[chrony-users] client not synchronizing

[Bernhard Bock <bernhard@xxxxxxx>]

Hi,

I have a problem with a client not syncing to a server:
Client is 172.17.200.46, server is 172.17.200.1
The client shall only sync to this one, local server.

Some info I gathered:

Client is Ubuntu 18.04, chrony version 3.2 (+READLINE +IPV6 -DEBUG)
Server is Ubuntu 16.04, chrony version 2.1.1 (+READLINE +ASYNCDNS +IPV6 +SECHASH)


client$ chronyc sources
210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^? 172.17.200.1                  3   6     0   762  +2508ns[-1228ns] +/-   22ms

client$ chronyc activity
200 OK
0 sources online
1 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address

Client log:

Apr 30 07:29:37 min systemd[1]: Starting chrony, an NTP client/server....
Apr 30 07:29:37 min chronyd[2540413]: chronyd version 3.2 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SECHASH +SIGND +ASYNCDNS +IPV6 -DEBUG)
Apr 30 07:29:37 min chronyd[2540413]: Frequency 14.588 +/- 5.355 ppm read from /var/lib/chrony/chrony.drift
Apr 30 07:29:37 min systemd[1]: Started chrony, an NTP client/server.
Apr 30 07:29:41 min chronyd[2540413]: Selected source 172.17.200.1
Apr 30 07:29:43 min chronyd[2540413]: Can't synchronise: no selectable sources


Last but not least, tcpdump on the client shows that communication is working:

07:29:37.411795 IP 172.17.200.46.ntp > 172.17.200.1.ntp: NTPv4, Client, length 48
07:29:37.412070 IP 172.17.200.1.ntp > 172.17.200.46.ntp: NTPv4, Server, length 48
07:29:39.453273 IP 172.17.200.46.ntp > 172.17.200.1.ntp: NTPv4, Client, length 48
07:29:39.453491 IP 172.17.200.1.ntp > 172.17.200.46.ntp: NTPv4, Server, length 48
07:29:41.487963 IP 172.17.200.46.ntp > 172.17.200.1.ntp: NTPv4, Client, length 48
07:29:41.488210 IP 172.17.200.1.ntp > 172.17.200.46.ntp: NTPv4, Server, length 48
07:29:43.514864 IP 172.17.200.46.ntp > 172.17.200.1.ntp: NTPv4, Client, length 48
07:29:43.515109 IP 172.17.200.1.ntp > 172.17.200.46.ntp: NTPv4, Server, length 48

There’s no iptables on the client:

# Generated by iptables-save v1.6.1 on Tue Apr 30 07:44:54 2019
*filter
:INPUT ACCEPT [158281735:197870343868]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [156886496:170139641079]
COMMIT


Client config:

pool 172.17.200.1 offline iburst trust
keyfile /etc/chrony/chrony.keys
driftfile /var/lib/chrony/chrony.drift
log tracking measurements statistics
logdir /var/log/chrony
dumponexit
dumpdir /var/lib/chrony
logchange 0.5
hwclockfile /etc/adjtime
rtcsync

Server config:

pool 0.pool.ntp.org offline iburst
pool 1.pool.ntp.org offline iburst
pool 2.pool.ntp.org offline iburst
keyfile /etc/chrony/chrony.keys
commandkey 1
driftfile /var/lib/chrony/chrony.drift
log tracking measurements statistics
logdir /var/log/chrony
maxupdateskew 100.0
dumponexit
dumpdir /var/lib/chrony
logchange 0.5
hwclockfile /etc/adjtime
rtcsync
local stratum 4
allow 172.17



My take is that the chrony client is rejecting the servers’ answers.
The server seems to be fine, though:

server$ chronyc activity
200 OK
12 sources online
0 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address

server$ chronyc tracking
Reference ID    : 109.230.226.190 (ns2.tl-hosting.de)
Stratum         : 3
Ref time (UTC)  : Tue Apr 30 07:38:05 2019
System time     : 0.000559654 seconds fast of NTP time
Last offset     : +0.000469423 seconds
RMS offset      : 0.000415522 seconds
Frequency       : 18.103 ppm slow
Residual freq   : +0.012 ppm
Skew            : 0.058 ppm
Root delay      : 0.019776 seconds
Root dispersion : 0.010863 seconds
Update interval : 1037.3 seconds
Leap status     : Normal


cheers,
Bernhard




--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.