NAC time not correct

  • 0
  • 1
  • Problem
  • Updated 4 years ago
  • (Edited)
at 10 NAC's, all within the same subnet the customer register time differences from some minutes to 8 hours.
on tuesday these NAC's are updated from version 5.0 to 5.1 and rebootet. 
the following NAC config is from the installation wizzard and the NTP server reacheble...
I need some hints how to debug this and how to find the source of the problem...

# Sample
/etc/ntp.conf: Configuration file for ntpd.

#

# Undisciplined Local Clock. This is a fake driver intended for backup

# and when no outside source of synchronized time is available. The

# default stratum is usually 3, but in this case we elect to use stratum

# 0. Since the server line does not have the prefer keyword, this driver

# is never used for synchronization, unless no other other

# synchronization source is available. In case the local host is

# controlled by some external source, such as an external oscillator or

# another protocol, the prefer keyword would cause the local host to

# disregard all other synchronization sources, unless the kernel

# modifications are in use and declare an unsynchronized condition.

#

fudge 127.127.1.0 stratum 10

#server pool.ntp.org

 

#

# Drift file. Put this in a directory which the daemon can write to.

# No symbolic links allowed, either, since the daemon updates the file

# by creating a temporary in the same directory and then rename()'ing

# it to the file.

#

driftfile /etc/ntp/drift

multicastclient # listen on default 224.0.1.1

broadcastdelay 0.008

 

#

# Keys file. If you want to diddle your server at run time, make a

# keys file (mode 600 for sure) and define the key number to be

# used for making requests.

# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote

# systems might be able to reset your clock at will.

#

#keys /etc/ntp/keys

#trustedkey 65535

#requestkey 65535

#controlkey 65535

 

# Don't serve time or stats to anyone else by default (more secure)

restrict default noquery nomodify

# Trust ourselves. :-)

restrict 127.0.0.1

 

#ntp enabled

server 10.20.99.222

server 10.20.99.223


 


Photo of D Kotte

D Kotte

  • 124 Points 100 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 48,846 Points 20k badge 2x thumb
So your NACs are also in the same subnet 10.20.99.0 or in another one with a firewall in between.
Could you run the command  ntpq -p and post the output.

Thx,
Ron 
Photo of D Kotte

D Kotte

  • 124 Points 100 badge 2x thumb
Problem solved ...
some NAC devices use different timezones and at some NAC's the NTPD is not running.
I correct the TZ settings and start the NTPD ... now i have a consistent time over all devices.

@Ronald Dvorak: at the devices with dead NTPD the "ntpd -p" command results in "connection rejected" ... that was a great help to find the error. THX!

(Edited)