OpenNTPD not working
-
2.0-RELEASE (i386) built on Tue Sep 13 18:02:53 EDT 2011
ps waux | grep ntpd
root 38990 0.0 0.6 3656 1392 ?? S 11:29AM 0:00.01 sh -c ps waux | grep ntpd
root 39339 0.0 0.2 544 404 ?? R 11:29AM 0:00.00 grep ntpd
_ntp 54309 0.0 0.5 3316 1328 ?? S 11:08AM 0:00.04 ntpd: ntp engine (ntpd)
root 54493 0.0 0.6 3316 1352 ?? Ss 11:08AM 0:00.00 ntpd: [priv] (ntpd)But when I do
/usr/sbin/ntpdate -d 192.168.44.254
28 Sep 11:30:08 ntpdate[1020]: ntpdate 4.2.4p7@1.1607 Fri Jun 26 06:39:17 UTC 2009 (1)
Looking for host 192.168.44.254 and service ntp
host found : mistress.local
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
192.168.44.254: Server dropped: Leap not in sync
server 192.168.44.254, port 123
stratum 4, precision -28, leap 11, trust 000
refid [192.168.44.254], delay 0.02670, dispersion 0.00011
transmitted 4, in filter 4
reference time: d22dbb9f.4d56afff Wed, Sep 28 2011 11:28:31.302
originate timestamp: d22dbc00.6e7037ff Wed, Sep 28 2011 11:30:08.431
transmit timestamp: d22dbc00.8eea747d Wed, Sep 28 2011 11:30:08.558
filter delay: 0.02791 0.02769 0.02771 0.02670
0.00000 0.00000 0.00000 0.00000
filter offset: -0.12735 -0.12753 -0.12723 -0.12741
0.000000 0.000000 0.000000 0.000000
delay 0.02670, dispersion 0.00011
offset -0.12741228 Sep 11:30:08 ntpdate[1020]: no server suitable for synchronization found
???
ADD: when I tell NTPD to shutdown from the services menu, the logs say…
Sep 28 11:38:58 php: /pkg_edit.php: OpenNTPD is starting up.
ps waux | grep ntpd
root 2842 0.0 0.6 3656 1468 ?? S 11:40AM 0:00.01 sh -c ps waux | grep ntpd
root 3010 0.0 0.2 1812 560 ?? R 11:40AM 0:00.00 grep ntpd
_ntp 8394 0.0 0.5 3316 1328 ?? S 11:38AM 0:00.01 ntpd: ntp engine (ntpd)
root 8950 0.0 0.6 3316 1352 ?? Ss 11:38AM 0:00.00 ntpd: [priv] (ntpd)so it also won't shutdown.
-
This is my latest info. I also NOTE: there is nothing in the 'status-system logs- OpenNTPD'.
/usr/sbin/ntpdate -d 192.168.44.254
28 Sep 12:13:13 ntpdate[6612]: ntpdate 4.2.4p7@1.1607 Fri Jun 26 06:39:17 UTC 2009 (1)
Looking for host 192.168.44.254 and service ntp
host found : mistress.home
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
192.168.44.254: Server dropped: Leap not in sync
server 192.168.44.254, port 123
stratum 3, precision -28, leap 11, trust 000
refid [192.168.44.254], delay 0.02684, dispersion 0.00009
transmitted 4, in filter 4
reference time: d22dc617.b087ffff Wed, Sep 28 2011 12:13:11.689
originate timestamp: d22dc618.f6e9cfff Wed, Sep 28 2011 12:13:12.964
transmit timestamp: d22dc619.288a47ec Wed, Sep 28 2011 12:13:13.158
filter delay: 0.02785 0.02698 0.02684 0.02693
0.00000 0.00000 0.00000 0.00000
filter offset: -0.19428 -0.19465 -0.19444 -0.19452
0.000000 0.000000 0.000000 0.000000
delay 0.02684, dispersion 0.00009
offset -0.19444828 Sep 12:13:13 ntpdate[6612]: no server suitable for synchronization found
-
Hmm, …is mistress.home a.k.a. (192.168.44.254) a stratum 1 server?
