Odd NTP Offset Issues

[JonM]

I’m looking for some help with NTP. I’m not an NTP expert so please don’t take this as anything but a suggestion.

In the past the ntpdate offset was always near -1 second (per the System log for NTP). During this time the NTP Configuration Synchronization was set to every 12 hours.

I found after I upgraded from Core 120 to Core 122 my NTP offset increased from a few seconds to about 12 seconds. Not a big deal but I was curious.

I wondered why the offset changed and started to dig around. Yes, I have too much time on my hands! And no "time" pun was intended!

I noticed the NTP drift, located at /etc/ntp/drift, was always set to 0.000. And the modification time of the /etc/ntp/drift file was changing.

In my /etc/ntp.conf file:

Code: Select all

[root@ipfire ~]# cat /etc/ntp.conf

disable monitor
restrict default nomodify noquery
server  127.127.1.0 prefer
fudge   127.127.1.0 stratum 10
driftfile /etc/ntp/drift

It looks like the preferred server is the Undisciplined Local Clock. I could not locate a proper reference for this but I did find this in a sample ntp.conf:

Code: Select all

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.

So in the original /etc/ntp.conf file I added lines for the NTP servers I use and removed the original "prefer" from server 127.127.1.0. And now my /etc/ntp.conf looks like this:

Code: Select all

[root@ipfire etc]# cat /etc/ntp.conf

disable monitor
restrict default nomodify noquery
server  0.us.pool.ntp.org prefer
server  1.us.pool.ntp.org
server  127.127.1.0
fudge   127.127.1.0 stratum 10
driftfile /etc/ntp/drift

And then I did a restart:

Code: Select all

/etc/rc.d/init.d/ntp restart

About 30 minutes after the restart, the drift file started to be updated with various PPM readings. And my offset went to between -0.1 and 0.1 seconds.

During my hunt I also found there is an ntp user and an ntp group.

Code: Select all

[root@ipfire etc]# getent passwd | grep -ie ntp -e root
root:x:0:0:root:/root:/bin/bash
ntp:x:38:38::/etc/ntp:/bin/false

And the ntpd is owned by root and not by ntp:

Code: Select all

[root@ipfire etc]# ps -ef | grep -v grep | grep -i ntp
root     29497     1  0 14:46 ?        00:00:00 /usr/bin/ntpd -Ap /var/run/ntpd.pid

---

After all that my questions are:

• Within /etc/ntp.conf, was server 127.127.1.0 prefer done for security? I am reluctant to change lines if this creates a security issue.

• Should ntpd be run as ntp and not under as root? And if not, should user ntp and group ntp be removed?

[JonM]

wow! This worked out better then I thought it would!

Code: Select all

Nov  8 22:07:09 ipfire ntpTest: Updated drift file.  Drift is 0.000 PPM at Thu Nov  8 21:44:24 CST
Nov  8 22:20:01 ipfire ntpTest: adjust time server 198.50.238.156 offset 0.005980 sec
Nov  8 22:22:01 ipfire ntpTest: Updated drift file.  Drift is -428.718 PPM at Thu Nov  8 22:21:11 CST
Nov  8 23:20:01 ipfire ntpTest: adjust time server 129.250.35.250 offset -0.003277 sec
Nov  8 23:22:01 ipfire ntpTest: Updated drift file.  Drift is -429.290 PPM at Thu Nov  8 23:21:11 CST
Nov  9 00:20:02 ipfire ntpTest: adjust time server 216.229.0.50 offset -0.003644 sec
Nov  9 00:22:00 ipfire ntpTest: Updated drift file.  Drift is -430.173 PPM at Fri Nov  9 00:21:11 CST
Nov  9 01:20:02 ipfire ntpTest: adjust time server 129.250.35.250 offset -0.002257 sec
Nov  9 01:22:01 ipfire ntpTest: Updated drift file.  Drift is -430.420 PPM at Fri Nov  9 01:21:11 CST
Nov  9 02:20:02 ipfire ntpTest: adjust time server 216.229.0.50 offset -0.002723 sec
Nov  9 03:20:02 ipfire ntpTest: adjust time server 69.89.207.99 offset -0.002426 sec
Nov  9 03:22:01 ipfire ntpTest: Updated drift file.  Drift is -430.608 PPM at Fri Nov  9 03:21:11 CST
Nov  9 04:20:02 ipfire ntpTest: adjust time server 38.126.113.11 offset -0.001459 sec
Nov  9 04:22:01 ipfire ntpTest: Updated drift file.  Drift is -430.824 PPM at Fri Nov  9 04:21:11 CST
Nov  9 05:20:03 ipfire ntpTest: adjust time server 192.73.243.97 offset -0.002619 sec
Nov  9 06:20:03 ipfire ntpTest: adjust time server 149.28.39.34 offset -0.003576 sec
Nov  9 06:22:00 ipfire ntpTest: Updated drift file.  Drift is -430.984 PPM at Fri Nov  9 06:21:11 CST
Nov  9 07:20:02 ipfire ntpTest: adjust time server 209.177.145.40 offset -0.001721 sec
Nov  9 08:20:02 ipfire ntpTest: adjust time server 98.152.165.38 offset -0.000591 sec
Nov  9 08:22:01 ipfire ntpTest: Updated drift file.  Drift is -431.075 PPM at Fri Nov  9 08:21:11 CST
Nov  9 09:20:04 ipfire ntpTest: adjust time server 199.102.46.74 offset 0.000197 sec
Nov  9 09:22:01 ipfire ntpTest: Updated drift file.  Drift is -430.889 PPM at Fri Nov  9 09:21:11 CST
Nov  9 10:20:01 ipfire ntpTest: adjust time server 199.102.46.80 offset -0.000829 sec
Nov  9 10:22:01 ipfire ntpTest: Updated drift file.  Drift is -430.671 PPM at Fri Nov  9 10:21:11 CST
Nov  9 11:20:02 ipfire ntpTest: adjust time server 162.213.2.253 offset -0.001400 sec
Nov  9 12:20:02 ipfire ntpTest: adjust time server 69.89.207.199 offset -0.000522 sec

