Home / server / Questions / 485309
Accepted
Wayne
Asked: 2013-03-07 09:00:18 +0800 CST

Unable to access NTPD server except on loopback address Centos 6

  • 772

I can only get results from:

ntpq -p localhost
or
ntpq -p 127.0.0.1

If, from the same server, I try it as either the external IP address or domain name then it times out with no response.

ntpq -p files.tickzoom.com
or
ntpq -p 50.57.65.92

Those both time out from the same machine.

I disabled iptables. So iptables -L shows:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

The goal, actually is to access ntpd from other machines. But they can't access that IP or DNS either even with firewall off.

At first I went round and round with iptables rules before disabling iptables and realizing I can't do this even with the firewall off.

Please clue my in to what's going on.

domain-name-system

1 Answers

  1. Best Answer

    It looks like you need to modify the ntp configuration /etc/ntp.conf file to allow requests to the other interfaces of the server besides the loopback. The entry to modify is the noquery field in the restrict line. The noquery field prevents everyone from querying the status of your time server.

    For IPv4,

    restrict -4 default kod notrap nomodify nopeer noquery

    change to

    restrict -4 default kod notrap nomodify nopeer query

    Then restart the ntp service. You might need to do more reading on the modify, peer, and query field in the restrict for a better setup.

    At the same time, make sure ntp is listening on all interfaces using netstat, using the -u switch for udp

    netstat -anu | grep 123

    udp        0      0 0.0.0.0:123             0.0.0.0:*                           19339/ntpd
    • 4