If no, you should select an internet host ip with a NTP server preferably a stratum higher than 3 (1 is the highest level).I modded my release box to get ntp working the way I like it.
These are my personal modifications. (It works for me... no guaranties)
I've selected both "LAN" and "localhost" in the "OpenNTPD" menu in the web GUI.Replace the default "function system_ntp_configure()" code with this code, located in \etc\inc\system.inc
function system_ntp_configure() { global $config, $g; $ntpcfg = "# \n"; $ntpcfg .= "# pfSense OpenNTPD configuration file \n"; $ntpcfg .= "# \n\n"; $ntpcfg .= "# \n"; $ntpcfg .= "# Sync to public primairy server stratum 1 \n"; $ntpcfg .= "server 0.nl.pool.ntp.org iburst maxpoll 9\n"; $ntpcfg .= "server 1.nl.pool.ntp.org iburst maxpoll 9\n"; $ntpcfg .= "server 2.nl.pool.ntp.org iburst maxpoll 9\n"; $ntpcfg .= "server 3.nl.pool.ntp.org iburst maxpoll 9\n"; $ntpcfg .= "# \n\n"; /* foreach through servers and write out to ntpd.conf */ foreach (explode(' ', $config['system']['timeservers']) as $ts) { $ntpcfg .= "servers {$ts}\n"; } /* Setup listener(s) if the user has configured one */ if ($config['installedpackages']['openntpd']) { /* server config is in coregui1 */ $xmlsettings = $config['installedpackages']['openntpd']['config'][0]; if ($xmlsettings['enable'] == 'on') { $ifaces = explode(',', $xmlsettings['interface']); $ifaces = array_map('get_real_interface', $ifaces); $ifaces = array_filter($ifaces, 'does_interface_exist'); $ips = array_map('find_interface_ip', $ifaces); foreach ($ips as $ip) { if (is_ipaddr($ip)) $ntpcfg .= "listen on $ip\n"; } } } $ntpcfg .= "\n"; /* open configuration for wrting or bail */ $fd = fopen("{$g['varetc_path']}/ntpd.conf","w"); if(!$fd) { log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing"); return; } fwrite($fd, $ntpcfg); /* slurp! */ fclose($fd); /* if openntpd is running, kill it */ while(is_process_running("ntpd")) { killbyname("ntpd"); } /* if /var/empty does not exist, create it */ if(!is_dir("/var/empty")) exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/."); if ($g['booting']) return; /* start opentpd, set time now and use /var/etc/ntpd.conf */ exec("ntpd -c {$g['varetc_path']}/ntpd.conf -f /var/db/ntpd.drift -p /var/run/ntpd.pid -l {$g['varlog_path']}/ntpd.log"); // Note that we are starting up exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log"); }
It will use dutch (NL) servers to connect to, in order to retrieve the NTP-time more quickly on first start.
replace NL in "server 0.nl.pool.ntp.org iburst maxpoll 9/n" with something more suitable for your country in the first lines in the above modded code.My system (web GUI) timeserver settings are:
"nl.pool.ntp.org de.pool.ntp.org europe.pool.ntp.org"
Located and entered via web GUI : "System: General Setup" NTP time server.
This page is also used to "restart the NTPservice" with correct PIDfile press "save" to apply modification and also kill and restart NTPd.I have not located the bootup process yet. (so this won't start automatically after bootup has finished.)
