我在尝试让 ntp 在几台 ubuntu 12.04 服务器上工作时遇到了很大的麻烦。请注意,这是 NTP,用于保持这些服务器上的时间设置。不是为了分发时间!我已经将其中几台机器安装为 VirtualBox VM,并且它们的行为都相同。它们在所有其他任务(即 Web/SSH 服务器)上工作正常。它们可以访问外部,外部可以访问它们,iptables 防火墙配置也应该允许 NTP:
# Accept all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow all outbound traffic
-A OUTPUT -j ACCEPT
查看启动ntp服务器的输出:
me@machine:~$ sudo service ntp start
* Starting NTP server ntpd [ OK ]
me@ machine:~$ ps aux | grep ntp
ntp 10152 0.0 0.4 37780 2160 ? Ss 04:17 0:06 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
然后查看 syslog 中的 ntp 条目:
Feb 5 20:17:36 machine ntpd[10151]: ntpd [email protected] Tue Jun 5 20:12:08 UTC 2012 (1)
Feb 5 20:17:36 machine ntpd[10152]: proto: precision = 0.392 usec
Feb 5 20:17:36 machine ntpd[10152]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16
Feb 5 20:17:36 machine ntpd[10152]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
Feb 5 20:17:36 machine ntpd[10152]: Listen and drop on 1 v6wildcard :: UDP 123
Feb 5 20:17:36 machine ntpd[10152]: Listen normally on 2 lo 127.0.0.1 UDP 123
Feb 5 20:17:36 machine ntpd[10152]: Listen normally on 3 eth0 XX.XX.XX.XX UDP 123
Feb 5 20:17:36 machine ntpd[10152]: Listen normally on 4 lo ::1 UDP 123
Feb 5 20:17:36 machine ntpd[10152]: Listen normally on 5 eth0 ffff::fff:fff:767 UDP 123
Feb 5 20:17:36 machine ntpd[10152]: peers refreshed
Feb 5 20:17:36 machine ntpd[10152]: Listening on routing socket on fd #22 for interface updates
那里似乎没有什么异常。但机器上的时间仍然不正确,漂移文件尚未写入。
让我们看看 ntpq 输出:
me@machine:~$ sudo ntpq -p
ntpq: read: Connection refused
糟糕。这是怎么回事?ntp 服务器正在运行,端口未被 iptables 阻止。因此,让我们查看 /etc/ntp.conf(所有注释已删除):
driftfile /var/lib/ntp/ntp.drift
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
server 0.ubuntu.pool.ntp.org
server 1.ubuntu.pool.ntp.org
server 2.ubuntu.pool.ntp.org
server 3.ubuntu.pool.ntp.org
server ntp.ubuntu.com
restrict 127.0.0.1
restrict ::1
再次,我认为那里没有什么奇怪的。那么让我们尝试看看其他人的时间服务器:
me@machine:~$ ntpdate -q
6 Feb 06:15:13 ntpdate[15084]: no servers can be used, exiting
好的,Google 显示 ntpdate 没有使用配置文件,而是告诉我们使用 ntpdate-debian:
me@machine:~$ ntpdate-debian -q
server 169.229.70.183, stratum 0, offset 0.000000, delay 0.00000
server 204.2.134.163, stratum 0, offset 0.000000, delay 0.00000
server 216.37.64.2, stratum 0, offset 0.000000, delay 0.00000
server 15.185.186.215, stratum 0, offset 0.000000, delay 0.00000
server 142.54.181.202, stratum 0, offset 0.000000, delay 0.00000
server 198.55.111.50, stratum 0, offset 0.000000, delay 0.00000
server 67.227.252.196, stratum 0, offset 0.000000, delay 0.00000
server 108.61.73.243, stratum 0, offset 0.000000, delay 0.00000
server 75.98.226.178, stratum 0, offset 0.000000, delay 0.00000
server 173.230.149.23, stratum 0, offset 0.000000, delay 0.00000
server 205.133.32.18, stratum 0, offset 0.000000, delay 0.00000
server 69.50.219.51, stratum 0, offset 0.000000, delay 0.00000
server 67.212.118.201, stratum 0, offset 0.000000, delay 0.00000
server 67.217.112.181, stratum 0, offset 0.000000, delay 0.00000
server 174.36.71.205, stratum 0, offset 0.000000, delay 0.00000
server 198.60.22.240, stratum 0, offset 0.000000, delay 0.00000
server 91.189.94.4, stratum 0, offset 0.000000, delay 0.00000
server 91.189.89.199, stratum 0, offset 0.000000, delay 0.00000
6 Feb 06:15:32 ntpdate[15087]: no server suitable for synchronization found
天啊,耶稣,约瑟夫玛丽和驴子!这到底是怎么回事?有谁知道为什么那些 debian/ubuntu VM 都无法同步 NTP 时间吗?