NTP clients wont sync with pfsense



  • I've enabled ntpd on pfsense and set it up to sync with the public pfsense time servers (0.pfsense.pool.ntp.org 1.pfsense.pool.ntp.org).  However neither windows nor linux will sync with it and I can't figure out why.  Anyone have any insights?

    Here is my linux client output:

    
    [root@psuedo ~]# date
    Mon Dec 31 15:56:36 UTC 2012
    [root@psuedo ~]# ntpdate -d 10.1.1.1
    31 Dec 15:56:38 ntpdate[1561]: ntpdate 4.2.6p5@1.2349-o Tue Dec 18 22:48:43 UTC 2012 (1)
    Looking for host 10.1.1.1 and service ntp
    host found : gatekeeper.nest
    transmit(10.1.1.1)
    receive(10.1.1.1)
    transmit(10.1.1.1)
    receive(10.1.1.1)
    transmit(10.1.1.1)
    receive(10.1.1.1)
    transmit(10.1.1.1)
    receive(10.1.1.1)
    10.1.1.1: Server dropped: Leap not in sync
    server 10.1.1.1, port 123
    stratum 3, precision -21, leap 11, trust 000
    refid [10.1.1.1], delay 0.02629, dispersion 0.01350
    transmitted 4, in filter 4
    reference time:    d48c33fb.00fa87ff  Mon, Dec 31 2012 15:55:39.003
    originate timestamp: d48c345b.ef9cd7ff  Mon, Dec 31 2012 15:57:15.935
    transmit timestamp:  d48c343c.5022e746  Mon, Dec 31 2012 15:56:44.313
    filter delay:  0.02689  0.02666  0.02661  0.02629
             0.00000  0.00000  0.00000  0.00000
             filter offset: 31.65232 31.64233 31.63234 31.62261
                      0.000000 0.000000 0.000000 0.000000
                      delay 0.02629, dispersion 0.01350
                      offset 31.622611
    
                      31 Dec 15:56:44 ntpdate[1561]: no server suitable for synchronization found
    
    


  • Try changing the ntp servers on pfsense to something different than *.pfsense.pool.ntp.org.


  • Rebel Alliance Developer Netgate

    What version of pfSense?

    If you're on 2.0.2 or 2.1, check Status > NTP, make sure it has one 'active peer' listed.

    I was just able to sync time from/to a 2.1 and 2.0.2 VM…



  • I upgraded from 2.0.1 to 2.0.2 and changed to using non-pfsense time servers and it's working now, not sure which change fixed it.

    Thanks for the help.


  • Rebel Alliance Developer Netgate

    The ntp daemon changed on 2.0.2 (2.0.1 and earlier used openntpd, now we use the ntp.org daemon), so I'd say that was it.


Log in to reply