| View previous topic :: View next topic |
| Author |
Message |
don quixada
l33t
Joined: 15 May 2003
Posts: 790
|
 Posted: Fri Apr 29, 2016 1:15 am Post subject: |
 |
|
Ok, I disabled the logging to dmesg for shorewall. And I also opened the UDP port 123 but ntpd still reports a crashed status after being started...
dq |
|
| Back to top |
|
 |
ct85711
Veteran
Joined: 27 Sep 2005
Posts: 1791
|
| Posted: Fri Apr 29, 2016 4:47 am Post subject: |
|
|
now, the one thing we haven't considered, is if this crashed state is actually correct or not...
one test we can do, and may give us direct confirmation of what ntpd is actually doing it, run it our selves (in the foreground) and watch the messages.
Now, for me I am using the openntpd-5.9_p1 package (version shouldn't matter, but that I am using openntpd may affect the options, so you may want to double check them in the man page).
So what you should do, is first: turn off ntpd (/etc/init.d/ntpd stop works well enough).
second, as root run ntpd -d -v
for me, the man page states:
| Code: | The options are as follows:
-d Do not daemonize. If this option is specified, ntpd will run
in the foreground and log to stderr.
-f file Use file as the configuration file, instead of the default
/etc/ntpd.conf.
-n Configtest mode. Only check the configuration file for
validity.
-p file Write pid to file
-S Do not set the time immediately at startup. This is the
default.
-s Try to set the time immediately at startup, as opposed to
slowly adjusting the clock. ntpd will stay in the foreground
for up to 15 seconds waiting for one of the configured NTP
servers to reply.
-v This option allows ntpd to send DEBUG priority messages to
syslog.
|
a sample, of what the output I had on my screen showed
| Code: | Oate ct85711 # ntpd -dv
ntp engine ready
peer 96.44.154.34 now valid
peer 108.59.2.24 now valid
peer 4.53.160.75 now valid
peer 52.10.158.52 now valid
peer 2001:418:3ff::1:53 now valid
peer 107.170.224.8 now valid
peer 129.250.35.251 now valid
peer 74.117.214.3 now valid
peer 2600:3c00::f03c:91ff:fe89:8d0b now valid
peer 204.9.54.119 now valid
peer 54.236.224.171 now valid
peer 128.138.141.172 now valid
peer 24.56.178.140 now valid
peer 209.114.111.1 now valid
peer 64.6.144.6 now valid
peer 108.61.73.243 now valid
peer 2607:fa18::2407 now valid
peer 2600:3c00::e:d0bb now valid
peer 104.131.53.252 now valid
peer 66.228.42.59 now valid
peer 24.56.178.140 now invalid
clock is now synced
peer 24.56.178.140 now valid
^Cntp engine exiting
Terminating
|
Note: I don't have anything special in my ntpd.conf file, only thing is servers [0-3].gentoo.pool.ntp.org (so basically, a default configuration).
Leave the console window open, and watch to see if it does crash and what messages it gives (do give up a copy of the output when it crashes, doesn't need to be everything but like last 50 or so lines would start, I'm assuming earlier than the final message may give more information, hence the 50, though you can do more).