(the dashboard widget will show the "NTP clock sync" service as stopped after a reboot)After the mod my "/var/etc/ntpd.conf" looks like this:
# # pfSense OpenNTPD configuration file # # # Sync to public primairy server stratum 1 server 0.nl.pool.ntp.org iburst maxpoll 9 server 1.nl.pool.ntp.org iburst maxpoll 9 server 2.nl.pool.ntp.org iburst maxpoll 9 server 3.nl.pool.ntp.org iburst maxpoll 9 # servers nl.pool.ntp.org servers de.pool.ntp.org servers europe.pool.ntp.org listen on 192.168.0.1 listen on 127.0.0.1
You can test ntp is working from the console with :
[2.0-RELEASE][root@pfsense.home]/(7): ntpdc ntpdc> help ntpdc commands: addpeer controlkey fudge keytype quit timeout addrefclock ctlstats help listpeers readkeys timerstats addserver debug host loopinfo requestkey traps addtrap delay hostnames memstats reset trustedkey authinfo delrestrict ifreload monlist reslist unconfig broadcast disable ifstats passwd restrict unrestrict clkbug dmpeers iostats peers showpeer untrustedkey clockstat enable kerninfo preset sysinfo version clrtrap exit keyid pstats sysstats ntpdc> monlist remote address port local address count m ver code avgint lstint =============================================================================== localhost 28027 127.0.0.1 3 7 2 0 13 0 Holocron.home 123 192.168.0.1 3613 3 4 0 71 50 virtueledoos.nl 123 84.xxx.xxx.xxx 2238 4 4 0 512 57 edge.tillo.ch 123 84.xxx.xxx.xxx 2248 4 4 0 512 192 sip.dicode.nl 123 84.xxx.xxx.xxx 2250 4 4 0 513 474 damiana-ext-bge0.tools 123 84.xxx.xxx.xxx 2245 4 4 0 512 485 W7-PC.home 60655 192.168.0.1 15 3 3 0 48344 995 atom-xp.home 123 192.168.0.1 1 1 3 0 0 272197 Simon-PC.home 123 192.168.0.1 1 3 3 0 0 300056 Anduril.home 123 192.168.0.1 2 3 3 0 1 692478 ntpdc>
I also created a LAN rule to "Allow internal network to NTPd server". ( TCP/UDP port 123 = NTP).
-
problem is the server he is trying to sync against is not in sync, that is what "leap 11" means. Once the server you are trying to sync with is in sync you should be good to go, I sync my pfsense against a local server.. And mine is only stratum 2 ;)
ntpdate -d 192.168.1.4
28 Sep 13:02:56 ntpdate[22538]: ntpdate 4.2.4p5-a (1)
transmit(192.168.1.4)
receive(192.168.1.4)
transmit(192.168.1.4)
receive(192.168.1.4)
transmit(192.168.1.4)
receive(192.168.1.4)
transmit(192.168.1.4)
receive(192.168.1.4)
transmit(192.168.1.4)
server 192.168.1.4, port 123
stratum 2, precision -20, leap 00, trust 000
refid [192.168.1.4], delay 0.02596, dispersion 0.00000
transmitted 4, in filter 4
reference time: d22ddd4e.00537c34 Wed, Sep 28 2011 12:52:14.001
originate timestamp: d22de03b.4f425a04 Wed, Sep 28 2011 13:04:43.309
transmit timestamp: d22ddfd0.61fb154e Wed, Sep 28 2011 13:02:56.382
filter delay: 0.02614 0.02596 0.02599 0.02602
0.00000 0.00000 0.00000 0.00000
filter offset: 106.9267 106.9266 106.9266 106.9266
0.000000 0.000000 0.000000 0.000000
delay 0.02596, dispersion 0.00000
offset 106.92663328 Sep 13:02:56 ntpdate[22538]: step time server 192.168.1.4 offset 106.926633 sec
-
OK - more info.
My pfsense FW (embedded) = mistress.local (I just changed it to mistress.home due to the 'General Setup' saying NOT to use local) on IP 192.168.44.254
It get's its time from 0.us.pool.ntp.org
The /usr/sbin/ntpdate -d 192.168.44.254 is a check from another computer on the network to the pfsense FW.
My latest test.
