ntpdate를 사용하여 시계를 업데이트하려고하는 ntpd를 실행하지 않는 시스템이 있습니다. 시스템은 CentOS 6 기반으로 보이는 기기입니다.
내가 실행하면 ntpdate 0.pool.ntp.org
, 내가 얻을 :
8 Sep 17:52:05 ntpdate[7445]: no server suitable for synchronization found
그러나 내가 할 때 ntpdate -d 0.pool.ntp.org
:
8 Sep 17:55:14 ntpdate[9499]: ntpdate 4.2.2p1@1.1570-o Fri Nov 18 13:21:21 UTC 2011 (1)
Looking for host 0.pool.ntp.org and service ntp
host found : 4.53.160.75
transmit(4.53.160.75)
receive(4.53.160.75)
transmit(4.53.160.75)
receive(4.53.160.75)
transmit(4.53.160.75)
receive(4.53.160.75)
transmit(4.53.160.75)
receive(4.53.160.75)
transmit(4.53.160.75)
transmit(64.16.214.60)
receive(64.16.214.60)
transmit(64.16.214.60)
receive(64.16.214.60)
transmit(64.16.214.60)
receive(64.16.214.60)
transmit(64.16.214.60)
receive(64.16.214.60)
transmit(64.16.214.60)
transmit(54.236.224.171)
receive(54.236.224.171)
transmit(54.236.224.171)
receive(54.236.224.171)
transmit(54.236.224.171)
receive(54.236.224.171)
transmit(54.236.224.171)
receive(54.236.224.171)
transmit(54.236.224.171)
transmit(50.22.155.163)
receive(50.22.155.163)
transmit(50.22.155.163)
receive(50.22.155.163)
transmit(50.22.155.163)
receive(50.22.155.163)
transmit(50.22.155.163)
receive(50.22.155.163)
transmit(50.22.155.163)
server 4.53.160.75, port 123
stratum 2, precision -23, leap 00, trust 000
refid [4.53.160.75], delay 0.03160, dispersion 0.00005
transmitted 4, in filter 4
reference time: d7b867d0.f9841075 Mon, Sep 8 2014 17:37:20.974
originate timestamp: d7b86c03.b6a49dae Mon, Sep 8 2014 17:55:15.713
transmit timestamp: d7b86c02.7e12a51e Mon, Sep 8 2014 17:55:14.492
filter delay: 0.03189 0.03188 0.03172 0.03160
0.00000 0.00000 0.00000 0.00000
filter offset: 1.218061 1.217856 1.218023 1.217968
0.000000 0.000000 0.000000 0.000000
delay 0.03160, dispersion 0.00005
offset 1.217968
server 64.16.214.60, port 123
stratum 2, precision -23, leap 00, trust 000
refid [64.16.214.60], delay 0.04886, dispersion 0.00006
transmitted 4, in filter 4
reference time: d7b86425.55948a73 Mon, Sep 8 2014 17:21:41.334
originate timestamp: d7b86c03.f7d91219 Mon, Sep 8 2014 17:55:15.968
transmit timestamp: d7b86c02.bed42c3c Mon, Sep 8 2014 17:55:14.745
filter delay: 0.04919 0.04892 0.04912 0.04886
0.00000 0.00000 0.00000 0.00000
filter offset: 1.210967 1.210879 1.210967 1.210836
0.000000 0.000000 0.000000 0.000000
delay 0.04886, dispersion 0.00006
offset 1.210836
server 54.236.224.171, port 123
stratum 3, precision -20, leap 00, trust 000
refid [54.236.224.171], delay 0.04878, dispersion 0.00011
transmitted 4, in filter 4
reference time: d7b864eb.b06fee7d Mon, Sep 8 2014 17:24:59.689
originate timestamp: d7b86c04.2b9d2547 Mon, Sep 8 2014 17:55:16.170
transmit timestamp: d7b86c02.f1e80bed Mon, Sep 8 2014 17:55:14.944
filter delay: 0.04977 0.04950 0.04878 0.04887
0.00000 0.00000 0.00000 0.00000
filter offset: 1.214091 1.214069 1.213755 1.213750
0.000000 0.000000 0.000000 0.000000
delay 0.04878, dispersion 0.00011
offset 1.213755
server 50.22.155.163, port 123
stratum 2, precision -23, leap 00, trust 000
refid [50.22.155.163], delay 0.07384, dispersion 0.00005
transmitted 4, in filter 4
reference time: d7b869c9.2b3f3d0b Mon, Sep 8 2014 17:45:45.168
originate timestamp: d7b86c04.75472e97 Mon, Sep 8 2014 17:55:16.458
transmit timestamp: d7b86c03.384a83b1 Mon, Sep 8 2014 17:55:15.219
filter delay: 0.07408 0.07414 0.07384 0.07387
0.00000 0.00000 0.00000 0.00000
filter offset: 1.214115 1.214122 1.214012 1.214069
0.000000 0.000000 0.000000 0.000000
delay 0.07384, dispersion 0.00005
offset 1.214012
8 Sep 17:55:15 ntpdate[9499]: step time server 4.53.160.75 offset 1.217968 sec
이전 검색을 기반으로 한이 결과 (다양한 receive () 행 및 오프셋)는 원격 NTP 서버와 올바르게 통신하고 있음을 나타냅니다 (방화벽에 의해 차단되지 않음). 그렇다면 왜 시계를 실행할 때 시계가 업데이트되지 않습니까?
답변
다음과 같이 실행하십시오.
ntpdate -u 0.pool.ntp.org
-u
를 구성하고는 ntpdate
당신이 사용할 때 항상 수행 권한이없는 포트를 사용하는 -d
옵션을 선택합니다.
따라서이 작동 -u
하고 -d
있지만 하나없이, 당신의 방화벽을 재확인 것입니다.
매뉴얼 페이지에서 :
-u 나가는 패킷에 권한이없는 포트를 사용하도록 ntpdate를 지시합니다. 이것은 권한있는 포트로 들어오는 트래픽을 차단하고 방화벽 너머의 호스트와 동기화하려는 방화벽 뒤에있을 때 가장 유용합니다. -d 옵션은 항상 권한이없는 포트를 사용합니다.
답변
iptables에이 규칙을 추가하십시오.
iptables -t nat -A POSTROUTING -p udp --sport 123 -j MASQUERADE --to-ports 1025-65535