On Wed, 26 Dec 2001, Mikes work account wrote:
> Shouldn't ntp be updating the drift file to keep the clock in sync
> with the firewall? The drift file never changes from 0.000 and the
> clock needs to be reset every few days as it looses about a minute a
> day.
The NTP server (assuming you are using xntpd) won't monitor the clock
unless it's within a few seconds already. If the server starts and the
clock is already too far out of sync it won't work at all regardless of
what you do afterwards.
Best bet is to run ntpdate to sync it once then start the server.
After a few minutes (give it 5 or so) you can run "/usr/sbin/ntpq -n" and
type in the commands "pe" and "as" to see what's going on. You should see
that it can contact the firewall and acknowledges that it's a peer if
everything's working okay.
Remember...
/etc/rc.d/init.d/xntpd stop
/usr/sbin/ntpdate (firewall IP)
/etc/rc.d/init.d/xntpd start
(wait a few minutes)
/usr/sbin/ntpq -n
(type in both "pe" and "as")
(CTRL-D to exit)
You should see something like...
ntpq> pe
remote refid st t when poll reach delay offset disp
====================================================================
*192.168.13.1 130.207.244.240 2 u 20 64 377 0.46 1.089 2.70
ntpq> as
ind assID status conf reach auth condition last_event cnt
===========================================================
1 58108 96f4 yes yes none sys.peer reachable 15
ntpq>
...if everything's working well.
Paul Braman
aeon@tampabay.rr.com
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:22:39 EDT