/usr/sbin/ntpdate -d 192.168.44.254
1 Oct 10:14:42 ntpdate[515]: ntpdate 4.2.6@1.2089-o Fri May 28 01:20:57 UTC 2010 (1)
Looking for host 192.168.44.254 and service ntp
host found : mistress.home
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
receive(192.168.44.254)
transmit(192.168.44.254)
192.168.44.254: Server dropped: Leap not in sync
server 192.168.44.254, port 123
stratum 4, precision -28, leap 11, trust 000
refid [192.168.44.254], delay 0.02689, dispersion 0.00096
transmitted 4, in filter 4
reference time: d2319dcf.9c8defff Sat, Oct 1 2011 10:10:23.611
originate timestamp: d2319ed3.2868a7ff Sat, Oct 1 2011 10:14:43.157
transmit timestamp: d2319ed2.c9299956 Sat, Oct 1 2011 10:14:42.785
filter delay: 0.02768 0.02727 0.04030 0.02689
0.00000 0.00000 0.00000 0.00000
filter offset: 0.371718 0.371585 0.365035 0.371412
0.000000 0.000000 0.000000 0.000000
delay 0.02689, dispersion 0.00096
offset 0.3714121 Oct 10:14:42 ntpdate[515]: no server suitable for synchronization found
-
1 Oct 10:14:42 ntpdate[515]: no server suitable for synchronization found
What else do you need to know??
that server at 192.168.44.254 is NOT in sync, so you can not sync off of it!
Fix that SERVER!! Then you can sync off of it.
sync your pfsense to a server that is in sync, say pool.ntp.org
ntpdate -d pool.ntp.org
1 Oct 09:22:19 ntpdate[63426]: ntpdate 4.2.4p5-a (1)
transmit(173.193.227.67)
receive(173.193.227.67)
transmit(173.193.227.67)
receive(173.193.227.67)
transmit(173.193.227.67)
receive(173.193.227.67)
transmit(173.193.227.67)
receive(173.193.227.67)
transmit(173.193.227.67)
transmit(67.223.229.211)
receive(67.223.229.211)
transmit(67.223.229.211)
receive(67.223.229.211)
transmit(67.223.229.211)
receive(67.223.229.211)
transmit(67.223.229.211)
receive(67.223.229.211)
transmit(67.223.229.211)
transmit(68.67.69.235)
receive(68.67.69.235)
transmit(68.67.69.235)
receive(68.67.69.235)
transmit(68.67.69.235)
receive(68.67.69.235)
transmit(68.67.69.235)
receive(68.67.69.235)
transmit(68.67.69.235)
server 173.193.227.67, port 123
stratum 4, precision -20, leap 00, trust 000
refid [173.193.227.67], delay 0.06474, dispersion 0.00058
transmitted 4, in filter 4
reference time: d2319fe6.ca2746a4 Sat, Oct 1 2011 9:19:18.789
originate timestamp: d231a09b.cbef66a2 Sat, Oct 1 2011 9:22:19.796
transmit timestamp: d231a09b.c5e39fbb Sat, Oct 1 2011 9:22:19.773
filter delay: 0.06474 0.06622 0.06638 0.06601
0.00000 0.00000 0.00000 0.00000
filter offset: 0.002454 0.003179 0.003203 0.003080
0.000000 0.000000 0.000000 0.000000
delay 0.06474, dispersion 0.00058
offset 0.002454server 67.223.229.211, port 123
stratum 2, precision -20, leap 00, trust 000
refid [67.223.229.211], delay 0.06375, dispersion 0.00034
transmitted 4, in filter 4
reference time: d2319ca6.af0f578b Sat, Oct 1 2011 9:05:26.683
originate timestamp: d231a09b.fed53576 Sat, Oct 1 2011 9:22:19.995
transmit timestamp: d231a09b.f8f93cca Sat, Oct 1 2011 9:22:19.972
filter delay: 0.06407 0.06850 0.06375 0.06392
0.00000 0.00000 0.00000 0.00000
filter offset: 0.003482 0.005845 0.003660 0.003717
0.000000 0.000000 0.000000 0.000000
delay 0.06375, dispersion 0.00034
offset 0.003660server 68.67.69.235, port 123
stratum 3, precision -20, leap 00, trust 000
refid [68.67.69.235], delay 0.08972, dispersion 0.00064
transmitted 4, in filter 4
reference time: d231a037.e7cc4787 Sat, Oct 1 2011 9:20:39.905
originate timestamp: d231a09c.46eced1e Sat, Oct 1 2011 9:22:20.277
transmit timestamp: d231a09c.40301039 Sat, Oct 1 2011 9:22:20.250
filter delay: 0.09128 0.09348 0.08972 0.08980
0.00000 0.00000 0.00000 0.00000
filter offset: -0.00533 -0.00436 -0.00619 -0.00579
0.000000 0.000000 0.000000 0.000000
delay 0.08972, dispersion 0.00064
offset -0.0061961 Oct 09:22:20 ntpdate[63426]: adjust time server 67.223.229.211 offset 0.003660 sec
-
I updated from 2.0-RC3 to 2.0-Release so my Uptime = 2 days, 23:06
Almost 3-days to sync in. Should have taken 15 minutes or so.
