load balancer - NTP

This is a discussion on load balancer - NTP ; Hi i'm having problems configuring ntp on my network i have 3 servers behaind a bigip running ntp, and they are unable to sync with my stratum 1 clock of choice. my other servers on another network are syncing beautifully. ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: load balancer

  1. load balancer

    Hi

    i'm having problems configuring ntp on my network
    i have 3 servers behaind a bigip running ntp, and
    they are unable to sync with my stratum 1 clock of choice.
    my other servers on another network are syncing beautifully.

    has anyone run into this problem and can give me advice on how
    to enable this syncing? i understand this is a networking issue
    but figure I'd make sure there's no ntp specific considerations. thanks

    the request looks like this

    [root]# /usr/sbin/ntpdate -d time-a.timefreq.bldrdoc.gov
    4 Oct 14:57:28 ntpdate[23994]: ntpdate 4.1.2@1.892 Tue Feb 24 06:32:26
    EST 2004 (1)
    transmit(132.163.4.103)
    transmit(132.163.4.103)
    transmit(132.163.4.103)
    transmit(132.163.4.103)
    transmit(132.163.4.103)
    132.163.4.103: Server dropped: no data
    server 132.163.4.103, port 123
    stratum 0, precision 0, leap 00, trust 000
    refid [0.0.0.0], delay 0.00000, dispersion 64.00000
    transmitted 4, in filter 4
    reference time: 00000000.00000000 Wed, Feb 6 2036 22:28:16.000
    originate timestamp: 00000000.00000000 Wed, Feb 6 2036 22:28:16.000
    transmit timestamp: c8ceaccb.e10df15a Wed, Oct 4 2006 14:57:31.879
    filter delay: 0.00000 0.00000 0.00000 0.00000
    0.00000 0.00000 0.00000 0.00000
    filter offset: 0.000000 0.000000 0.000000 0.000000
    0.000000 0.000000 0.000000 0.000000
    delay 0.00000, dispersion 64.00000
    offset 0.000000

    4 Oct 14:57:32 ntpdate[23994]: no server suitable for synchronization found



    J
    _______________________________________________
    questions mailing list
    questions@lists.ntp.isc.org
    https://lists.ntp.isc.org/mailman/listinfo/questions


  2. Re: load balancer


    >i'm having problems configuring ntp on my network
    >i have 3 servers behaind a bigip running ntp, and
    >they are unable to sync with my stratum 1 clock of choice.
    >my other servers on another network are syncing beautifully.


    What is a "bigip"?

    ntpd uses UDP port 123. You have to arrange for the answers
    to go back to the right place. NAT boxes often get into
    trouble because they think port 123 is a server port and
    send the answers off the the "right" server or drop them
    if no server is configured on that port. I'd guess that
    load balancers would have similar quirks.

    --
    The suespammers.org mail server is located in California. So are all my
    other mailboxes. Please do not send unsolicited bulk e-mail or unsolicited
    commercial e-mail to my suespammers.org address or any of my other addresses.
    These are my opinions, not necessarily my employer's. I hate spam.


  3. Re: load balancer

    Julie S. Lin wrote:
    > Hi
    >
    > i'm having problems configuring ntp on my network
    > i have 3 servers behaind a bigip running ntp, and
    > they are unable to sync with my stratum 1 clock of choice.


    Please define what you mean by bigip and for that matter what you mean
    by load balancer. Load balancing has no meaning in the ntp space, each
    ntp server can only server its own time as maintained by an upstream ntp
    source. Are you behind a firewall and are the 123/UDP ports open so that
    you can send and receive ntp packets? Ignore TCP, ntp doesn't use it.

    > my other servers on another network are syncing beautifully.
    >
    > has anyone run into this problem and can give me advice on how
    > to enable this syncing? i understand this is a networking issue
    > but figure I'd make sure there's no ntp specific considerations. thanks
    >


    We don't know that without looking at your ntp configuration, version
    and logs.

    > the request looks like this
    >
    > [root]# /usr/sbin/ntpdate -d time-a.timefreq.bldrdoc.gov


    Please do not use ntpdate for this, use ntpd. There are very few reasons
    to use it.

    > 4 Oct 14:57:28 ntpdate[23994]: ntpdate 4.1.2@1.892 Tue Feb 24 06:32:26
    > EST 2004 (1)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > 132.163.4.103: Server dropped: no data
    > server 132.163.4.103, port 123


    Meaning that it didn't respond and probably is a firewall issue.

