Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Configuring which interface for ntpd

  1. #1
    Join Date
    Mar 2007
    Location
    Wenatchee, WA
    Beans
    Hidden!
    Distro
    Ubuntu

    Configuring which interface for ntpd

    Hello,

    I installed ntpd on my U9.10 server. I set the upstream servers to what I wanted in /etc/ntp.conf, but I can't find anyplace to limit what interface it listens on. Judging by the below, it seems to be 'attached' to both eth0 (192.168.11.14), eth1 (10.0.0.1) and l0 (127.0.0.1), but I'm not sure if it's 'listening' or not since it doesn't have a 'LISTEN' under 'State'... but then again dnsmasq isn't listed as 'LISTEN' for bootp/dhcp (tcp67/68), but I know thats working...

    Code:
    root@rahvin:~# netstat -ntulp
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1329/dnsmasq    
    tcp        0      0 10.0.0.1:22             0.0.0.0:*               LISTEN      1033/sshd       
    tcp6       0      0 :::53                   :::*                    LISTEN      1329/dnsmasq    
    udp        0      0 10.0.0.1:123            0.0.0.0:*                           1454/ntpd       
    udp        0      0 192.168.11.14:123       0.0.0.0:*                           1454/ntpd       
    udp        0      0 127.0.0.1:123           0.0.0.0:*                           1454/ntpd       
    udp        0      0 0.0.0.0:123             0.0.0.0:*                           1454/ntpd       
    udp        0      0 0.0.0.0:53              0.0.0.0:*                           1329/dnsmasq    
    udp        0      0 0.0.0.0:67              0.0.0.0:*                           1329/dnsmasq    
    udp        0      0 0.0.0.0:68              0.0.0.0:*                           739/dhclient3   
    udp6       0      0 fe80::a00:27ff:feff:123 :::*                                1454/ntpd       
    udp6       0      0 fe80::a00:27ff:fe2e:123 :::*                                1454/ntpd       
    udp6       0      0 ::1:123                 :::*                                1454/ntpd       
    udp6       0      0 :::123                  :::*                                1454/ntpd       
    udp6       0      0 :::53                   :::*                                1329/dnsmasq    
    root@rahvin:~#
    If you have any ideas how to limit what interface ntpd listens or offers services on, I'd appreciate it. If I'm misreading the above please point me in the right direction

    TIA,

    Monte

  2. #2
    Join Date
    Sep 2008
    Location
    CyberSpace
    Beans
    240
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Configuring which interface for ntpd

    Quote Originally Posted by memilanuk View Post
    Hello,

    I installed ntpd on my U9.10 server. I set the upstream servers to what I wanted in /etc/ntp.conf, but I can't find anyplace to limit what interface it listens on. Judging by the below, it seems to be 'attached' to both eth0 (192.168.11.14), eth1 (10.0.0.1) and l0 (127.0.0.1), but I'm not sure if it's 'listening' or not since it doesn't have a 'LISTEN' under 'State'... but then again dnsmasq isn't listed as 'LISTEN' for bootp/dhcp (tcp67/68), but I know thats working...

    Code:
    root@rahvin:~# netstat -ntulp
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1329/dnsmasq    
    tcp        0      0 10.0.0.1:22             0.0.0.0:*               LISTEN      1033/sshd       
    tcp6       0      0 :::53                   :::*                    LISTEN      1329/dnsmasq    
    udp        0      0 10.0.0.1:123            0.0.0.0:*                           1454/ntpd       
    udp        0      0 192.168.11.14:123       0.0.0.0:*                           1454/ntpd       
    udp        0      0 127.0.0.1:123           0.0.0.0:*                           1454/ntpd       
    udp        0      0 0.0.0.0:123             0.0.0.0:*                           1454/ntpd       
    udp        0      0 0.0.0.0:53              0.0.0.0:*                           1329/dnsmasq    
    udp        0      0 0.0.0.0:67              0.0.0.0:*                           1329/dnsmasq    
    udp        0      0 0.0.0.0:68              0.0.0.0:*                           739/dhclient3   
    udp6       0      0 fe80::a00:27ff:feff:123 :::*                                1454/ntpd       
    udp6       0      0 fe80::a00:27ff:fe2e:123 :::*                                1454/ntpd       
    udp6       0      0 ::1:123                 :::*                                1454/ntpd       
    udp6       0      0 :::123                  :::*                                1454/ntpd       
    udp6       0      0 :::53                   :::*                                1329/dnsmasq    
    root@rahvin:~#
    If you have any ideas how to limit what interface ntpd listens or offers services on, I'd appreciate it. If I'm misreading the above please point me in the right direction

    TIA,

    Monte
    I am pretty sure that it is not actually listening or doing anything on your connections. NTPD doesn't listen for information usually. When the timer goes off for it to check if your time is correct it turns on a connection and asks for the information. There is never (well shouldn't be unless someone is trying to hack your NTPD) an inbound connection that NTPD doesn't start itself. As to on which interface. You don't need to specify one. NTPD just searches each on until it finds a valid connection to the timeserver you are asking it to you. Then it does it's thing.
    I don't use Ubuntu anymore.

  3. #3
    Join Date
    Mar 2007
    Location
    Wenatchee, WA
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Configuring which interface for ntpd

    Quote Originally Posted by HighCommander540 View Post
    I am pretty sure that it is not actually listening or doing anything on your connections. NTPD doesn't listen for information usually. When the timer goes off for it to check if your time is correct it turns on a connection and asks for the information. There is never (well shouldn't be unless someone is trying to hack your NTPD) an inbound connection that NTPD doesn't start itself.
    How would it act as a server for my network if it doesn't listen for connections? That was the primary reason for my installing it.


