On 11/11/2010 11:20 AM, tony.chamberlain at lemko.com wrote: > > Hello > > I am trying to sync via NTP locally (since I have no Internet access). > None of the NTP stuff I read on the net seems to work right. I mean it works fine setting up a client going to something like 0.pool.ntp.org but when I want to make my LInux box a server, and I do an ntpdate to it from another machine, > it says no suitable server found. I have tried every possible combination of restrict, broadcast, multicast. Followed directions in the examples but > nothing works. Also "iptables-save" shows no iptables stuff set at all, so there is no firewall blocking it. > > Maybe I could ask my question and someone could tell me how to configure? > > There are 4 machines: > > 1. 10.5.1.50 > 2. 10.5.0.20 / 192.168.1.100 > 3. 10.6.1.50 > 4. 10.6.0.20 / 192.168.1.101 > > The 10.5s cannot reach the 10.6s (except roundaboutly through the 192 > network). The two 192 machines are connected directly to each other. > You can get back and forth between them > > I want to set it up so that, and it doesn't matter which way), one of > the 191.168.1.X machines NTP syncs to the other, and then > the 10.5.1.50 syncs to 10.5.0.20 and the 10.6.1.20 syncs to 10.6.0.20. > How do I set the ntp.conf files? Remember there is no external internet > on any of the machines, and the 10.5 machines cannot reach the 10.6 machines and v.v. (except the 10.X.0.20 machines can reach each other through the 192 network). Also I am not allowed to use the 192 machines as routers for the 10.X.1.50 machines. I have 3 systems here that are my internal NTP servers. They are set up to go out and get time, and my clients all look to them for time. The files you need to work with are: For /etc/ntp.conf you need to control how your local clients interact with the server, like: restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap And protect your server from outside influence with: server 0.rhel.pool.ntp.org burst iburst restrict 0.rhel.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery In /etc/ntp/ntpservers you list your outside sources (or inside for the clients) eg: clock.redhat.com clock2.redhat.com /etc/sysconfig/ntpd controls updating your hardware clock: # Set to 'yes' to sync hw clock after successful ntpdate SYNC_HWCLOCK=yes Anyway for your clients to get time, you have to allow udp/tcp port 123 in your firewall and set up /etc/ntp.conf. (this message is a little scattered, as I am suppose to be listing to this presentation on comment resolution on the 802.15.4g ballot. boring).