NTP problems--REPOST 2004-02-04 - By Shaw, Marco
Back
I 've been struggling with getting NTP working on Linux off-and-on for over a year.
Finally, a week or so ago, I pinpointed the problem to tcp_wrappers, and the brief
details are farther below. I have tcp_w configured to only allow telnet and ftp
from a few management hosts.
I can reproduce the problem everytime, as opposed to what I said below. I just
need to login, add the "ALL:ALL " rule to tcp_w, *logout, and log back in*, and
suddenly ntpdate now works. If I remove the "ALL:ALL " rule, logout, and log back
in, ntpdate no longer works anymore. As if there 's some kind of session state that
goes along with logging in.
I 've been able to reproduce this on different RedHat Linux versions (7.2 and 2.1AS
with various kernels, and different versions of ntp, yet have not tried a different
version of tcp_w), and have found a few on the 'net with the same/similar problem,
but no solution.
I thought I was on the right track when I found that tcp_w was/seemed to be an issue,
but then did a sniffer trace when ntpdate worked and didn 't, and couldn 't find any
kind of abnormal traffic that would be blocked.
Tcp_w causing problems just doesn 't make any sense... Especially more so when NTP is
using UDP.
Thoughts?
Marco
> -- --Original Message-- --
> From: Shaw, Marco
> Sent: Sunday, January 25, 2004 8:45 AM
> To: 'taroon-list@(protected) '; 'redhat-list@(protected) '
> Subject: RE: NTP problems--UPDATE 2
>
>
> > > > > NTP: I couldn 't get it working with 7.2 with various
> > > > kernels, and various NTP packages, and now still can 't get it
> > > > working with 2.1AS...
> > > > >
> > > > > ipchains allows all eth0 traffic through (trusted
> > > > interface), yet I cannot get ntp to work.
> > > > >
> > > > > All I get is this, but absolutely *nothing* in tcpdump:
> > > > > # ntpdate -d IP_address_hidden
> > > > > 15 Jan 10:05:59 ntpdate[22868]: ntpdate 4.1.2@(protected) Tue Dec
> > > > 9 11:52:07 EST 2003
> > > > > (1)
> > > > > 15 Jan 10:06:59 ntpdate[22868]: poll(): nfound = 0,
> > error: Success
> > ....
> >
> > OK, a little bit of progress maybe. Whenver ntp fails, lsof
> > prints out
> > the last line below:
> >
> > [root@(protected) fs]# lsof|grep ntpdate
> > ntpdate 461 root cwd DIR 8,7 4096
> > 144002 /root
> > ntpdate 461 root rtd DIR 8,7 4096 2 /
> > ntpdate 461 root txt REG 8,5 40460
> > 128472 /usr/sbin/ntp
> > date
> > ntpdate 461 root mem REG 8,7 464409
> > 65742 /lib/ld-2.2.4
> > .so
> > ntpdate 461 root mem REG 8,5 44851
> > 64355 /usr/lib/libc
> > ap.so.1.10
> > ntpdate 461 root mem REG 8,7 5737154
> > 64013 /lib/libc-2.2
> > .4.so
> > ntpdate 461 root 0u CHR 136,3
> > 5 /dev/pts/3
> > ntpdate 461 root 1u CHR 136,3
> > 5 /dev/pts/3
> > ntpdate 461 root 2u CHR 136,3
> > 5 /dev/pts/3
> > ntpdate 461 root 3u sock 0,0
> > 175748304 can 't identif
> > y protocol
>
> I played with things a bit more, and it seems that
> tcp_wrappers is the problem.
> Unless, I add an "ALL:ALL " line in hosts.allow, I am not able
> to run ntpdate
> As indicated above. Even adding "ALL:NTP Server IP " does not
> help (where "NTP
> Server IP " is the host I 'm trying to run ntpdate against).
>
> I 'm confused... Tcp_wrappers is for TCP connections, and
> should affect only
> Incoming connections, but tcp_w is even causing problems for
> outgoing packets.
>
> I don 't see any DNS traffic at the time that ntpdate is run,
> in case this is
> a resolution problem. I 've added the host I 'm trying to run
> ntpdate against
> in my /etc/hosts, since I 've got a multi-home hosts that uses
> public DNS servers
> yet, my NTP source is inside a/my private network.
>
> Any ideas what tcp_w is doing wrong here?
>
> Marco
>
--
Taroon-list mailing list
Taroon-list@(protected)
http://www.redhat.com/mailman/listinfo/taroon-list
|
|