    As to on which interface. You don't need to specify one. NTPD just searches each on until it finds a valid connection to the timeserver you are asking it to you. Then it does it's thing.
    That... doesn't make a lot of sense. Why would it search on the *loopback* interface for an upstream timeserver?

  4. #4
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,008
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Configuring which interface for ntpd

    Quote Originally Posted by memilanuk View Post
    How would it act as a server for my network if it doesn't listen for connections? That was the primary reason for my installing it.
    udp applications don't "listen", do only 'send' or 'receive'.


    don't know if you can actually bind the ntp daemon to a network interface.
    What you probably want is to have some control over which servers it receives time from, and which network(s) it gives time to. You can configure that in /etc/ntpd.conf

    Code:
    man ntpd
    man 5 ntpd.conf

  5. #5
    Join Date
    Mar 2007
    Location
    Wenatchee, WA
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Configuring which interface for ntpd

    koenn,

    I had already configured which upstream public time servers I wanted this machine to use: 0.us.pool.ntp.org, 1.us.pool.ntp.org, etc. so I think I had that part taken care of.

    Not trying to argue with you per se, but the man page talks about it 'listening'. Maybe a question of semantics?

    listen on address
    Specify a local IP address or a hostname the ntpd(8)daemon should listen on.
    I'll have to go back and look at the config file on my machine; I don't recall how the 'Listen' clauses are set up or if there are any listed by default.

    Thanks,

    Monte

  6. #6
    Join Date
    Sep 2008
    Location
    CyberSpace
    Beans
    240
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Configuring which interface for ntpd

    Quote Originally Posted by memilanuk View Post
    How would it act as a server for my network if it doesn't listen for connections? That was the primary reason for my installing it.
    Because the point is that NTPD, doesn't serve anything to anyone. It is just a service that's used to set the computer date/time periodically. It doesn't wait for information to be sent to it (that is what listening mean). What it does it every once in awhile (you set the time), it will check the server's for the correct time.

    Do you realize how stupid listening would be for a program like this? The time server's would have to have have to have the IP addresses saved of anyone in the world that would want to use them and send out a mass data burst every 5 mins. That would just be the stupidest thing ever.


    [QUOTE=memilanuk;8557915
    That... doesn't make a lot of sense. Why would it search on the *loopback* interface for an upstream timeserver?[/QUOTE]

    Because...Its programmed to just find the server. It can't tell the difference between loopback and otherwise. It just sees a connection. Computer's are stupid unless you tell then not to be.

    Quote Originally Posted by memilanuk View Post
    koenn,

    I had already configured which upstream public time servers I wanted this machine to use: 0.us.pool.ntp.org, 1.us.pool.ntp.org, etc. so I think I had that part taken care of.

    Not trying to argue with you per se, but the man page talks about it 'listening'. Maybe a question of semantics?

    I'll have to go back and look at the config file on my machine; I don't recall how the 'Listen' clauses are set up or if there are any listed by default.

    Thanks,

    Monte
    All the configuration file means by listen. Is what port to use when trying to get the date and time. Not actually listen.

    Honestly its a question of...Why fix what's not broken? If it works then why are you complaining?
    I don't use Ubuntu anymore.

  7. #7
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,008
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Configuring which interface for ntpd

    Quote Originally Posted by memilanuk View Post
    Not trying to argue with you per se, but the man page talks about it 'listening'. Maybe a question of semantics?
    Yes, it's semantics, as HighCommander540 points out.
    The "LISTEN" state shown in netstat is the state of a given tcp socket. udp sockets don't have state, they only send and receive.

    The "listen" in a daemon config file usually means what interface/adres/port number the daemon should use to communicate with the network. In stead of "listen", you often see "bind to" for these cases.

  8. #8
    Join Date
    Mar 2007
    Location
    Wenatchee, WA
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Configuring which interface for ntpd

    Quote Originally Posted by HighCommander540 View Post
    Because the point is that NTPD, doesn't serve anything to anyone.
    Really. So it's not possible to set up your own local timeserver and have local clients get their time from that machine, rather than having *all* of them trying to contact an upstream public server. Right...

  9. #9
    Join Date
    Mar 2007
    Location
    Wenatchee, WA
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Configuring which interface for ntpd

    Quote Originally Posted by koenn View Post
    The "listen" in a daemon config file usually means what interface/adres/port number the daemon should use to communicate with the network. In stead of "listen", you often see "bind to" for these cases.
    Gotcha. I do find it somewhat interesting that the Ubuntu default installed package 'ntp' doesn't have *any* option for listen, etc. but the alternate 'openntpd' does... and I sure would be curious to see if it changes what I see when running netstat on the system (as far as whats listening/bound where). Unfortunately it returns a number of errors during installation and won't start cleanly either. Given its about bedtime, I'll have to leave that little mystery for another time and place.

    Thanks,

    Monte

  10. #10
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,008
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Configuring which interface for ntpd

    Quote Originally Posted by memilanuk View Post
    Really. So it's not possible to set up your own local timeserver and have local clients get their time from that machine, rather than having *all* of them trying to contact an upstream public server. Right...
    this is usually done client-side, eg Windows domain members always assume their domain controller is also their time server, unless you tell them otherwise. You can also pass ntp server addresses to clients as a dhcp option.

    You can also tell your ntpd that it should broadcast to a given network - but that's something different from telling it which network interface it should use.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •