NTP clients wont sync with pfsense



  • I've enabled ntpd on pfsense and set it up to sync with the public pfsense time servers (0.pfsense.pool.ntp.org 1.pfsense.pool.ntp.org).  However neither windows nor linux will sync with it and I can't figure out why.  Anyone have any insights?

    Here is my linux client output:

    
    [root@psuedo ~]# date
    Mon Dec 31 15:56:36 UTC 2012
    [root@psuedo ~]# ntpdate -d 10.1.1.1
    31 Dec 15:56:38 ntpdate[1561]: ntpdate 4.2.6p5@1.2349-o Tue Dec 18 22:48:43 UTC 2012 (1)
    Looking for host 10.1.1.1 and service ntp
    host found : gatekeeper.nest
    transmit(10.1.1.1)
    receive(10.1.1.1)
    transmit(10.1.1.1)
    receive(10.1.1.1)
    transmit(10.1.1.1)
    receive(10.1.1.1)
    transmit(10.1.1.1)
    receive(10.1.1.1)
    10.1.1.1: Server dropped: Leap not in sync
    server 10.1.1.1, port 123
    stratum 3, precision -21, leap 11, trust 000
    refid [10.1.1.1], delay 0.02629, dispersion 0.01350
    transmitted 4, in filter 4
    reference time:    d48c33fb.00fa87ff  Mon, Dec 31 2012 15:55:39.003
    originate timestamp: d48c345b.ef9cd7ff  Mon, Dec 31 2012 15:57:15.935
    transmit timestamp:  d48c343c.5022e746  Mon, Dec 31 2012 15:56:44.313
    filter delay:  0.02689  0.02666  0.02661  0.02629
             0.00000  0.00000  0.00000  0.00000
             filter offset: 31.65232 31.64233 31.63234 31.62261
                      0.000000 0.000000 0.000000 0.000000
                      delay 0.02629, dispersion 0.01350
                      offset 31.622611
    
                      31 Dec 15:56:44 ntpdate[1561]: no server suitable for synchronization found
    
    


  • Try changing the ntp servers on pfsense to something different than *.pfsense.pool.ntp.org.


  • Rebel Alliance Developer Netgate

    What version of pfSense?

    If you're on 2.0.2 or 2.1, check Status > NTP, make sure it has one 'active peer' listed.

    I was just able to sync time from/to a 2.1 and 2.0.2 VM…



  • I upgraded from 2.0.1 to 2.0.2 and changed to using non-pfsense time servers and it's working now, not sure which change fixed it.

    Thanks for the help.


  • Rebel Alliance Developer Netgate

    The ntp daemon changed on 2.0.2 (2.0.1 and earlier used openntpd, now we use the ntp.org daemon), so I'd say that was it.


Locked