Back

Explore Courses Blog Tutorials Interview Questions
0 votes
3 views
in AWS by (12.9k points)

I’m using AWS and am on an EC2 server …

[dalvarado@mymachine ~]$ uname -a

Linux mydomain.org 3.14.33-26.47.amzn1.x86_64 #1 SMP Wed Feb 11 22:39:25 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

My clock is off by a minute so despite the fact that I already have NTPD installed and running

[dalvarado@mymachine ~]$ sudo service ntpd status

ntpd (pid  22963) is running...

It would appear ntp packets are blocked or there is some other problem because I get this error …

[dalvarado@mymachine ~]$ sudo ntpdate pool.ntp.org

 2 Apr 16:43:50 ntpdate[23748]: no server suitable for synchronization found

Does anyone know with AWS if there’s another server I should be contacting for NTP info or if there are other additional configurations I need?

Including the output from the comment:

[dalvarado@mymachine ~]$ sudo ntpq -p

   Output:

remote              

refid     

st t

when poll reach  

delay  

offset 

jitter

173.44.32.10          

.INIT.         

16 u   

- 1024          0   

0.000   

0.000   

0.000   

deekayen.net         

.INIT.         

16 u

- 1024          0   

0.000   

0.000   

0.000   

dhcp-147-115-21   

.INIT.         

16 u

- 1024          0   

0.000   

0.000   

0.000   

time-b.timefreq     

.INIT.         

16 u

- 1024          0   

0.000   

0.000   

0.000   

Below are the contents of the /etc/ntp.conf file

# For more information about this file, see the man pages

# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not

# permit the source to query or modify the service on this system.

restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could

# be tightened as well, but to do so would effect some of

# the administrative functions.

restrict 127.0.0.1 

restrict ::1

# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

server 0.amazon.pool.ntp.org iburst

server 1.amazon.pool.ntp.org iburst

server 2.amazon.pool.ntp.org iburst

server 3.amazon.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey    # broadcast server

#broadcastclient            # broadcast client

#broadcast 224.0.1.1 autokey        # multicast server

#multicastclient 224.0.1.1      # multicast client

#manycastserver 239.255.254.254     # manycast server

#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.

#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating

# with symmetric key cryptography. 

keys /etc/ntp/keys

# Specify the key identifiers which are trusted.

#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.

#requestkey 8

# Specify the key identifier to use with the ntpq utility.

#controlkey 8

# Enable writing of statistics records.

#statistics clockstats cryptostats loopstats peerstats

# Enable additional logging.

logconfig =clockall =peerall =sysall =syncall

# Listen only on the primary network interface.

interface listen eth0

interface ignore ipv6

# Disable the monitoring facility to prevent amplification attacks using ntpdc

# monlist command when default restrict does not include the noquery flag. See

# CVE-2013-5211 for more details.

# Note: Monitoring will not be disabled with the limited restriction flag.

disable monitor

and below is the output from "ntpq -p"

sudo ntpq -p

remote              

refid     

st t

when poll reach  

delay  

offset 

jitter

173.44.32.10          

.INIT.         

16 u   

- 1024          0   

0.000   

0.000   

0.000   

deekayen.net         

.INIT.         

16 u

- 1024          0   

0.000   

0.000   

0.000   

dhcp-147-115-21   

.INIT.         

16 u

- 1024          0   

0.000   

0.000   

0.000   

time-b.timefreq     

.INIT.         

16 u

- 1024          0   

0.000   

0.000   

0.000   

1 Answer

0 votes
by (18.2k points)

The output that you provided shows that the servers you have configured are not reachable. Since you can't access these servers, you are not receiving the time from any server and that's why your clock is not working.

One possible reason for why you can't access these servers may be that you have firewall/network security setup too harsh. you will have to do some network level diagnosis. Once you have resolved the reachability issue, your problem should be sorted and the clock should work as expected.

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer

Browse Categories

...