錯誤現象:
[root@magedu ~]# ntpdate 192.169.123.149
22 May 20:53:07 ntpdate[5580]: no server suitable for synchronization found
[root@magedu ~]# ntpdate -d 192.169.123.149
22 May 20:48:03 ntpdate[5487]: ntpdate [email protected] Wed Jun 18 21:20:36 UTC 2014 (1)
Looking for host 192.169.123.149 and service ntp
host found : 192-169-123-149-customer.oowvps.com
transmit(192.169.123.149)
transmit(192.169.123.149)
transmit(192.169.123.149)
transmit(192.169.123.149)
transmit(192.169.123.149)
192.169.123.149: Server dropped: no data
server 192.169.123.149, port 123
stratum 0, precision 0, leap 00, trust 000
refid [192.169.123.149], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time: 00000000.00000000 Mon, Jan 1 1900 7:36:42.000
originate timestamp: 00000000.00000000 Mon, Jan 1 1900 7:36:42.000
transmit timestamp: d909a409.68167265 Fri, May 22 2015 20:48:09.406
filter delay: 0.00000 0.00000 0.00000 0.00000
0.00000 0.00000 0.00000 0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000
22 May 20:48:11 ntpdate[5487]: no server suitable for synchronization found
錯誤原因:
(1)、檢查ntp的版本,如果你使用的是ntp4.2(包括4.2)之後的版本,在restrict的定義中使用了notrust的話,會導致以上錯誤。
使用以下命令檢查ntp的版本:
# ntpq -c version
下面是來自ntp官方網站的說明:
The behavior of notrust changed between versions 4.1 and 4.2.
In 4.1 (and earlier) notrust meant "Don't trust this host/subnet for time".
In 4.2 (and later) notrust means "Ignore all NTP packets that are not cryptographically authenticated." This forces remote time servers to authenticate themselves to your (client) ntpd
解決:把notrust去掉。
(2)、檢查ntp server的防火牆。可能是server的防火牆屏蔽了upd 123端口。
可以用命令:
# service iptables stop
或者
# iptables -I INPUT -m udp -p udp --dport 123 -j ACCEPT
(3)、ntpdate命令後面的IP地址寫錯了。。。