[RedneckMother]

Greetings. I made similar changes to /etc/ntp.conf and also saw better offset results:

Nov 9 01:55:15 firewall ntpdate[9881]: adjust time server 47.190.36.230 offset 0.238157 sec
Nov 9 02:55:13 firewall ntpdate[12259]: adjust time server 198.137.202.56 offset 0.199156 sec
Nov 9 03:55:14 firewall ntpdate[14608]: adjust time server 178.128.4.44 offset 0.229003 sec
Nov 9 04:55:15 firewall ntpdate[16960]: adjust time server 199.102.46.77 offset 0.217028 sec
Nov 9 05:55:14 firewall ntpdate[19334]: adjust time server 72.14.183.39 offset 0.203986 sec
Nov 9 06:55:16 firewall ntpdate[21690]: adjust time server 69.197.188.178 offset 0.232828 sec
Nov 9 07:55:13 firewall ntpdate[24040]: adjust time server 209.177.145.40 offset 0.202727 sec
Nov 9 08:55:15 firewall ntpdate[26388]: adjust time server 216.229.0.49 offset 0.242518 sec
Nov 9 09:55:14 firewall ntpdate[28731]: adjust time server 192.73.242.152 offset 0.202129 sec
Nov 9 10:55:15 firewall ntpdate[31080]: adjust time server 128.10.19.24 offset 0.218128 sec
Nov 9 11:55:20 firewall ntpdate[1175]: adjust time server 85.199.214.100 offset 0.208097 sec
Nov 9 12:55:21 firewall ntpdate[3706]: adjust time server 192.73.242.152 offset 0.219813 sec
Nov 9 13:55:16 firewall ntpdate[6049]: adjust time server 98.152.165.38 offset 0.232330 sec
Nov 9 14:55:15 firewall ntpdate[8465]: adjust time server 199.102.46.75 offset 0.216648 sec
Nov 9 15:55:14 firewall ntpdate[10826]: adjust time server 204.9.54.119 offset 0.209652 sec
Nov 9 16:20:01 firewall ntpdate[11899]: adjust time server 198.60.22.240 offset 0.055857 sec
Nov 9 16:25:13 firewall ntpdate[13939]: adjust time server 72.30.35.88 offset -0.257998 sec
Nov 9 16:29:25 firewall ntpdate[14918]: adjust time server 206.108.0.132 offset -0.003736 sec
Nov 9 17:25:15 firewall ntpdate[21399]: adjust time server 45.33.84.208 offset 0.009889 sec
Nov 9 18:25:20 firewall ntpdate[28266]: adjust time server 155.94.164.121 offset -0.003451 sec

Very interesting!

[JonM]

Set the NTP Configuration Synchronization (menu Services > Time Server) to Manually and then the ntpd should become more accurate as the drift file is adjusted.

Note:I know we don't need the perfect time server. It was just enjoyable to learn something new and possibly correct the ntpd.

If you do set the NTP Configuration Synchronization to Manually then the way to get the offset is:

Code: Select all

ntpdate -qu 0.ipfire.pool.ntp.org 1.ipfire.pool.ntp.org 2>/dev/null | tail -1

[RedneckMother]

Slick!
Thanks for the tips.

[H&M]

Hello,

I have replicated the setup in this topic (edit ntp.conf) but I get a bunch of errors:

Code: Select all

Dec  3 08:24:09 silver-x86-64 ntpd[19685]: ntpd 4.2.8p13@1.3847-o Thu May  2 20:06:35 UTC 2019 (1): Starting
Dec  3 08:24:09 silver-x86-64 ntpd[19685]: Command line: /usr/bin/ntpd -Ap /var/run/ntpd.pid
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: proto: precision = 0.469 usec (-21)
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: basedate set to 2019-04-20
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: gps base set to 2019-04-21 (week 2050)
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen and drop on 0 v6wildcard [::]:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen normally on 2 lo 127.0.0.1:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen normally on 3 blue0 192.168.11.1:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen normally on 4 green0 192.168.10.1:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen normally on 5 ppp0 5.12.243.16:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listen normally on 6 tun0 10.10.99.1:123
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: Listening on routing socket on fd #23 for interface updates
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Dec  3 08:24:09 silver-x86-64 ntpd[19687]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Dec  3 08:25:09 silver-x86-64 ntpdate[19953]: no server suitable for synchronization found
Dec  3 08:25:09 silver-x86-64 ipfire: ntpdate error

Manual update works fine.
Drift file is not updated.

What should I check?

Thanks!
H&M

[JonM]

I replied on the new wiki:
https://community.ipfire.org/t/odd-ntp- ... tinued/492

[H&M]

Alas,
the registration process on new community portal fails for me: I constantly get the message I am a Spamer...

Filled a bug for that...

[JonM]

see posts at:
https://community.ipfire.org/t/odd-ntp- ... tinued/492