But WHY isn't it in sync.
The offset is only - offset 0.371412
Yes, I have previously checked against pool.ntp.org but moved to 0.us.pool.ntp.org as I wasn't getting any success and that one IS in sync despite the offset 0.551141
/usr/sbin/ntpdate -d 0.us.pool.ntp.org
1 Oct 10:48:01 ntpdate[537]: ntpdate 4.2.6@1.2089-o Fri May 28 01:20:57 UTC 2010 (1)
Looking for host 0.us.pool.ntp.org and service ntp
host found : ntp2.rescomp.berkeley.edu
transmit(169.229.70.95)
receive(169.229.70.95)
transmit(169.229.70.95)
transmit(208.75.88.4)
receive(169.229.70.95)
transmit(169.229.70.95)
receive(208.75.88.4)
transmit(208.75.88.4)
receive(169.229.70.95)
transmit(169.229.70.95)
receive(208.75.88.4)
transmit(208.75.88.4)
transmit(208.97.140.69)
receive(208.75.88.4)
transmit(208.75.88.4)
receive(169.229.70.95)
transmit(169.229.70.95)
receive(208.97.140.69)
transmit(208.97.140.69)
receive(208.75.88.4)
transmit(208.75.88.4)
receive(208.97.140.69)
transmit(208.97.140.69)
receive(208.97.140.69)
transmit(208.97.140.69)
receive(208.97.140.69)
transmit(208.97.140.69)
server 169.229.70.95, port 123
stratum 2, precision -20, leap 00, trust 000
refid [169.229.70.95], delay 0.11014, dispersion 0.00752
transmitted 4, in filter 4
reference time: d231a083.64a0a057 Sat, Oct 1 2011 10:21:55.393
originate timestamp: d231a6a2.da46136d Sat, Oct 1 2011 10:48:02.852
transmit timestamp: d231a6a2.40e93e1c Sat, Oct 1 2011 10:48:02.253
filter delay: 0.13739 0.14780 0.14052 0.11014
0.00000 0.00000 0.00000 0.00000
filter offset: 0.545457 0.547989 0.553706 0.556794
0.000000 0.000000 0.000000 0.000000
delay 0.11014, dispersion 0.00752
offset 0.556794server 208.75.88.4, port 123
stratum 2, precision -19, leap 00, trust 000
refid [208.75.88.4], delay 0.09875, dispersion 0.00363
transmitted 4, in filter 4
reference time: d231a322.f6f451c7 Sat, Oct 1 2011 10:33:06.964
originate timestamp: d231a6a2.eda470da Sat, Oct 1 2011 10:48:02.928
transmit timestamp: d231a6a2.5691105e Sat, Oct 1 2011 10:48:02.338
filter delay: 0.10872 0.09875 0.10445 0.11700
0.00000 0.00000 0.00000 0.00000
filter offset: 0.553060 0.554893 0.551142 0.544405
0.000000 0.000000 0.000000 0.000000
delay 0.09875, dispersion 0.00363
offset 0.554893server 208.97.140.69, port 123
stratum 2, precision -20, leap 00, trust 000
refid [208.97.140.69], delay 0.10046, dispersion 0.00230
transmitted 4, in filter 4
reference time: d231a503.f7be6079 Sat, Oct 1 2011 10:41:07.967
originate timestamp: d231a6a3.2632798c Sat, Oct 1 2011 10:48:03.149
transmit timestamp: d231a6a2.8fa6efc3 Sat, Oct 1 2011 10:48:02.561
filter delay: 0.10507 0.10046 0.12903 0.10054
0.00000 0.00000 0.00000 0.00000
filter offset: 0.550695 0.551141 0.535937 0.550521
0.000000 0.000000 0.000000 0.000000
delay 0.10046, dispersion 0.00230
offset 0.5511411 Oct 10:48:02 ntpdate[537]: step time server 208.75.88.4 offset 0.554893 sec
-
just because offset is not much, does not mean the ntp server is in sync and will allow others to sync off of it.
