Date: Tue, 07 Apr 2015 09:17:30 -0500 From: dweimer <dweimer@dweimer.net> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: NTPD in jail Message-ID: <8ee743046ce9a8e9e7e6359150fbfa1e@dweimer.net>
next in thread | raw e-mail | index | archive | help
I understand that a jail can't update the servers time, but I recently migrated a physical FreeBSD machine into a FreeBSD jail. That machine was one of the 3 machines that I ran NTPD on to sync to internet time servers, and pointed my internal machines at. I have configured the host to sync to the internet time servers. And setup the jail to only have the fake fudge 127.127.1.0 server, figuring that the host ntpd process would keep the server synced and this would allow the internal clients to sync to it without having to change them all to point at the hosts IP address instead. I have both processes limited to the correct external IPs to avoid port conflicts, however the jails NTPD service periodically fails, the only log entries I see are the "Apr 7 09:01:27 proxy1 ntpd[48446]: local_clock: ntp_loopfilter.c line 709: ntp_adjtime: Operation not permitted" but at some point it's no longer running to answer query's. I plan to add DNS CNAMEs for NTP1, NTP2, NTP3 to reference the NTP servers from the clients and update the CNAMEs if hosts change in the future. In the short term to make sure clients don't lose their time sync does anyone have a work around that will allow NTPD to run on the jail? -- Thanks, Dean E. Weimer http://www.dweimer.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8ee743046ce9a8e9e7e6359150fbfa1e>