    Danny
    _______________________________________________
    questions mailing list
    questions@lists.ntp.isc.org
    https://lists.ntp.isc.org/mailman/listinfo/questions


  4. Re: load balancer

    Julie S. Lin wrote:
    > Hi
    >
    > i'm having problems configuring ntp on my network
    > i have 3 servers behaind a bigip running ntp, and
    > they are unable to sync with my stratum 1 clock of choice.
    > my other servers on another network are syncing beautifully.
    >
    > has anyone run into this problem and can give me advice on how
    > to enable this syncing? i understand this is a networking issue
    > but figure I'd make sure there's no ntp specific considerations. thanks
    >
    > the request looks like this
    >
    > [root]# /usr/sbin/ntpdate -d time-a.timefreq.bldrdoc.gov
    > 4 Oct 14:57:28 ntpdate[23994]: ntpdate 4.1.2@1.892 Tue Feb 24 06:32:26
    > EST 2004 (1)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > 132.163.4.103: Server dropped: no data
    > server 132.163.4.103, port 123
    > stratum 0, precision 0, leap 00, trust 000
    > refid [0.0.0.0], delay 0.00000, dispersion 64.00000
    > transmitted 4, in filter 4
    > reference time: 00000000.00000000 Wed, Feb 6 2036 22:28:16.000
    > originate timestamp: 00000000.00000000 Wed, Feb 6 2036 22:28:16.000
    > transmit timestamp: c8ceaccb.e10df15a Wed, Oct 4 2006 14:57:31.879
    > filter delay: 0.00000 0.00000 0.00000 0.00000
    > 0.00000 0.00000 0.00000 0.00000
    > filter offset: 0.000000 0.000000 0.000000 0.000000
    > 0.000000 0.000000 0.000000 0.000000
    > delay 0.00000, dispersion 64.00000
    > offset 0.000000
    >
    > 4 Oct 14:57:32 ntpdate[23994]: no server suitable for synchronization found
    >
    >
    >
    > J
    > _______________________________________________
    > questions mailing list
    > questions@lists.ntp.isc.org
    > https://lists.ntp.isc.org/mailman/listinfo/questions
    >


    An almost identical command worked for me! Because ntpd is already
    running I must use an unprivileged port instead of port 123.

    sunblok_$ /usr/sbin/ntpdate -du time-a.timefreq.bldrdoc.gov
    5 Oct 22:30:49 ntpdate[22333]: ntpdate 3-5.93e Mon Sep 20 15:45:30 PDT
    1999 (1)
    transmit(132.163.4.101)
    receive(132.163.4.101)
    transmit(132.163.4.101)
    receive(132.163.4.101)
    transmit(132.163.4.101)
    receive(132.163.4.101)
    transmit(132.163.4.101)
    receive(132.163.4.101)
    transmit(132.163.4.101)
    server 132.163.4.101, port 123
    stratum 1, precision -18, leap 00, trust 000
    refid [ACTS], delay 0.12851, dispersion 0.00014
    transmitted 4, in filter 4
    reference time: c8d03e1e.ff2ecf20 Thu, Oct 5 2006 22:29:50.996
    originate timestamp: c8d03e5a.97ebaf10 Thu, Oct 5 2006 22:30:50.593
    transmit timestamp: c8d03e5a.8a008000 Thu, Oct 5 2006 22:30:50.539
    filter delay: 0.12984 0.12871 0.12851 0.12892
    0.00000 0.00000 0.00000 0.00000
    filter offset: 0.003398 0.002714 0.002819 0.002695
    0.000000 0.000000 0.000000 0.000000
    delay 0.12851, dispersion 0.00014
    offset 0.002819

    5 Oct 22:30:50 ntpdate[22333]: adjust time server 132.163.4.101 offset
    0.002819 sec


    If your ntpd or xntpd is running, add the "-u" to to your command line.

    It is perhaps worth noting that ntpdate is "deprecated" and you should
    really be using something else to "synchronize your clock". Ntpdate
    does still have its uses and will probably be around in some form for
    the next fifty or one hundred years but (some of) the people responsible
    for it wish it would go away.

    To set your clock when starting the current version of ntpd (not xntpd)
    you can use the -g option to have ntpd set the clock on a one time basis
    when it starts. This replaces one of the major functions formerly
    performed by ntpdate; setting the clock as part of starting (x)ntpd.

    If (x)ntpd is not running, then you have a network problem that is
    making it impossible to contact the server. Try pinging the server. If
    that doesn't work you could try traceroute and you should definitely
    talk to your network people to see if a firewall is blocking the connection.

  5. Re: load balancer

    Julie S. Lin wrote:
    > i'm having problems configuring ntp on my network
    > i have 3 servers behaind a bigip running ntp, and
    > they are unable to sync with my stratum 1 clock of choice.
    > my other servers on another network are syncing beautifully.


    Can you ask the bigip to not touch NTP (UDP/123) packets? Presumably
    it's either rewriting them as they leave or not properly delivering them
    when they return.

    > has anyone run into this problem and can give me advice on how
    > to enable this syncing? i understand this is a networking issue
    > but figure I'd make sure there's no ntp specific considerations.
    > thanks


    > the request looks like this


    > [root]# /usr/sbin/ntpdate -d time-a.timefreq.bldrdoc.gov
    > 4 Oct 14:57:28 ntpdate[23994]: ntpdate 4.1.2@1.892 Tue Feb 24 06:32:26
    > EST 2004 (1)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)
    > transmit(132.163.4.103)


    This means that no valid responses were seen returning. I don't know
    what kind of logging is available to you on the F5. Watching traffic on
    both sides of the device would at least tell you if it's inbound or
    outbound that is having the issue.

    --
    Darren Dunham ddunham@taos.com
    Senior Technical Consultant TAOS http://www.taos.com/
    Got some Dr Pepper? San Francisco, CA bay area
    < This line left intentionally blank to confuse you. >

+ Reply to Thread