On Thu, Nov 11, 2010 at 12:35, Robert Moskowitz <rgm at htt-consult.com> wrote: > On 11/11/2010 11:20 AM, tony.chamberlain at lemko.com wrote: > > > > Hello > > > > I am trying to sync via NTP locally (since I have no Internet access). > > None of the NTP stuff I read on the net seems to work right. I mean it > works fine setting up a client going to something like 0.pool.ntp.org but > when I want to make my LInux box a server, and I do an ntpdate to it from > another machine, > > it says no suitable server found. I have tried every possible > combination of restrict, broadcast, multicast. Followed directions in the > examples but > > nothing works. Also "iptables-save" shows no iptables stuff set at all, > so there is no firewall blocking it. > > > > Maybe I could ask my question and someone could tell me how to configure? > > > > There are 4 machines: > > > > 1. 10.5.1.50 > > 2. 10.5.0.20 / 192.168.1.100 > > 3. 10.6.1.50 > > 4. 10.6.0.20 / 192.168.1.101 > > > > The 10.5s cannot reach the 10.6s (except roundaboutly through the 192 > > network). The two 192 machines are connected directly to each other. > > You can get back and forth between them > > > > I want to set it up so that, and it doesn't matter which way), one of > > the 191.168.1.X machines NTP syncs to the other, and then > > the 10.5.1.50 syncs to 10.5.0.20 and the 10.6.1.20 syncs to 10.6.0.20. > > How do I set the ntp.conf files? Remember there is no external internet > > on any of the machines, and the 10.5 machines cannot reach the 10.6 > machines and v.v. (except the 10.X.0.20 machines can reach each other > through the 192 network). Also I am not allowed to use the 192 machines as > routers for the 10.X.1.50 machines. > > I have 3 systems here that are my internal NTP servers. They are set up > to go out and get time, and my clients all look to them for time. > > The files you need to work with are: > > For /etc/ntp.conf you need to control how your local clients interact > with the server, like: > > restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap > > And protect your server from outside influence with: > > server 0.rhel.pool.ntp.org burst iburst > restrict 0.rhel.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery > > In /etc/ntp/ntpservers you list your outside sources (or inside for the > clients) eg: > > clock.redhat.com > clock2.redhat.com > > /etc/sysconfig/ntpd controls updating your hardware clock: > > # Set to 'yes' to sync hw clock after successful ntpdate > SYNC_HWCLOCK=yes > > Anyway for your clients to get time, you have to allow udp/tcp port 123 > in your firewall and set up /etc/ntp.conf. > > (this message is a little scattered, as I am suppose to be listing to > this presentation on comment resolution on the 802.15.4g ballot. boring). > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > To fit this in a bit with your set up. Have your 192.168.1.100 box be your main time server. Have .101 be secondary, getting time from .100. Then each of the respective 10.5/6 boxes can get their time from their attached server. Robert's info can be modified for this... John -- John Kennedy -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20101111/aea9948b/attachment-0005.html>