Apologies to all, I previously replied to the wrong email.
Steve,
I was not even aware of the move from NTP to NTPsec. Thanks for
posting. I should [fully] read the release notes.
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#changes-to-packages-that-set-the-system-clock
5.1.2. Changes to packages that set the system clock
The ntp package, which used to be the default way to set the system
clock from a Network Time Protocol (NTP) server, has been replaced by
ntpsec.
When I did a bit of research I found this comment which seems similar
to your issue (well at least to me it does):
https://forums.debian.net/viewtopic.php?t=156136
/etc/ntpsec/ntp.conf
Re: NTPSec: no servers found error despite finding the server
#3 Post by michael_S » 2023-09-26 13:54
Solved the problem for me. The cause behind this behaviour is the
following line in /etc/ntpsec/ntp.conf
Code: Select all
tos minclock 4 minsane 3
The option minsane 3 implies to (my understanding) that the ntpd wants
at least 3 "good" NTP servers, i.e. servers that somewhat agree. I
changed this to
Code: Select all
tos minclock 4 minsane 2
And now it works for me with 2 NTP servers available. If you only have
a single NTP server, change this to 1 should work - but it naturally
there won't be any redundancy in there.
Last edited by michael_S on 2023-09-26 13:55, edited 1 time in total.
https://docs.ntpsec.org/latest/miscopt.html
minsane _minsane_
Specify the number of servers used by the selection algorithm
as the minimum to set the system clock. The default is 1 for legacy
purposes; however, for critical applications the value should be
somewhat higher (e.g. 3) but less than minclock.
Please let me know if the above solves your problem?
George.
https://docs.ntpsec.org/latest/quick.html
On Monday, 23-09-2024 at 22:21 Steve Keller wrote:
This is on a Raspberry Pi 3 with Raspberry Pi OS Bookworm 64 Bit,
ie. Debian 12. I have uninstalled systemd-timesyncd and installed
ntpsec, then have commented out the 4 NTP servers {0,1,2,3}.debian.pool.ntp.org, and instead added my own server with
server -6 my-ntp.my-domain
When I call ntpdate my-ntp.my-domain manually it steps the time as expected. But then, ntpd doesn't sync the local clock to the NTP
server, although it seems to consider that server's clock stable:
$ ntpq -p
remote refid st t when
poll reach delay offset jitter =================================================================================
+my-ntp.my-domain 237.17.204.95 2 u 29
64 377 0.4696 -0.0378 0.0196
$ ntpstat
unsynchronised
polling server every 1 s
I usually see a '*' in the first row to indicate that the local clock
is in sync with that server. The ntpq(8) man page says about +:
+ │ included by the combine algorithm
In /var/log or with journalctl I don't see any hint what might be the reason. When I let it run, the offset as shown by ntpq grows over
time.
Steve
<html>
<head>
<style type="text/css">
body,p,td,div,span{
font-size:13px; font-family:Arial, Helvetica, sans-serif;
};
body p{
margin:0px;
}
</style>
</head>
<body><div>Apologies to all, I previously replied to the wrong email.<br></div><div><br></div><div>Steve,</div><div><br></div><div>I was not even aware of the move from NTP to NTPsec. Thanks for posting. I should [fully] read the release notes.<br><br><a
target="_blank" class="blue" href="
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#changes-to-packages-that-set-the-system-clock">https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#
changes-to-packages-that-set-the-system-clock</a><br><b>5.1.2. Changes to packages that set the system clock</b><br>The
ntp package, which used to be the default way to set the system clock
from a Network Time Protocol (NTP) server, has been replaced by ntpsec. <br></div><div><br></div><div>When I did a bit of research I found this comment which seems similar to your issue (well at least to me it does):</div><div><br></div><div><a target="_
blank" class="blue" href="
https://forums.debian.net/viewtopic.php?t=156136">https://forums.debian.net/viewtopic.php?t=156136</a></div><div>/etc/ntpsec/ntp.conf</div><div><br></div><div><b>Re: NTPSec: no servers found error despite finding the server</b><
#3 Post by michael_S » 2023-09-26 13:54<br>Solved the problem for me. The cause behind this behaviour is the following line in /etc/ntpsec/ntp.conf<br>Code: Select all<br>tos minclock 4 minsane 3 <br><br><b id="ext-gen960">The option minsane 3
implies to (my understanding) that the ntpd wants at least 3 "good" NTP servers</b>, i.e. servers that somewhat agree. I changed this to<br>Code: Select all<br>tos minclock 4 minsane 2 <br><br>And now it works for me with 2 NTP servers available. <b>If
you only have a single NTP server, change this to 1 should work </b>- but it naturally there won't be any redundancy in there.<br>Last edited by michael_S on 2023-09-26 13:55, edited 1 time in total. <br></div><div><br><a target="_blank" class="blue"
href="
https://docs.ntpsec.org/latest/miscopt.html">https://docs.ntpsec.org/latest/miscopt.html</a><br>minsane <b><i>minsane</i></b><br><br>
Specify the number of servers used by the selection algorithm as the
minimum to set the system clock. The default is 1 for legacy purposes; however, for critical applications the value should be somewhat higher
(e.g. 3) but less than minclock.<br><br><br></div><div>Please let me know if the above solves your problem?</div><div><br></div><div>George.</div><div><br></div><div>
https://docs.ntpsec.org/latest/quick.html</div><div><br><br></div><br><br>On Monday, 23-
09-2024 at 22:21 Steve Keller wrote:<br><blockquote style="border:0;border-left: 2px solid #22437f; padding:0px; margin:0px; padding-left:5px; margin-left: 5px; ">This is on a Raspberry Pi 3 with Raspberry Pi OS Bookworm 64 Bit,<br>
ie. Debian 12. I have uninstalled systemd-timesyncd and installed<br>
ntpsec, then have commented out the 4 NTP servers<br> {0,1,2,3}.debian.pool.ntp.org, and instead added my own server with<br>
server -6 my-ntp.my-domain<br>
When I call ntpdate my-ntp.my-domain manually it steps the time as<br> expected. But then, ntpd doesn't sync the local clock to the NTP<br> server, although it seems to consider that server's clock stable:<br>
$ ntpq -p<br>
remote refid st t when poll reach delay offset jitter<br>
=================================================================================<br>
+my-ntp.my-domain 237.17.204.95 2 u 29 64 377 0.4696 -0.0378 0.0196<br>
$ ntpstat <br>
unsynchronised<br>
polling server every 1 s<br>
I usually see a '*' in the first row to indicate that the local clock<br>
is in sync with that server. The ntpq(8) man page says about +:<br>
+ │ included by the combine algorithm<br>
In /var/log or with journalctl I don't see any hint what might be the<br> reason. When I let it run, the offset as shown by ntpq grows over<br>
time.<br>
Steve</blockquote></body></html>
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)