Edit: I did not check my syslog messages to see if that posted any information when I ran using the -v option, so may want to check that too just in case. |
|
| Back to top |
|
|
don quixada
l33t
Joined: 15 May 2003
Posts: 790
|
| Posted: Sat Apr 30, 2016 1:14 am Post subject: |
|
|
Here's what seems to be the equivalent of what you posted:
| Code: | # ntpd -q
29 Apr 21:09:42 ntpd[29316]: ntpd 4.2.8p6@1.3265-o Tue Apr 26 16:00:17 UTC 2016 (1): Starting
29 Apr 21:09:42 ntpd[29316]: Command line: ntpd -q
29 Apr 21:09:42 ntpd[29316]: proto: precision = 0.119 usec (-23)
29 Apr 21:09:42 ntpd[29316]: Listen and drop on 0 v6wildcard [::]:123
29 Apr 21:09:42 ntpd[29316]: Listen and drop on 1 v4wildcard 0.0.0.0:123
29 Apr 21:09:42 ntpd[29316]: Listen normally on 2 lo 127.0.0.1:123
29 Apr 21:09:42 ntpd[29316]: Listen normally on 3 enp3s0 192.168.1.151:123
29 Apr 21:09:42 ntpd[29316]: Listen normally on 4 lo [::1]:123
29 Apr 21:09:42 ntpd[29316]: Listen normally on 5 enp3s0 [fe80::62a4:4cff:fe64:1a90%2]:123
29 Apr 21:09:42 ntpd[29316]: Listening on routing socket on fd #22 for interface updates
29 Apr 21:09:43 ntpd[29316]: ntpd: time slew -0.007117 s
ntpd: time slew -0.007117s |
I tried to raise the debug level but it doesn't seem to affect anything. Not sure what the above means and it doesn't seem to show an error... It exited by itself.
dq |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3133
|
| Posted: Sat Apr 30, 2016 11:04 am Post subject: |
|
|
Try this and see what happens:
busybox ntpd -w
if it fails, keep looking for problems in your network configuration. If it works, it will most likely be an issue with the ntpd binary itself, linking, or (less likely, as it's really hard to screw up) config files.
Note: it may fail with a message like "ntpd: bad address <xxx>". Resolve it manually and launch the below instead:
busybox ntpd -w -p <ip of ntp server>
Also, if you have customized the configs, test it with gentoo's default servers too: [0-3].gentoo.pool.ntp.org |
|
| Back to top |
|
|
don quixada
l33t
Joined: 15 May 2003
Posts: 790
|
| Posted: Sat Apr 30, 2016 1:41 pm Post subject: |
|
|
Ok, so I get the following output:
| Code: |
# busybox ntpd -w -p 0.gentoo.pool.ntp.org
ntpd: bad address '0.gentoo.pool.ntp.org' |
But if I used the ip-address for that domain I get:
| Code: |
# busybox ntpd -w -p 199.204.45.235
ntpd: reply from 199.204.45.235: offset:+0.002984 delay:0.042645 status:0x24 strat:2 refid:0x96cb9618 rootdelay:0.018219 reach:0x01
ntpd: reply from 199.204.45.235: offset:+0.003082 delay:0.038158 status:0x24 strat:2 refid:0x96cb9618 rootdelay:0.018219 reach:0x03
|
I am using OpenDNS for my dns servers and maybe it's blocking the domain name but if I can ping the domain name then it isn't blocked right? Anyway I added the 0.gentoo.pool.ntp.org domain to my whitelist and disabled all domain blocking and the problem is still happening.
Also, I added 199.204.45.235 to my ntp.conf in the servers list but there was no change.
The weird thing is that it was actually working for a bit without changing any of my settings but now, after a reboot, it crashes immediately again.
dq |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3133
|
| Posted: Sat Apr 30, 2016 3:44 pm Post subject: |
|
|
I suppose busybox fails to notice that address is a domain name rather than IP because it starts with a digit. 
Anyway, the second output shows it's working. So it's definitely related to the ntp binaries you're using and _NOT_ a network issue. And as a side note, your clock's drift is minimal, so it doesn't make a reason for ntpd to give up.
In fact the drift is so small it makes me think your ntpd is running. Have you grepped through running processes?
if it really does crashes.. well, maybe you will find something useful here:
1) stick with busybox (it supports both, client and daemon mode), just modify/replace init scripts
2) fix the implementation you have. Perhaps rebuilding this stuff:
| Code: | # bjdump -p $(which ntpd) | grep NEEDED
NEEDED libm.so.6
NEEDED libcrypto.so.1.0.0
NEEDED libdns_sd.so.1
NEEDED libpthread.so.0
NEEDED libc.so.6
|
3) try debugging it first. I can't help much with this though. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
