[CentOS] CentOs 5.6 and Time Sync

Wed Apr 13 21:07:36 UTC 2011
Denniston, Todd A CIV NAVSURFWARCENDIV Crane <todd.denniston at navy.mil>


> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Mailing List
> Sent: Wednesday, April 13, 2011 16:23
> To: CentOS mailing list
> Subject: Re: [CentOS] CentOs 5.6 and Time Sync
> 
>   /etc/ntp;
> 
> restrict default kod nomodify notrap nopeer noquery
> restrict -6 default kod nomodify notrap nopeer noquery
> restrict 127.0.0.1
> restrict -6 ::1
> server 0.centos.pool.ntp.org
> server 1.centos.pool.ntp.org
> server 2.centos.pool.ntp.org
> server  127.127.1.0     # local clock
> fudge   127.127.1.0 stratum 10
> driftfile /var/lib/ntp/drift
> keys /etc/ntp/keys
> 
> There is no /etc/ntp/ntpservers
> 
> /etc/ntp/step-tickers is an empty file.
> 
> /var/lib/ntp/drift;
>    -65.219
> 
> I have no /var/log/ntpd.log
> 
> /varlog/messages;  This is the log using stock updated kernel.
> 
> Apr 12 03:32:35 Server ntpd[2797]: synchronized to LOCAL(0), stratum
10
> Apr 12 03:33:36 Server ntpd[2797]: synchronized to 173.9.142.98,
> stratum 2
> Apr 12 15:51:56 Server ntpd[2797]: time reset +43208.248852 s

Wow! That is a big jump.

> Apr 12 15:51:56 Server ntpd[2797]: kernel time sync enabled 0001
> Apr 12 15:56:03 Server ntpd[2797]: synchronized to LOCAL(0), stratum
10
> Apr 12 15:56:26 Server ntpd[2797]: synchronized to 169.229.70.183,
> stratum 3
> Apr 12 16:00:22 Server ntpd[2797]: synchronized to 173.9.142.98,
> stratum 2
> Apr 12 16:16:59 Server ntpd[2797]: synchronized to 169.229.70.183,
> stratum 2
> Apr 12 16:16:57 Server ntpd[2797]: time reset -1.830305 s
> Apr 12 16:20:27 Server ntpd[2797]: synchronized to LOCAL(0), stratum
10

<SNIP log of ntpd jumping from server to server (fairly often) including
LOCAL host> 

It seems that the connections to the external ntp servers are not good
enough to keep you off LOCAL, and once on local you will drift at the
rate the system last had, and that drift rate can be quite large when
the system is first trying to come into sync. (and often quite a bit
larger than the steady state drift rate once synced)

> 
>    Selinux is disabled, and just a note also. This is a stock install
> of
> of ntp. I never had to do any fudging with it cause it just worked up
> until the update.
> 
>   I also have no /var/log/audit/audit.log.
> 
> tia.
> 
> Brian

We still don't know why the machine is losing time, but it might help to
have some more data to compare with
IIRC you indicated you had two other servers in your environment that
were still keeping time good...
I would suggest adding something like:
echo "server myotherserver" >> /etc/ntp.conf
echo "restrict myotherserver mask 255.255.255.255 notrap" >>
/etc/ntp.conf

you may also have to add restrict a line on "myotherserver" such that
your "timeloosingserver" can get info, i.e. on myotherserver
echo "restrict timeloosingserver mask 255.255.255.255 nomodify notrap"
>> /etc/ntp.conf

[please evaluate the above restrict lines to verify they are good enough
security for your environment, I am doing them from memory]

so that you have a local host which is not bouncing all over the place,
with respect to connectivity, to check against.