[NTLUG:Discuss] Something OTHER than Top Post - VMWware Time Sync & Named
David Simmons
dave at dgnal.net
Mon Jul 14 14:35:17 CDT 2008
Guys - sorry for the horrible formatting....I'm not sure why it
send/re-formatted that way?
-dave
>
>> On ESX server (VI3) we have to run the guest vmtools clock
sync
> AND
>> ntp to keep our clocks in sync.. but it
seems to work.
>
> Welp...if it's not one thing.....
>
> I've setup ntpd on
> that VM.....when I do
this:
>
> [root at www5 ~]# ntpq -p
>
>
remote
> refid st t when poll
reach
> delay offset jitter
>
==============================================================================
> hosting.nuworld 67.128.71.65 3
> u 48 64 177 64.319
67272.6
> 652378.
> xray.metadom.co
>
18.145.0.30 2 u
38
> 64 177 90.962 97448.5
639738.
> dev3.sje007.int 216.218.254.202 2
u
> 38 64 177
13.793 83280.2 645569.
>
ntp.your.org
>
.CDMA. 1
> u 40 64 177 56.576
1661752
> 1561970
> wsip-98-172-32-
128.10.19.24 2
> u
36 64 177 35.786 84469.1
>
644699.
> patbox3.patrick 206.246.118.250 2
u
> 39 64 177
57.624 84472.0 644513.
>
> I seem to connect out
with servers.....BUT since none of the '*'
> in front of them, my
time never gets updated?!
>
> I've manually
> set
the correct time with the 'date' command to get it close....but it
> still moves off track? I can 'force' the update with ntpdate
- but
> that doesn't use the ntpd setup, so doesn't do what I need
it to do.
>
> /var/log/messages isn't saying too much
(here's the startup
> info):
>
> Jul 14 14:08:07
www5 ntpd[4889]: ntpd 4.2.2p1 at 1.1570-o
> Tue Jun 10 00:07:18 UTC
2008 (1)
> Jul 14 14:08:07 www5 ntpd[4890]:
> precision =
3.000 usec
> Jul 14 14:08:07 www5 ntpd[4890]: Listening on
> interface wildcard, 0.0.0.0#123 Disabled
> Jul 14 14:08:07
www5
> ntpd[4890]: Listening on interface wildcard, ::#123
Disabled
> Jul 14
> 14:08:07 www5 ntpd[4890]: Listening on
interface eth0,
> fe80::20c:29ff:fed8:8c05#123 Enabled
>
Jul 14 14:08:07 www5 ntpd[4890]:
> Listening on interface lo,
::1#123 Enabled
> Jul 14 14:08:07 www5
> ntpd[4890]:
Listening on interface lo, 127.0.0.1#123 Enabled
> Jul 14
> 14:08:07 www5 ntpd[4890]: Listening on interface eth0,
96.226.24.25#123
> Enabled
> Jul 14 14:08:07 www5
ntpd[4890]: kernel time sync status
> 0040
> Jul 14
14:08:07 www5 ntpd[4890]: frequency initialized 0.000 PPM
> from
/var/lib/ntp/drift
>
> Thought maybe it was a firewall
> issue....shut it down for awhile - still have drift off from
real
> time....and added '123:udp' to 'other ports' in the RedHat
Firewall Config
> tool so that:
>
> [root at www5
~]# service iptables status
> Table: filter
> Chain INPUT
(policy ACCEPT)
> num
>
target prot opt
>
source
> destination
> 1 RH-Firewall-1-INPUT all --
>
0.0.0.0/0
>
0.0.0.0/0
>
> Chain FORWARD (policy ACCEPT)
> num
> target prot opt
>
source
> destination
> 1 RH-Firewall-1-INPUT all --
>
0.0.0.0/0
>
0.0.0.0/0
>
> Chain OUTPUT (policy ACCEPT)
> num
> target prot opt
>
source
> destination
>
> Chain RH-Firewall-1-INPUT (2 references)
>
num
> target prot opt
>
source
> destination
> 1 ACCEPT all
--
>
0.0.0.0/0
>
0.0.0.0/0
> 2 ACCEPT icmp --
>
0.0.0.0/0
>
0.0.0.0/0
icmp
> type 255
> 3
ACCEPT
> esp --
>
0.0.0.0/0
>
0.0.0.0/0
> 4 ACCEPT
ah
> --
>
0.0.0.0/0
>
0.0.0.0/0
> 5 ACCEPT udp
--
>
0.0.0.0/0
> 224.0.0.251 udp
dpt:5353
>
> 6
ACCEPT udp
> --
>
0.0.0.0/0
>
0.0.0.0/0
udp
> dpt:631
> 7
ACCEPT tcp
> --
>
0.0.0.0/0
>
0.0.0.0/0
tcp
> dpt:631
> 8
ACCEPT all
> --
>
0.0.0.0/0
>
0.0.0.0/0
> state RELATED,ESTABLISHED
> 9
>
ACCEPT udp --
>
0.0.0.0/0
>
0.0.0.0/0
> state NEW udp dpt:123
> 10
ACCEPT
> tcp --
>
0.0.0.0/0
>
0.0.0.0/0
> state NEW tcp dpt:22
> 11
ACCEPT
> tcp --
>
0.0.0.0/0
>
0.0.0.0/0
> state NEW tcp dpt:25
> 12
ACCEPT
> tcp --
>
0.0.0.0/0
>
0.0.0.0/0
> state NEW tcp dpt:80
> 13
ACCEPT
> tcp --
>
0.0.0.0/0
>
0.0.0.0/0
> state NEW tcp dpt:443
> 14
REJECT
> all --
>
0.0.0.0/0
>
0.0.0.0/0
> reject-with icmp-host-prohibited
>
> shows it
open.
>
> What am I missing?
>
> Thanks
in advance - dave
>
>
>
>
>
>
>
>
_______________________________________________
>
http://www.ntlug.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list