0

Disclaimer : I am not that good with Linux, i'm mainly a Windows admin.

So i have a bunch of Raspberry being deployed on my network, and one of the issues i'm facing is they can't keep the right time and date. So I figured I'd just install the NTP service and point them to my Windows Domain Controller, which also work as an NTP server. But it doesn't seem to work. Here is my ntp.conf file :

# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift

# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# You do need to talk to an NTP server or two (or three).


# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
# pick a different set every time it starts up.  Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
server 192.168.1.11
#pool 0.debian.pool.ntp.org iburst
#pool 1.debian.pool.ntp.org iburst
#pool 2.debian.pool.ntp.org iburst
#pool 3.debian.pool.ntp.org iburst


# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Needed for adding pool entries
restrict source notrap nomodify noquery

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust


# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient

Where 192.168.1.11 is the IP of my DC/NTP server. Is something wrong with my config ? By the way when i force the update with the command :

ntpdate -u 192.168.1.11

It works... but it doesn't last. When I unpower the raspberry for like an hour and boot it back up he's at the wrong time again... the NTP synchronisation doesn't work.

EDIT : as requested, here is the output of the ntpq -npcrv command :

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 192.168.1.11    .LOCL.           1 u   21   64  377    0.418  35727.2   2.839
associd=0 status=c016 leap_alarm, sync_unspec, 1 event, restart,
version="ntpd 4.2.8p10@1.3728-o Sat Mar 10 18:03:33 UTC 2018 (1)",
processor="armv7l", system="Linux/4.14.79-v7+", leap=11, stratum=16,
precision=-20, rootdelay=0.000, rootdisp=334.095, refid=INIT,
reftime=00000000.00000000  Thu, Feb  7 2036  7:28:16.000,
clock=e29463c8.1fec8d2d  Wed, Jun 17 2020 11:41:28.124, peer=0, tc=3,
mintc=3, offset=0.000000, frequency=0.000, sys_jitter=0.000000,
clk_jitter=0.001, clk_wander=0.000
Bekoj
  • 13
  • 2
  • 5
  • What I do is incorporate ntpdate in the startup of ntpd. As I'm working with Devuan, that is in the /etc/init.d/ntp script. If you're using systemd, there'll probably be a way do make ntp dependant on a ntpdate run beforehand. For ntp to kick in, the difference with the time server may not be too big. – Gerard H. Pille Jun 12 '20 at 10:31
  • @GerardH.Pille There should be no need to use `ntpdate` if you're using a correctly installed ntp package. @Bekoj Include the output of `ntpq -npcrv` in your question after `ntpd` has been running for at least 15 minutes and we'll see if we can work out your problem. – Paul Gear Jun 12 '20 at 22:42
  • @PaulGear in that case, my ntp package wasn't correctly installed. Or would it be that ntp didn't yet have the "-g" option when I bought one of the first RPi 2B's ? – Gerard H. Pille Jun 13 '20 at 09:52
  • @GerardH.Pille Seems unlikely. I can't recall when they made it the default, but it was some time ago. Perhaps your `/etc/default/ntp` predates it though, or was otherwise modified? – Paul Gear Jun 13 '20 at 23:29
  • Hmmm.....Don't you need more than one server for NTP to work properly, suggest you add your localhost as a low priority clock source. – mdpc Jun 14 '20 at 04:00
  • 1
    @PaulGear The changelog shows the option was added the same year they released the 2B i bought. When I added the ntpdate trick, that version wasn't part of the stable Debian. I'll run a test on my 3B+ to see if the -g works, since the 2B never goes down for a longer time. – Gerard H. Pille Jun 14 '20 at 08:12
  • @PaulGear, little problem, the 3B+ has openntpd, no "-g" there. – Gerard H. Pille Jun 14 '20 at 08:24
  • 1
    "ntpd -g" does work, provided a network connection. – Gerard H. Pille Jun 14 '20 at 10:12
  • @mdpc That is incorrect and bad advice, both regarding the number of sources and the advice to add localhost. NTP Best Current Practice is to have at least 4 sources (https://tools.ietf.org/html/rfc8633#section-3.2) and the local clock driver has been deprecated for many years. – Paul Gear Jun 15 '20 at 09:45
  • 1
    @PaulGear sorry for the delay, i just edited my post with the command output you asked about. I suspect a problem in the package installation but as i said Linux really isn't my strong suit so i'm not really sure how to fix it. – Bekoj Jun 17 '20 at 09:50
  • You really should be using chrony, not ntpd. It's much more suitable for devices without realtime clocks, devices with intermittent connectivity, etc. systemd-timesyncd is another option, but your distro might not have it yet. – Michael Hampton Jun 18 '20 at 02:26

1 Answers1

1

Your NTP source is using its own local clock, which is a bad source of time, and NTP thinks it is too far away to sync from. Double-check that /etc/default/ntp contains -g in NTPD_OPTS (normally, that file will just be the single line NTPD_OPTS='-g'), and change the NTP configuration on 192.168.1.11 to use an appropriate list of external time sources (like the NTP pool).

Paul Gear
  • 4,367
  • 19
  • 38