我目前正在经历与 ntpd 的令人难以置信的长时间同步延迟,经过多次谷歌搜索后,我决定开始一个新的线程,因为所有“补救措施”都不起作用。
有问题的机器是运行 Raspi OS“Buster”(2021 年 5 月 7 日精简版/非 GUI 映像)的 Raspberry Pi 3B。由于它是小型集群的头节点,因此它有 2 个 NIC - eth0(内置 NIC 和内部接口)设置为 192.168.4.100/24,eth1(USB 加密狗和外部接口)设置为 192.168。 1.220/24。我目前正在使用 dhcpcd 来配置接口并在 /etc/resolvconf.conf 中定义名称服务器。恩特普德将要最终同步,但只有几个小时后,当我重新启动 Pi 时,尽管 fake-hwclock 将时间保存在 /etc/fake-hwclock.data 中,ntpd 又回到了第一个位置,并再次开始了长达数小时的同步过程。我应该注意 /etc/fake-hwclock 中保存的时间是 UTC 时间,而不是时区调整时间,但我不认为这会影响 ntpd 的同步时间。
下面是我的 /etc/ntp.conf 文件。取消注释“tinker panic 0”行似乎根本不会影响同步。
总而言之,我的问题是:
如何减少同步时间延迟?
如果我在 ntpd 同步后重新启动 Pi,运行“date”命令将为我提供正确的时间,但 ntpd 将返回到第一个位置,并且需要几个小时才能同步。如何避免这种情况? (逻辑上说,当本地时间和远程时间仅相差几秒时,协调本地时间和远程时间应该不会花费很长时间)
systemd-timesyncd 是残疾人。
/etc/ntp.conf
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
#tinker panic 0
driftfile /var/lib/ntp/ntp.drift
# Leap seconds definition provided by tzdata
leapfile /usr/share/zoneinfo/leap-seconds.list
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# You do need to talk to an NTP server or two (or three).
server time-a-g.nist.gov iburst
server time-a-wwv.nist.gov iburst
server 0.debian.pool.ntp.org iburst
server 1.debian.pool.ntp.org iburst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
# Needed for adding pool entries
restrict source notrap nomodify noquery
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
broadcast 192.168.4.255
CDT 上午 11:07 的“uptime”和“ntpq -p”输出(根据我的 MacBook Pro 时钟):
charles@Chimera-Head-Node:~ $ uptime
10:12:52 up 34 min, 1 user, load average: 0.00, 0.00, 0.00
charles@Chimera-Head-Node:~ $ ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
192.168.4.255 .XFAC. 16 B - 64 0 0.000 0.000 0.002
time-a-g.nist.g .INIT. 16 u - 1024 0 0.000 0.000 0.000
time-a-wwv.nist .INIT. 16 u - 1024 0 0.000 0.000 0.000
ec.sedley.net .INIT. 16 u - 1024 0 0.000 0.000 0.000
ntp1.doctor.com .INIT. 16 u - 1024 0 0.000 0.000 0.000
注意:每当我启动/重新启动 Pi 时,广播地址始终显示为 .XFAC。对于重新改装。如果我执行简单的“sudo service ntp restart”,refid 会更改为 .BCST。 (它需要是什么)。我还没有解决这个问题,虽然这是另一个线程的问题,但欢迎提出任何建议:-)
启动时系统日志的输出(已删除非 ntpd/dhcpcd 条目):
Sep 1 09:38:53 Chimera-Head-Node ntpd[546]: ntpd [email protected] (1): Starting
Sep 1 09:38:53 Chimera-Head-Node ntpd[546]: Command line: /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 109:114
Sep 1 09:38:53 Chimera-Head-Node systemd[1]: Started Network Time Service.
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: proto: precision = 1.458 usec (-19)
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): good hash s
ignature
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): loaded, exp
ire=2021-12-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen and drop on 0 v6wildcard [::]:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen normally on 2 lo 127.0.0.1:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen normally on 3 eth1 192.168.1.220:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen normally on 4 lo [::1]:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen normally on 5 eth0 [fe80::ba27:ebff:fed5:8e4d%2]:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listen normally on 6 eth1 [fe80::1f2d:3bb6:af44:5cbb%3]:123
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: Listening on routing socket on fd #23 for interface updates
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
Sep 1 09:38:53 Chimera-Head-Node ntpd[554]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized
Sep 1 09:38:54 Chimera-Head-Node dhcpcd[541]: eth0: using static address 192.168.4.100/24
Sep 1 09:38:54 Chimera-Head-Node dhcpcd[541]: eth0: adding route to 192.168.4.0/24
Sep 1 09:38:55 Chimera-Head-Node ntpd[554]: Listen normally on 7 eth0 192.168.4.100:123
Sep 1 09:38:55 Chimera-Head-Node ntpd[554]: 192.168.4.255 local addr 192.168.1.220 -> 192.168.4.100
Sep 1 09:38:55 Chimera-Head-Node ntpd[554]: new interface(s) found: waking up resolver
Sep 1 09:39:01 Chimera-Head-Node dhcpcd[541]: eth1: no IPv6 Routers available
Sep 1 09:39:03 Chimera-Head-Node dhcpcd[541]: eth0: no IPv6 Routers available
答案1
(从最初是问题文本的一部分移至此处)。
问题已经解决(我只是直到现在才有机会发布这个)。解决方案分为两部分:
当我的 Synology RT-2600ac 路由器开启了 NTP 服务时和,理论上123端口是开放的,我关闭了该服务,然后做了一个防火墙规则明确地打开从任何IP地址到任何IP地址的udp端口123。
下面是我现在使用的 ntp.conf 文件。虽然我不知道是否可以删除头节点 ntp.conf 顶部的接口命令,但我非常确定 192.168.4.0 网络的限制行可以解决 192.168.4.0 网络上的 NTP 分发问题。
簇头节点ntp.conf
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# default to listening to nothing
#
interface ignore all
# Listen on the inside interface
#
interface listen 192.168.4.100/24
# Listen on the outside interface
#
interface listen 192.168.1.220/24
driftfile /var/lib/ntp/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
server time-a-g.nist.gov iburst
server time-a-wwv.nist.gov iburst
server 2.debian.pool.ntp.org iburst
server 3.debian.pool.ntp.org iburst
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict 192.168.4.0 mask 255.255.255.0 nomodify
# Needed for adding pool entries
restrict source notrap nomodify noquery
集群计算节点ntp.conf
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Leap seconds definition provided by tzdata
leapfile /usr/share/zoneinfo/leap-seconds.list
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# You do need to talk to an NTP server or two (or three).
server 192.168.4.100 iburst
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
# Needed for adding pool entries
restrict source notrap nomodify noquery
到目前为止,上述文件似乎运行良好。