NTP
list Kevin
Hi all, Can someone tell me how to get the NTP test to work? I get an error when I try it saying something like " a suitable time server could not be found". I get the impression that I need to specify MY time server in some config file somewhere but I cannot find where that is. Any help appreciated. Kevin
list Rob MacGregor
▸
On 11/12/06, Kevin <user-a004b26f09c6@xymon.invalid> wrote:
Hi all, Can someone tell me how to get the NTP test to work? I get an error when I try it saying something like " a suitable time server could not be found". I get the impression that I need to specify MY time server in some config file somewhere but I cannot find where that is. Any help appreciated.
A quick eyeball of the output suggests it uses:
ntpdate -u -q -p 2 HOST_IP 2>&1
Try su-ing to the user you run hobbit as and try the command.
--
Please keep list traffic on the list.
Rob MacGregor
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche
list Kevin
Thanks for the feedback Rob. I tried what you said and it doesn't matter. This is being run from the main Hobbit server. The problem seems to be with iptables on the client. When I shut off iptables on the client it works just fine so the query from the hobbit server to the client is being blocked. This is what the server says: server 10.164.138.60, stratum 0, offset 0.000000, delay 0.00000 12 Nov 11:31:32 ntpdate[26628]: no server suitable for synchronization found It looks like it is trying to use port 26628. Got any ideas how I specify the port to use (and exactly where that is specified in Hobbit) so I can allow for it in the client iptables config? Thanks kevin
▸
Rob MacGregor wrote:On 11/12/06, Kevin <user-a004b26f09c6@xymon.invalid> wrote:Hi all, Can someone tell me how to get the NTP test to work? I get an error when I try it saying something like " a suitable time server could not be found". I get the impression that I need to specify MY time server in some config file somewhere but I cannot find where that is. Any help appreciated.A quick eyeball of the output suggests it uses: ntpdate -u -q -p 2 HOST_IP 2>&1 Try su-ing to the user you run hobbit as and try the command.
list Dan Vande More
26628 in this case is the pid. ntp always has an destination port of 123 so you can write your iptables rule with that.
▸
On 11/12/06, Kevin <user-a004b26f09c6@xymon.invalid> wrote:Thanks for the feedback Rob. I tried what you said and it doesn't matter. This is being run from the main Hobbit server. The problem seems to be with iptables on the client. When I shut off iptables on the client it works just fine so the query from the hobbit server to the client is being blocked. This is what the server says: server 10.164.138.60, stratum 0, offset 0.000000, delay 0.00000 12 Nov 11:31:32 ntpdate[26628]: no server suitable for synchronization found It looks like it is trying to use port 26628. Got any ideas how I specify the port to use (and exactly where that is specified in Hobbit) so I can allow for it in the client iptables config? Thanks kevin Rob MacGregor wrote:On 11/12/06, Kevin <user-a004b26f09c6@xymon.invalid> wrote:Hi all, Can someone tell me how to get the NTP test to work? I get an error when I try it saying something like " a suitable time server could not be found". I get the impression that I need to specify MY time server in some config file somewhere but I cannot find where that is. Any help appreciated.A quick eyeball of the output suggests it uses: ntpdate -u -q -p 2 HOST_IP 2>&1 Try su-ing to the user you run hobbit as and try the command.
list Rob MacGregor
▸
On 11/12/06, Kevin <user-a004b26f09c6@xymon.invalid> wrote:
Thanks for the feedback Rob. I tried what you said and it doesn't matter. This is being run from the main Hobbit server. The problem seems to be with iptables on the client. When I shut off iptables on the client it works just fine so the query from the hobbit server to the client is being blocked. This is what the server says: server 10.164.138.60, stratum 0, offset 0.000000, delay 0.00000 12 Nov 11:31:32 ntpdate[26628]: no server suitable for synchronization found It looks like it is trying to use port 26628.
That's the process id :) Check the iptables config on the clients and ensure that they allow the hobbit server to communicate to port 123/UDP.
▸
--
Please keep list traffic on the list.
Rob MacGregor
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche
list Henrik Størner
▸
On Sun, Nov 12, 2006 at 10:50:01AM -0600, Dan Vande More wrote:
26628 in this case is the pid. ntp always has an destination port of 123 so you can write your iptables rule with that.
Two other things to remember:
1) ntp uses UDP, not tcp. So your iptables rule should be something like
iptables -A INPUT -p udp --destination-port 123 -s ip.of.hobbit.server -j ACCEPT
2) The ntp.conf on the host you want to check must be setup to allow
queries by the Hobbit server.
Regards,
Henrik
list Kevin
Gentlemen, As always, the feedback here is outstanding. I forgot that ntp uses UDP and I wrote a rule using TCP! When I changed it to UDP, it all started working. Thanks kevin
▸
Henrik Stoerner wrote:On Sun, Nov 12, 2006 at 10:50:01AM -0600, Dan Vande More wrote:26628 in this case is the pid. ntp always has an destination port of 123 so you can write your iptables rule with that.Two other things to remember: 1) ntp uses UDP, not tcp. So your iptables rule should be something like iptables -A INPUT -p udp --destination-port 123 -s ip.of.hobbit.server -j ACCEPT 2) The ntp.conf on the host you want to check must be setup to allow queries by the Hobbit server. Regards, Henrik
list Kevin
Henrik, How did you get the VMIO test to work? I added it to the clientlaunch just like all the others but all I get is a green dot on the display with no data. gat any ideas? Regards
▸
Kevin
Henrik Stoerner wrote:On Sun, Nov 12, 2006 at 10:50:01AM -0600, Dan Vande More wrote:26628 in this case is the pid. ntp always has an destination port of 123 so you can write your iptables rule with that.Two other things to remember: 1) ntp uses UDP, not tcp. So your iptables rule should be something like iptables -A INPUT -p udp --destination-port 123 -s ip.of.hobbit.server -j ACCEPT 2) The ntp.conf on the host you want to check must be setup to allow queries by the Hobbit server. Regards, Henrik