  4 2006 13:45:43.627
transmit timestamp:  c854c557.a0a06000  Tue, Jul  4 2006 13:45:43.627

DoTransmit(127.127.1.0)
DoTransmit to 127.127.1.0
timeout
DoTransmit(127.127.1.0)
DoTransmit to 127.127.1.0
timeout
DoTransmit(127.127.1.0)
DoTransmit to 127.127.1.0
timeout
DoTransmit(127.127.1.0)
DoTransmit to 127.127.1.0
timeout
DoTransmit(127.127.1.0)
DoTransmit to 127.127.1.0
timeout
127.127.1.0:    *Timeout*

root@s1cdbp:/etc
# ntptrace -dv 10.1.1.200
DoTransmit to 10.1.1.200
ReceiveBuf(10.1.1.200, 10.1.1.200)
server 10.1.1.200, port 123
stratum 1, precision -6, leap 00
refid 'LOCL' delay 0.00040, dispersion 0.00000 offset 1.075038
rootdelay 0.00000, rootdispersion 10.13248, synch dist 10.13248
reference time:      c8549e43.9fd70a3d  Tue, Jul  4 2006 10:58:59.624
originate timestamp: c854c5b4.7c000000  Tue, Jul  4 2006 13:47:16.484
transmit timestamp:  c854c5b3.68bcf000  Tue, Jul  4 2006 13:47:15.409

root@s1cdbp:/etc
# xntpdc -c "pstats 10.1.1.200" 10.1.1.150
remote host:          10.1.1.200
local interface:      10.1.1.150
time last received:   47s
time until next send: 17s
reachability change:  559s
packets sent:         57
packets received:     57
bad authentication:   0
bogus origin:         0
duplicate:            0
bad dispersion:       60
bad reference time:   0
candidate order:      1

Any idea?

Regards,
Khalid

 

[khalidaaa]

I just found this:

# 
selected for synchronization but distance exceeds maximum.

so the '#' sign beside the 10.1.1.200 address (the address of the AD Time server) is not reachable or not able to synch with right?

So how can i do that?

Regards,
Khalid

 

[Gloups]

may try this

- stop xntpd client
- ndpdate 10.1.1.200 to force the synchro
- restart xntpd client

 

[khalidaaa]

Thanks again Gloups

but i did what you said and i got the same!

root@s1cdbp:/
# ntpq -p
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
 LOCAL(0)        LOCAL(0)         9 l   23   64   37     0.00    0.000  885.01
#10.1.1.200      .LOCL.           1 u   22   64   37     0.44   11.310  875.18
 s2cdbs          0.0.0.0         16 -    -   64    0     0.00    0.000 16000.0

What worst right now (after rebooting s2cdbs) i get these errors:

# ntpq -p          
loopback: timed out, nothing received
***Request timed out

root@s2cdbs:/
# refresh -s xntpd
0513-056 Timeout waiting for command response. If you specified a foreign host,
see the /etc/inittab file on the foreign host to verify that the SRC daemon
(srcmstr) was started with the -r flag to accept remote requests.

i checked the xntpd daemon on s2cdbs but its active!!

any clue?

Regards,
Khalid

 

[Gloups]

And when you ping it does it replies ?

Is there a firewall beteween them ?

Did ntpdate worked ?

 

[khalidaaa]

I can ping it with no problems

No there is no fireware

ntpdate didn't work!

 

[Gloups]

what does it replies when you try ntpq -p on the NTP server ?

 

[khalidaaa]

it showed this yesterday but today it seems to be fine i beleive

root@s1cdbp:/
# ntpq -p
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
 LOCAL(0)        LOCAL(0)         9 l   23   64   37     0.00    0.000  885.01
#10.1.1.200      .LOCL.           1 u   22   64   37     0.44   11.310  875.18
 s2cdbs          0.0.0.0         16 -    -   64    0     0.00    0.000 16000.0

This is what is showing now:

root@s2cdbs:/
# ntpq -p         
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
*LOCAL(0)        LOCAL(0)         9 l    5   64  377     0.00    0.000   10.01
 s1cdbp          s2cdbs          11 u  187 1024  376     0.46   -0.587   15.17

 

[Gloups]

Very strange, all seems to be good with your stratum 9 server.

Did you tried to start manaly ntpd on the client in debug mode to trace the requests to the server ?

 

[khalidaaa]

Thank you very much Gloups

you really helped me alot

sorry for bothering you with this as well but how can i start ntpd in debuggin mode?

i will try to look into that as well

 

[khalidaaa]

I've just issued the command:

xntpd -d

to set the daemon in debuggin mode but nothing appeared? how can i check that the xntpd has been set into debugging mode?

Regarads,
Khalid

 

[Gloups]

start xntpd not using startsrc

/usr/sbin/xntpd -ddd

the number of 'd' caracter refer to the debug level