NTP local query always times out
I have a CentOS 6.4 server, it does not have any iptable rules, it runs NTP daemon as service using the following configuration:
driftfile /var/lib/ntp/drift
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org
restrict default ignore
restrict 127.0.0.1
When I run ntpq
to query peers, the following response is received:
ntpq> peers
localhost.localdomain: timed out, nothing received
dig
shows that:
localhost.localdomain. 86400 IN A 127.0.0.1
Why doesn't ntp query work?
On RHEL / CentOS 6 and 7, for whatever reason ntpq
tries to query the IPv6 loopback at ::1 instead of the IPv4 loopback at 127.0.0.1. With this in mind, I added this line to my /etc/ntp.conf
file:
restrict ::1
Saved the file then restarted ntpd
service ntpd restart
now the command:
ntpq -p
works as expected. (This is the same as running ntpq
in command-line mode and then issuing the peers
command.)
I prefer this solution since you do not have to enable communications with ntpd
via a potentially public Ethernet interface, which may be a security concern.
I was expecting ntpq
to query local server via 127.0.0.1, but it turns out to be querying local server via ethernet network interface.
Although I have no idea why a local ntp query would have to go through ethernet, but in configuration file I added
restrict <eht0 ip address>
And now NTP works fine.