What I would suggest you do is kill your ntpd and then run it in the console so you can see what is happening.
I am really not a big fan of this really low end openntpd to be honest, not sure why don't just run full blown ntp?? Must easier to work with, shoot the version currently installed dos not even log, nor does it support the -v option which is suppose to log debug, etc.
but if you run it in the console with -d you will see what is happening
example here is mine
[2.1-DEVELOPMENT][root@pfsense.local.lan]/usr/local/sbin(19): ./ntpd -d -f /var/etc/ntpd.conf
listening on 192.168.1.253
listening on 127.0.0.1
ntp engine ready
reply from 192.168.1.4: offset 127.161665 delay 0.000531, next query 6s
reply from 192.168.1.4: offset 127.161404 delay 0.000391, next query 6s
reply from 192.168.1.4: offset 127.161170 delay 0.000280, next query 8s
peer 192.168.1.4 now valid
reply from 192.168.1.4: offset 127.160922 delay 0.000339, next query 8s
reply from 192.168.1.4: offset 127.160598 delay 0.000267, next query 8s
reply from 192.168.1.4: offset 127.160319 delay 0.000342, next query 9s
^Cntp engine exiting
TerminatingBut I think you are confusing what that 192.168.1.254 box is saying when you try and do a ntpdate to it, that box is saying you can not use it as a timesource, not that your pfsense box is not in sync with what servers its using.
Lets see the output of the above example – and we can see where its syncing and if it says that peer is valid, etc.
as to that .254 box your trying to ntpdate too -- what does it use as its servers? Is it running full blown ntpd, or openntpd?
-
i can confirm, that openNTP doesnt work on pfsense 2.0 with alix.
my alix with pfsense is up till 3 days and i always get no sync with my clients.root@pc1:/home/schtebo# ntpdate -d 192.168.6.254 3 Oct 15:48:34 ntpdate[11780]: ntpdate 4.2.6p2@1.2194-o Fri Jun 17 06:06:36 UTC 2011 (1) Looking for host 192.168.6.254 and service ntp host found : pfsense.net.local transmit(192.168.6.254) receive(192.168.6.254) transmit(192.168.6.254) receive(192.168.6.254) transmit(192.168.6.254) receive(192.168.6.254) transmit(192.168.6.254) receive(192.168.6.254) transmit(192.168.6.254) 192.168.6.254: Server dropped: Leap not in sync server 192.168.6.254, port 123 stratum 2, precision -28, leap 11, trust 000 refid [192.168.6.254], delay 0.02644, dispersion 0.00092 transmitted 4, in filter 4 reference time: d2343a3b.0cd2e7ff Mon, Oct 3 2011 15:42:19.050 originate timestamp: d2343bb9.5c60c7ff Mon, Oct 3 2011 15:48:41.360 transmit timestamp: d2343bb8.4d0c07b9 Mon, Oct 3 2011 15:48:40.300 filter delay: 0.02650 0.02644 0.02646 0.02644 0.00000 0.00000 0.00000 0.00000 filter offset: 1.057472 1.058120 1.058786 1.059461 0.000000 0.000000 0.000000 0.000000 delay 0.02644, dispersion 0.00092 offset 1.058120 3 Oct 15:48:42 ntpdate[11780]: no server suitable for synchronization found
-
Again what part do you not understand about that .254 box not being in sync??
leap 11
Means its not in sync, and no clients will be able to sync off of it, if your syncing your pfsense openntp off of that it will never sync, and therefore no clients will be able to sync off of the pfsense openntp because it does not have a valid timesource to sync from.
