I've been struggling with getting NTP working on Linux off-and-on for over a year. Finally, a week or so ago, I pinpointed the problem to tcp_wrappers, and the brief details are farther below. I have tcp_w configured to only allow telnet and ftp from a few management hosts. I can reproduce the problem everytime, as opposed to what I said below. I just need to login, add the "ALL:ALL" rule to tcp_w, *logout, and log back in*, and suddenly ntpdate now works. If I remove the "ALL:ALL" rule, logout, and log back in, ntpdate no longer works anymore. As if there's some kind of session state that goes along with logging in. I've been able to reproduce this on different RedHat Linux versions (7.2 and 2.1AS with various kernels, and different versions of ntp, yet have not tried a different version of tcp_w), and have found a few on the 'net with the same/similar problem, but no solution. I thought I was on the right track when I found that tcp_w was/seemed to be an issue, but then did a sniffer trace when ntpdate worked and didn't, and couldn't find any kind of abnormal traffic that would be blocked. Tcp_w causing problems just doesn't make any sense... Especially more so when NTP is using UDP. Thoughts? Marco > -----Original Message----- > From: Shaw, Marco > Sent: Sunday, January 25, 2004 8:45 AM > To: 'taroon-list@xxxxxxxxxx'; 'redhat-list@xxxxxxxxxx' > Subject: RE: NTP problems--UPDATE 2 > > > > > > > NTP: I couldn't get it working with 7.2 with various > > > > kernels, and various NTP packages, and now still can't get it > > > > working with 2.1AS... > > > > > > > > > > ipchains allows all eth0 traffic through (trusted > > > > interface), yet I cannot get ntp to work. > > > > > > > > > > All I get is this, but absolutely *nothing* in tcpdump: > > > > > # ntpdate -d IP_address_hidden > > > > > 15 Jan 10:05:59 ntpdate[22868]: ntpdate 4.1.2@xxxxx Tue Dec > > > > 9 11:52:07 EST 2003 > > > > > (1) > > > > > 15 Jan 10:06:59 ntpdate[22868]: poll(): nfound = 0, > > error: Success > > .... > > > > OK, a little bit of progress maybe. Whenver ntp fails, lsof > > prints out > > the last line below: > > > > [root@www-nb03m0 fs]# lsof|grep ntpdate > > ntpdate 461 root cwd DIR 8,7 4096 > > 144002 /root > > ntpdate 461 root rtd DIR 8,7 4096 2 / > > ntpdate 461 root txt REG 8,5 40460 > > 128472 /usr/sbin/ntp > > date > > ntpdate 461 root mem REG 8,7 464409 > > 65742 /lib/ld-2.2.4 > > .so > > ntpdate 461 root mem REG 8,5 44851 > > 64355 /usr/lib/libc > > ap.so.1.10 > > ntpdate 461 root mem REG 8,7 5737154 > > 64013 /lib/libc-2.2 > > .4.so > > ntpdate 461 root 0u CHR 136,3 > > 5 /dev/pts/3 > > ntpdate 461 root 1u CHR 136,3 > > 5 /dev/pts/3 > > ntpdate 461 root 2u CHR 136,3 > > 5 /dev/pts/3 > > ntpdate 461 root 3u sock 0,0 > > 175748304 can't identif > > y protocol > > I played with things a bit more, and it seems that > tcp_wrappers is the problem. > Unless, I add an "ALL:ALL" line in hosts.allow, I am not able > to run ntpdate > As indicated above. Even adding "ALL:NTP Server IP" does not > help (where "NTP > Server IP" is the host I'm trying to run ntpdate against). > > I'm confused... Tcp_wrappers is for TCP connections, and > should affect only > Incoming connections, but tcp_w is even causing problems for > outgoing packets. > > I don't see any DNS traffic at the time that ntpdate is run, > in case this is > a resolution problem. I've added the host I'm trying to run > ntpdate against > in my /etc/hosts, since I've got a multi-home hosts that uses > public DNS servers > yet, my NTP source is inside a/my private network. > > Any ideas what tcp_w is doing wrong here? > > Marco > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
