[CentOS] Fwd: ntp help

Thu Nov 11 17:44:43 UTC 2010
John Kennedy <skebi69 at gmail.com>

On Thu, Nov 11, 2010 at 12:35, Robert Moskowitz <rgm at htt-consult.com> wrote:

> On 11/11/2010 11:20 AM, tony.chamberlain at lemko.com wrote:
> >
> > Hello
> >
> > I am trying to sync via NTP locally (since I have no Internet access).
> > None of the NTP stuff I read on the net seems to work right.  I mean it
> works fine setting up a client going to something like 0.pool.ntp.org but
> when I want to make my LInux box a server, and I do an ntpdate to it from
> another machine,
> > it says no suitable server found.  I have tried every possible
> combination of restrict, broadcast, multicast.  Followed directions in the
> examples but
> > nothing works.  Also "iptables-save" shows no iptables stuff set at all,
> so there is no firewall blocking it.
> >
> > Maybe I could ask my question and someone could tell me how to configure?
> >
> > There are 4 machines:
> >
> > 1. 10.5.1.50
> > 2. 10.5.0.20 / 192.168.1.100
> > 3. 10.6.1.50
> > 4. 10.6.0.20 / 192.168.1.101
> >
> > The 10.5s cannot reach the 10.6s (except roundaboutly through the 192
> > network).  The two 192 machines are connected directly to each other.
> > You can get back and forth between them
> >
> > I want to set it up so that, and it doesn't matter which way), one of
> > the 191.168.1.X machines NTP syncs to the other, and then
> > the 10.5.1.50 syncs to 10.5.0.20 and the 10.6.1.20 syncs to 10.6.0.20.
> > How do I set the ntp.conf files?  Remember there is no external internet
> > on any of the machines, and the 10.5 machines cannot reach the 10.6
> machines and v.v. (except the 10.X.0.20 machines can reach each other
> through the 192 network).  Also I am not allowed to use the 192 machines as
> routers for the 10.X.1.50 machines.
>
> I have 3 systems here that are my internal NTP servers.  They are set up
> to go out and get time, and my clients all look to them for time.
>
> The files you need to work with are:
>
> For /etc/ntp.conf you need to control how your local clients interact
> with the server, like:
>
> restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap
>
> And protect your server from outside influence with:
>
> server 0.rhel.pool.ntp.org burst iburst
> restrict 0.rhel.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
>
> In /etc/ntp/ntpservers you list your outside sources (or inside for the
> clients) eg:
>
> clock.redhat.com
> clock2.redhat.com
>
> /etc/sysconfig/ntpd controls updating your hardware clock:
>
> # Set to 'yes' to sync hw clock after successful ntpdate
> SYNC_HWCLOCK=yes
>
> Anyway for your clients to get time, you have to allow udp/tcp port 123
> in your firewall and set up /etc/ntp.conf.
>
> (this message is a little scattered, as I am suppose to be listing to
> this presentation on comment resolution on the 802.15.4g ballot.  boring).
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


To fit this in a bit with your set up. Have your 192.168.1.100 box be your
main time server. Have .101 be secondary, getting time from .100. Then each
of the respective 10.5/6 boxes can get their time from their attached
server.
Robert's info can be modified for this...
John

-- 
 John Kennedy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20101111/aea9948b/attachment-0005.html>