Re: [chrony-users] How to set chrony on a remote server with always on internet |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
On 03/31/2010 08:54 PM, Bill Unruh wrote:
> On Wed, 31 Mar 2010, J. Bakshi wrote:
>
>> On 03/31/2010 11:37 AM, J. Bakshi wrote:
<snip>
>
>> [5] I do have a firewall here and the box has apache, mail, squid
>> accessible from net. Do I need to open any specific port for chrony ?
>
> It must allow outgoing on port 123.
> The responses should be fine since most firewalls allow responses back
> in.
>
</snip>
Hello Pierre and Bill,
thanks for your kind attention,
I got the success without any modification at firewall level. I have
modified the chrony.conf as
````````````````````
server 0.debian.pool.ntp.org auto_offline minpoll 8
server 1.debian.pool.ntp.org auto_offline minpoll 8
server 2.debian.pool.ntp.org auto_offline minpoll 8
server 3.debian.pool.ntp.org auto_offline minpoll 8
`````````````````````
and it does the trick.
Hope auto_offline will make it off line if no net. useful for
workstation too.
/var/log/chrony/statistics.log; /var/log/chrony/tracking.log and
/var/log/chrony/measurements.log has become informative now.
I have no 123 port open here, plase have a look at my nmap scan.
``````````````
Starting Nmap 4.62 ( http://nmap.org ) at 2010-04-01 11:08 IST
Interesting ports on localhost (127.0.0.1):
Not shown: 1707 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1241/tcp open nessus
3306/tcp open mysql
`````````````````
The concept of commenting the *rtconutc* is given at the conf file itself
````````````````
# If the last line of this file reads 'rtconutc' chrony will assume that
# the CMOS clock is on UTC (GMT). If it reads '# rtconutc' or is absent
# chrony will assume local time. The line (if any) was written by the
# chrony postinst based on what it found in /etc/default/rcS. You may
# change it if necessary.
``````````````````
Hence I commented it. But if you think it is ok to keep it un-commented
then I'll do so.
chronyc still gives the error as below
chronyc> tracking
506 Cannot talk to daemon
chronyc> sourcestats
506 Cannot talk to daemon
chronyc> exit
Where I do have chronyd running
# ps -e | grep chr
5793 ? 00:00:00 chronyd
This is a debian lenny box with
# chronyd -v
chronyd (chrony) version 1.23
Thanks for your time.
--
জয়দীপ বক্সী
---
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.