Your ntpdate command is clearly telling you that box is "no server suitable for synchronization found"
You need to sync your pfsense box off something that is actually in sync, and then give it time. Then you will be able to sync off of it.
So here is a client that is not my pfsense box testing the openntp running on my pfsense box 192.168.1.253, which syncs off my networks time server 192.168.1.4, which is a valid stratum 2 – so my pfsense becomes a stratum 3
ntpdate -d 192.168.1.253
6 Oct 13:00:39 ntpdate[11558]: ntpdate 4.2.6p2@1.2194-o Fri Jun 17 05:59:45 UTC 2011 (1)
Looking for host 192.168.1.253 and service ntp
host found : pfsense.local.lan
transmit(192.168.1.253)
receive(192.168.1.253)
transmit(192.168.1.253)
receive(192.168.1.253)
transmit(192.168.1.253)
receive(192.168.1.253)
transmit(192.168.1.253)
receive(192.168.1.253)
transmit(192.168.1.253)
server 192.168.1.253, port 123
stratum 3, precision -21, leap 00, trust 000
refid [192.168.1.253], delay 0.02779, dispersion 0.00017
transmitted 4, in filter 4
reference time: d2386908.f3829fff Thu, Oct 6 2011 12:51:04.951
originate timestamp: d2386b4d.72efe7ff Thu, Oct 6 2011 13:00:45.448
transmit timestamp: d2386b4d.73522c2d Thu, Oct 6 2011 13:00:45.450
filter delay: 0.02809 0.02831 0.02779 0.02786
0.00000 0.00000 0.00000 0.00000
filter offset: -0.00270 -0.00304 -0.00251 -0.00263
0.000000 0.000000 0.000000 0.000000
delay 0.02779, dispersion 0.00017
offset -0.0025176 Oct 13:00:47 ntpdate[11558]: adjust time server 192.168.1.253 offset -0.002517 sec
ntpq ntpq> host 192.168.1.4 current host set to 192.168.1.4 ntpq> pe remote refid st t when poll reach delay offset jitter ============================================================================== +ntp.your.org .CDMA. 1 u 301 1024 377 11.474 4.556 5.515 +173-14-55-9-Mic .ACTS. 1 u 274 1024 377 38.172 0.493 7.656 *nist.netservice .ACTS. 1 u 940 1024 377 19.719 1.479 7.581 +ns.nts.umn.edu 192.168.245.213 2 u 69 1024 373 23.286 5.908 16.962 +caesar.cs.wisc. 128.105.201.11 2 u 208 1024 377 16.659 -0.409 5.992
So if I ask one of my other clients, on where its syncing from, you will see that my 192.168.1.4 box is stratum 2
ntpq> host 192.168.1.100 current host set to 192.168.1.100 ntpq> pe remote refid st t when poll reach delay offset jitter ============================================================================== *p4-28g.local.la 64.113.32.5 2 u 141m 128 377 0.589 -4.683 11.668
Notice the refid 64.113.32.5
so 192.168.1.100 is telling me he syncs with p4-28.local.lan (192.168.1.4) who syncs with
;; ANSWER SECTION:
5.32.113.64.in-addr.arpa. 85982 IN PTR nist.netservicesgroup.com.Why do you keep asking this 192.168.1.254 for time, who is he trying to sync with? And where is your pfsense box set to sync with?
If you pfsense box is not syncing, you need to verify where he is trying to sync and that its a valid time source, and then give it time to do its things!!
-
Why do you keep asking this 192.168.1.254 for time, who is he trying to sync with? And where is your pfsense box set to sync with?
Is this address on your WAN or LAN?
I dont think your pfSense box will sync from someone on the lan…