<br><br><div class="gmail_quote">On Thu, Nov 11, 2010 at 12:35, Robert Moskowitz <span dir="ltr"><<a href="mailto:rgm@htt-consult.com">rgm@htt-consult.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div></div><div class="h5">On 11/11/2010 11:20 AM, <a href="mailto:tony.chamberlain@lemko.com">tony.chamberlain@lemko.com</a> wrote:<br>
><br>
> Hello<br>
><br>
> I am trying to sync via NTP locally (since I have no Internet access).<br>
> None of the NTP stuff I read on the net seems to work right. I mean it works fine setting up a client going to something like <a href="http://0.pool.ntp.org" target="_blank">0.pool.ntp.org</a> but when I want to make my LInux box a server, and I do an ntpdate to it from another machine,<br>
> it says no suitable server found. I have tried every possible combination of restrict, broadcast, multicast. Followed directions in the examples but<br>
> nothing works. Also "iptables-save" shows no iptables stuff set at all, so there is no firewall blocking it.<br>
><br>
> Maybe I could ask my question and someone could tell me how to configure?<br>
><br>
> There are 4 machines:<br>
><br>
> 1. 10.5.1.50<br>
> 2. 10.5.0.20 / 192.168.1.100<br>
> 3. 10.6.1.50<br>
> 4. 10.6.0.20 / 192.168.1.101<br>
><br>
> The 10.5s cannot reach the 10.6s (except roundaboutly through the 192<br>
> network). The two 192 machines are connected directly to each other.<br>
> You can get back and forth between them<br>
><br>
> I want to set it up so that, and it doesn't matter which way), one of<br>
> the 191.168.1.X machines NTP syncs to the other, and then<br>
> the 10.5.1.50 syncs to 10.5.0.20 and the 10.6.1.20 syncs to 10.6.0.20.<br>
> How do I set the ntp.conf files? Remember there is no external internet<br>
> on any of the machines, and the 10.5 machines cannot reach the 10.6 machines and v.v. (except the 10.X.0.20 machines can reach each other through the 192 network). Also I am not allowed to use the 192 machines as routers for the 10.X.1.50 machines.<br>
<br>
</div></div>I have 3 systems here that are my internal NTP servers. They are set up<br>
to go out and get time, and my clients all look to them for time.<br>
<br>
The files you need to work with are:<br>
<br>
For /etc/ntp.conf you need to control how your local clients interact<br>
with the server, like:<br>
<br>
restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap<br>
<br>
And protect your server from outside influence with:<br>
<br>
server <a href="http://0.rhel.pool.ntp.org" target="_blank">0.rhel.pool.ntp.org</a> burst iburst<br>
restrict <a href="http://0.rhel.pool.ntp.org" target="_blank">0.rhel.pool.ntp.org</a> mask 255.255.255.255 nomodify notrap noquery<br>
<br>
In /etc/ntp/ntpservers you list your outside sources (or inside for the<br>
clients) eg:<br>
<br>
<a href="http://clock.redhat.com" target="_blank">clock.redhat.com</a><br>
<a href="http://clock2.redhat.com" target="_blank">clock2.redhat.com</a><br>
<br>
/etc/sysconfig/ntpd controls updating your hardware clock:<br>
<br>
# Set to 'yes' to sync hw clock after successful ntpdate<br>
SYNC_HWCLOCK=yes<br>
<br>
Anyway for your clients to get time, you have to allow udp/tcp port 123<br>
in your firewall and set up /etc/ntp.conf.<br>
<br>
(this message is a little scattered, as I am suppose to be listing to<br>
this presentation on comment resolution on the 802.15.4g ballot. boring).<br>
<div><div></div><div class="h5"><br>
<br>
_______________________________________________<br>
CentOS mailing list<br>
<a href="mailto:CentOS@centos.org">CentOS@centos.org</a><br>
<a href="http://lists.centos.org/mailman/listinfo/centos" target="_blank">http://lists.centos.org/mailman/listinfo/centos</a><br>
</div></div></blockquote></div><br><br><div>To fit this in a bit with your set up. Have your 192.168.1.100 box be your main time server. Have .101 be secondary, getting time from .100. Then each of the respective 10.5/6 boxes can get their time from their attached server.</div>
<div>Robert's info can be modified for this...</div><div>John<br clear="all"><br>-- <br> John Kennedy<br><br>
</div>