HPE Community
Operating System - Linux
1833696 Members
3441 Online
110062 Solutions
New Discussion

NTPDATE - Help please

 
SOLVED
Go to solution
BiancaP.
Frequent Advisor

‎06-25-2008 08:10 AM

‎06-25-2008 08:10 AM

Re: NTPDATE - Help please

Thank you!! =)

>> If you want to run the firewall you will need to edit the firewall rules to allow udp port 123 outbound

How can I do this??
I don't know...

I think the second thing you mencioned is ok:


[root@lab1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1C:C4:68:42:4E
inet addr:172.27.109.42 Bcast:172.27.109.255 Mask:255.255.255.0
inet6 addr: fe80::21c:c4ff:fe68:424e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48645520 errors:0 dropped:0 overruns:0 frame:0
TX packets:37640204 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:680477219 (648.9 MiB) TX bytes:3319609077 (3.0 GiB)
Interrupt:169 Memory:f8000000-f8012100

eth1 Link encap:Ethernet HWaddr 00:1C:C4:68:42:4C
inet addr:172.27.109.42 Bcast:172.27.109.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:177 Memory:fa000000-fa012100

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6139 errors:0 dropped:0 overruns:0 frame:0
TX packets:6139 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7838483 (7.4 MiB) TX bytes:7838483 (7.4 MiB)


0 Kudos
Reply
Court Campbell
Honored Contributor

‎06-25-2008 08:26 AM

‎06-25-2008 08:26 AM

Re: NTPDATE - Help please

I don't create rules that often, so I usually end up googling for examples. Here is just one of many you can test out.

http://www.howtoforge.com/linux_iptables_sarge

Also, you can install and use firestarter. That may actually be easier.

in regards to your thanks, is your issue resolved?
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
Reply
Court Campbell
Honored Contributor

‎06-25-2008 08:33 AM

‎06-25-2008 08:33 AM

Re: NTPDATE - Help please

I will say that I find it interesting that you have both eth0 and eth1 set to use the same ip address.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
BiancaP.
Frequent Advisor

‎06-25-2008 08:38 AM

‎06-25-2008 08:38 AM

Re: NTPDATE - Help please

I put the rule:
iptables -A INPUT -s 172.27.109.56 -p udp --dport 123 -j ACCEPT

And try again... but i get the same problem... =/

I discover that ntptime dind't work too:

[root@lab1 ~]# ntptime
ntp_gettime() returns code 5 (ERROR)
time cc0c528e.36602000 Wed, Jun 25 2008 2:13:50.212, (.212404),
maximum error 3058192 us, estimated error 16 us
ntp_adjtime() returns code 5 (ERROR)
modes 0x0 (),
offset 0.000 us, frequency 0.000 ppm, interval 4 s,
maximum error 3058192 us, estimated error 16 us,
status 0x40 (UNSYNC),
time constant 0, precision 1.000 us, tolerance 512 ppm,
pps frequency 0.000 ppm, stability 512.000 ppm, jitter 200.000 us,
intervals 0, jitter exceeded 0, stability exceeded 0, errors 0.
0 Kudos
Reply
Court Campbell
Honored Contributor

‎06-25-2008 08:55 AM

‎06-25-2008 08:55 AM

Re: NTPDATE - Help please

Do you have both ports eth0 and eth1 connected to your network? If so, I would suggest disbling one of them and getting rid of the duplicate ip configuration. I more think that is the issue than anything else at this point.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
BiancaP.
Frequent Advisor

‎06-25-2008 09:23 AM

‎06-25-2008 09:23 AM

Re: NTPDATE - Help please

Bad news...=/

[root@lab2 /]# ifdown eth1
[root@lab2 /]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1C:C4:68:42:54
inet addr:172.27.109.43 Bcast:172.27.109.255 Mask:255.255.255.0
inet6 addr: fe80::21c:c4ff:fe68:4254/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1079269 errors:0 dropped:0 overruns:0 frame:0
TX packets:8156804 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:115892461 (110.5 MiB) TX bytes:530162668 (505.6 MiB)
Interrupt:169 Memory:f8000000-f8012100

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:5856 errors:0 dropped:0 overruns:0 frame:0
TX packets:5856 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7835880 (7.4 MiB) TX bytes:7835880 (7.4 MiB)



[root@lab2 /]# service ntpd stop
[root@lab2 /]# ntpdate 172.27.109.56
[root@lab2 /]#
[root@lab2 /]# date
Sat May 17 18:43:17 BRT 2008
[root@lab2 /]#
[root@lab2 /]# service ntpd start

0 Kudos
Reply
BiancaP.
Frequent Advisor

‎06-25-2008 09:34 AM

‎06-25-2008 09:34 AM

Re: NTPDATE - Help please

I am trying to configure remote....
I enter direct in the server and i get this message:

[root@lab1~]ntpdate 172.27.109.56
audit(1214373854.865:437): avc: denied { read } for pid=25149 comm= "ntpdate"
name="services"dev=cciss/c0d0p3 ino=1998855 scontext=root:system_r:ntpd_t tcontext=root:object_r:tmp_t tclass=file

but i can ping:

PING 172.27.109.56 (172.27.109.56) 56(84) bytes of data.
64 bytes from 172.27.109.56: icmp_seq=0 ttl=64 time=1.34 ms
64 bytes from 172.27.109.56: icmp_seq=1 ttl=64 time=0.596 ms
64 bytes from 172.27.109.56: icmp_seq=2 ttl=64 time=0.558 ms

--- 172.27.109.56 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.558/0.833/1.345/0.362 ms, pipe 2


0 Kudos
Reply
BiancaP.
Frequent Advisor

‎06-25-2008 10:05 AM

‎06-25-2008 10:05 AM

Re: NTPDATE - Help please

My friend help me....
the solution:

vi /etc/selinux/config

SELINUX=disabled (before was enforcing)


thanks for all !!!
0 Kudos
Reply
Court Campbell
Honored Contributor

‎06-25-2008 11:50 AM

‎06-25-2008 11:50 AM

Re: NTPDATE - Help please

Well, I think disabling eth1 helped. I say this because you got different errors before that seemed network related. After that you started getting the errors with avc in them. Anytime you see avc in logs, etc you should think selinux. Anyway, glad it;s working.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.