Web lists-archives.com

ntp-client does not sync with server




Hallo,

we have our own ntp-server which is running Ubuntu 14.04.LTS.
This Server works fine:
ntpq -pn
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*178.63.9.110    129.69.1.153     2 u   56  128  377   22.658    0.249   0.053
-85.214.38.116   192.53.103.108   2 u   54  128  377    2.101   -5.105   0.051
+37.58.57.238    192.53.103.103   2 u   50  128  377   20.971    0.839   0.114
+94.130.76.108   192.53.103.108   2 u   56  128  377   24.007   -1.009   0.163


But on our Debian Strech server they all got Stratum16 and doesn't sync:
ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 timeserv.domain.ag .INIT.          16 u    - 1024    0    0.000    0.000   0.000


In Debian Jessie (and the same configuration/network) it works fine and get a Stratum3, also an 'ntpdate timeserv.domain.ag' works on Debian Stretch.

The firewall is not a problem, because with nmap and ntp-script it works fine:
nmap -sU -p 123 --script ntp-info timeserv.domain.ag

Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-26 09:25 CET
Nmap scan report for timeserv.domain.ag (194.94.xxx.xxx)
Host is up (0.00017s latency).
PORT    STATE SERVICE
123/udp open  ntp
| ntp-info: 
|   receive time stamp: 2019-02-26T08:26:05
|   version: ntpd 4.2.6p5@1.2349-o Fri Jul  6 20:19:54 UTC 2018 (1)
|   processor: x86_64
|   system: Linux/3.13.0-161-generic
|   leap: 0
|   stratum: 3
|   precision: -20
|   rootdelay: 31.589
|   rootdisp: 42.723
|   refid: 178.63.9.110
|   reftime: 0xe01f73ce.3608c5f7
|   clock: 0xe01f768f.e9bd2105
|   peer: 57654
|   tc: 10
|   mintc: 3
|   offset: 0.008
|   frequency: 27.593
|   sys_jitter: 1.020
|   clk_jitter: 0.180
|_  clk_wander: 0.014\x0D
Service Info: OS: Linux/3.13.0-161-generic

Nmap done: 1 IP address (1 host up) scanned in 13.75 seconds

and it also looks like that the client try to query the tnp-server because I can find the IP-Address of the Server under the section 'private clients':
nmap -sU -pU:123 -Pn -n --script=ntp-monlist timeserv.domain.ag

Can somebody help me with this issue?

Thanks in advance!

best regards stefan
Stefan