Date: Sun, 18 Jun 2006 19:34:25 +1000 From: Nick Withers <nick@nickwithers.com> To: Charles Bacon <crtb@cape.com> Cc: questions@freebsd.org Subject: Re: Getting NTP (ntpd, ntpdate) to work Message-ID: <20060618193425.c07b9177.nick@nickwithers.com> In-Reply-To: <20060617211012.R54707@tomato.local> References: <20060617211012.R54707@tomato.local>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 17 Jun 2006 21:30:55 -0400 (EDT) Charles Bacon <crtb@cape.com> wrote: > Since FreeBSD 4.5-Release, I have been unable to get NTP working on > my two FreeBSD computers, one running 5.3Release and the other on > 6.1Release. I have done nothing with the GENERIC kernel on either > machine. I talk SSH between them, and have been running ntpd on > both, each naming the other as well as two external servers. > > My network is a typical home net, using 192.168.1/28, You mean /24 (i.e.: 255.255.255.0, Class C), yeah? > served by a DSL router which does NAT for my external traffic. > Internal comms. is through switches, plus one hub. Each computer > (plus some others running Windows) has easy access out, and is > invisible from the Internet exceptt for responses. > > Here's my ntp.conf, identical on my two computers: > > server ntp.cape.com > server ntp.ourconcord.net > driftfile /var/db/ntp.drift > logfile /var/log/ntplog > pidfile /var/run/ntpd.pid > logconfig =all > peer 192.168.1.3 > peer 192.168.1.2 (much comments removed) > > With mediocre diagnostic skill, I have finally discovered tcpdump. > It told me after much experiment, that the relevant port (NTP, 123) was > unreachable. This sounds significant, but I can't find a list of the > reachability of ports. Try netstat(1). "netstat -anp udp" might be of help in particular, here. > I've looked at ng*, mac_* and pf* and finally bpf*, and only the last seems > to exist in /dev. > > I had expected that GENERIC would impose only slight filtering somehow, > and certainly not shut off NTP! I guess I need help. If you've loaded a firewall such as IPFW in /etc/rc.conf a kernel module will be loaded for it, if it's not compiled statically into hte kernel already (which it isn't on GENERIC for either 5.3-RELEASE or 6.1-RELEASE). "kldstat" will list loaded modules (and the IPFW module is ipfw.ko). > Thanks for any help you can give, and I accept any opprobrium for trying > to be a sysadmin, even for my home boxen. > > Chuck Bacon -- crtb@cape.com > ABHOR SECRECY -- DEFEND PRIVACY -- Nick Withers email: nick@nickwithers.com Web: http://www.nickwithers.com Mobile: +61 414 397 446
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060618193425.c07b9177.nick>