Dear all,
I would need some advice as I am a beginner in CentOS.
The question is as follows:
How to set up timing if NTP was block by ISP?
I have try many way such as link the timezone , getting from the hardware clock.However , it is not the solution.
Please advice.
On 1/14/2014 11:56 PM, Ku Wei Xiong wrote:
How to set up timing if NTP was block by ISP?
your ISP doesn't have their own timeserver you can access??
I've never heard of an ISP blocking ntp protocol, unless they are blocking /everything/ but web and email via proxy, whereupon they aren't really an internet service provider, they are just a web-n-mail service provider.
From: John R Pierce pierce@hogranch.com
How to set up timing if NTP was block by ISP?
your ISP doesn't have their own timeserver you can access?? I've never heard of an ISP blocking ntp protocol, unless they are blocking /everything/ but web and email via proxy, whereupon they aren't really an internet service provider, they are just a web-n-mail service provider.
Maybe related to the (recent?) DDOS using ntp servers...?
JD
On Wed, Jan 15, 2014 at 5:53 AM, John Doe jdmls@yahoo.com wrote:
From: John R Pierce pierce@hogranch.com
How to set up timing if NTP was block by ISP?
your ISP doesn't have their own timeserver you can access?? I've never heard of an ISP blocking ntp protocol, unless they are blocking /everything/ but web and email via proxy, whereupon they aren't really an internet service provider, they are just a web-n-mail service provider.
Maybe related to the (recent?) DDOS using ntp servers...?
Sounds likely. ACLs like that are bad practice, but some people can get overzealous. Hopefully they're only temporary until the hosts running NTP have been further secured.
http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attac...
It is probably a good idea to call and complain to your ISP if this is happening to you.
As others mentioned, the OP might be able to sync time off their ISP's NTP servers (if provided). Or go with a GPS time source as John Pierce suggested.
First DNS attacks thanks to dns recursion, now NTP attacks due to time servers... ;)
JD _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
SilverTip257 wrote:
On Wed, Jan 15, 2014 at 5:53 AM, John Doe jdmls@yahoo.com wrote:
From: John R Pierce pierce@hogranch.com
How to set up timing if NTP was block by ISP?
your ISP doesn't have their own timeserver you can access?? I've never heard of an ISP blocking ntp protocol, unless they are blocking /everything/ but web and email via proxy, whereupon they aren't really an internet service provider, they are just a web-n-mail service provider.
Maybe related to the (recent?) DDOS using ntp servers...?
Sounds likely. ACLs like that are bad practice, but some people can get overzealous. Hopefully they're only temporary until the hosts running NTP have been further secured.
http://blog.cloudflare.com/understanding-and-mitigating-ntp-based-ddos-attac...
It is probably a good idea to call and complain to your ISP if this is happening to you.
As others mentioned, the OP might be able to sync time off their ISP's NTP servers (if provided). Or go with a GPS time source as John Pierce
suggested.
Missed the beginning of this thread. You did try to point to nist.gov? http://tf.nist.gov/tf-cgi/servers.cgi
mark
You can setup a your own NTP server following this howto: http://brainwreckedtech.wordpress.com/2008/08/25/howto-run-your-own-ntp-serv... and adapting it for CentOS, or you can use a workaround like trying to setup a cron job to run ntpdate every 15 minutes to sync system time with ntp.org public servers using unprivilleged port.
15 * * * * /usr/sbin/ntpdate -s -u -B pool.ntp.org
-s option tells ntpdate to print output to syslog; -u tells it to use unprivilleged port; -B tell it to adjust the time incrementally as oppose to instantly.
Then setup ntpd as a local ntp server for internal use. This ntpd uses it's localtime as the source instead of syncing from another ntp.org public server.
On Wed, Jan 15, 2014 at 8:56 AM, Ku Wei Xiong kuweixiong@gmail.com wrote:
Dear all,
I would need some advice as I am a beginner in CentOS.
The question is as follows:
How to set up timing if NTP was block by ISP?
I have try many way such as link the timezone , getting from the hardware clock.However , it is not the solution.
Please advice.
-- Regards, Ku Wei Xiong 0166365831 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On 1/15/2014 12:04 AM, Fabrizio Di Carlo wrote:
Then setup ntpd as a local ntp server for internal use. This ntpd uses it's localtime as the source instead of syncing from another ntp.org public server.
you also could hook up a simple GPS and configure your master NTP server to be a stratum 0 GPS referenced clock, then sync your other systems to it. down side, a GPS antenna needs a fairly clear view of the sky. it might work in a 1 story residence with a wooden roof, its not going to work at all buried in a multistory concrete and steel office building.
On 1/15/2014 00:56, Ku Wei Xiong wrote:
How to set up timing if NTP was block by ISP?
Perhaps your ISP is just blocking NTP servers outside your country.
I believe the telephone number you gave in your signature terminates in Thailand, so try using th.pool.ntp.org. That domain name will resolve to an IP that is in Thailand.
If my guess about your country is wrong, the same advice applies, except that you will of course need to seek out a different section of the NTP pool:
On , Warren Young wrote:
On 1/15/2014 00:56, Ku Wei Xiong wrote:
How to set up timing if NTP was block by ISP?
Perhaps your ISP is just blocking NTP servers outside your country.
I believe the telephone number you gave in your signature terminates in Thailand, so try using th.pool.ntp.org. That domain name will resolve to an IP that is in Thailand.
If my guess about your country is wrong, the same advice applies, except that you will of course need to seek out a different section of the NTP pool:
http://www.pool.ntp.org/ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
In addition to this, have you tried a google search for NTP servers that possible run on other ports. I mention this in case your ISP is truly blocking all NTP traffic.