NTP Client
RouterOS general discussion

17 posts   •   Page 1 of 1
RogerWilco
Member Candidate
Member Candidate
 
Posts: 208
Joined: Wed Feb 16, 2011 7:02 am
Location: Australia

NTP Client

by RogerWilco » Mon Jul 04, 2011 9:19 am

I've set up the NTP client as follows:
/system ntp client print
enabled: yes
mode: unicast
primary-ntp: 67.215.65.132
secondary-ntp: 67.215.65.132
poll-interval: 16s
active-server: 67.215.65.132


The time never updates on the router. Am I missing something?

User avatar
normis
MikroTik Support
MikroTik Support
 
Posts: 19335
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: NTP Client

by normis » Mon Jul 04, 2011 9:29 am

configuration looks fine. the NTP client doesn't give any detailed status, uninstall the NTP package if you are not using it as a NTP server, and you will get SNTP client, which gives better status info:

Capture.PNG
Capture.PNG (20.38 KiB) Viewed 1103 times
No answer to your question? How to write posts

bburley
Frequent Visitor
Frequent Visitor
 
Posts: 81
Joined: Thu Nov 18, 2010 8:22 am
Location: Alberta, Canada

Re: NTP Client

by bburley » Tue Jul 05, 2011 11:27 am

You didn't give much information about how your router is set up, but if you are using it as an AP within a local subnet you could be missing a default route or default gateway. Another possibility is firewall filter rules that are interfering.

RogerWilco
Member Candidate
Member Candidate
 
Posts: 208
Joined: Wed Feb 16, 2011 7:02 am
Location: Australia

Re: NTP Client

by RogerWilco » Wed Jul 06, 2011 3:50 am

Thanks Normis - done this but it doesn't ever update.

Here is some of my router details:
Code: Select all
[admin@Lamp Post] > /ip  pool print detail
 0 name="dhcp_pool1" ranges=192.168.88.3-192.168.88.254


[admin@Lamp Post] >> /ip dhcp-server print detail   
Flags: X - disabled, I - invalid
 0   name="dhcp1" interface=ether1 lease-time=3d address-pool=dhcp_pool1
     bootp-support=static authoritative=after-2sec-delay


[admin@Lamp Post] >> /ip dhcp-server network print detail
 0 address=192.168.88.0/24 gateway=192.168.88.1
   dns-server=208.67.222.222,208.67.220.220


[admin@Lamp Post] >> /ip dns export
# jan/02/1970 10:02:44 by RouterOS 5.2
# software id = V9I9-BAQY
#
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=512 servers=208.67.222.222,208.67.222.220


[admin@Lamp Post] >> /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
 0   address=192.168.88.1/24 network=192.168.88.0 interface=ether1
     actual-interface=ether1

 1 D address=58.165.11.141/32 network=10.112.112.125 interface=BigPon
     actual-interface=BigPond


[admin@Lamp Post] >> /ip route print detail   
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 0 ADS  dst-address=0.0.0.0/0 gateway=10.112.112.125
        gateway-status=10.112.112.125 reachable BigPond distance=1 scope=30
        target-scope=10

 1 ADC  dst-address=10.112.112.125/32 pref-src=58.165.11.141 gateway=BigPond
        gateway-status=BigPond reachable distance=0 scope=10

 2 ADC  dst-address=192.168.88.1/24 pref-src=192.168.88.1 gateway=ether1
        gateway-status=ether1 reachable distance=0 scope=10


[admin@Lamp Post] >> /interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                            TYPE             MTU   
 0  R  ether1                                          ether            1500 
 1  R  BigPond


[admin@Lamp Post] >> /ip firewall export   
# jan/02/1970 10:04:59 by RouterOS 5.2
# software id = V9I9-BAQY
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout
    10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
    tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
    udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat disabled=no out-interface=BigPond
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no

User avatar
normis
MikroTik Support
MikroTik Support
 
Posts: 19335
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: NTP Client

by normis » Wed Jul 06, 2011 8:20 am

please show the SNTP client status. you can also enable debug logs and see what they say
No answer to your question? How to write posts

RogerWilco
Member Candidate
Member Candidate
 
Posts: 208
Joined: Wed Feb 16, 2011 7:02 am
Location: Australia

Re: NTP Client

by RogerWilco » Wed Jul 06, 2011 8:56 am

Here is the SNTP client:
sntp.png
sntp.png (9.5 KiB) Viewed 1039 times


Here is the log:
log.png
log.png (4.75 KiB) Viewed 1039 times


it looks like to is working fine, but as you can see by the timestamp in the logs, it is not updating.

User avatar
normis
MikroTik Support
MikroTik Support
 
Posts: 19335
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: NTP Client

by normis » Wed Jul 06, 2011 9:02 am

change the servers to something else from pool.ntp.org, see if the behavior changes. also have different addresses in primary and secondary
No answer to your question? How to write posts

bburley
Frequent Visitor
Frequent Visitor
 
Posts: 81
Joined: Thu Nov 18, 2010 8:22 am
Location: Alberta, Canada

Re: NTP Client

by bburley » Wed Jul 06, 2011 11:43 am

It isn't clear to me why you need to masquerade in both directions. I haven't seen it done this way before.

Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat disabled=no out-interface=BigPond

User avatar
normis
MikroTik Support
MikroTik Support
 
Posts: 19335
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: NTP Client

by normis » Wed Jul 06, 2011 11:44 am

good catch, bburley. yes, masquerade should have one rule, out interface is the INTERNET
No answer to your question? How to write posts

bburley
Frequent Visitor
Frequent Visitor
 
Posts: 81
Joined: Thu Nov 18, 2010 8:22 am
Location: Alberta, Canada

Re: NTP Client

by bburley » Wed Jul 06, 2011 11:57 am

I don't think this has anything to do with NTP but I think the second DNS should be 208.67.220.220

Code: Select all
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=512 servers=208.67.222.222,208.67.222.220


I also wonder why the network address doesn't match the IP address for the BigPon Interface. The use of interface=BigPon / actual-interface=BigPond suggests that something is configured in a way that I can't follow.

Code: Select all
/ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0   address=192.168.88.1/24 network=192.168.88.0 interface=ether1
     actual-interface=ether1

1 D address=58.165.11.141/32 network=10.112.112.125 interface=BigPon
     actual-interface=BigPond

bburley
Frequent Visitor
Frequent Visitor
 
Posts: 81
Joined: Thu Nov 18, 2010 8:22 am
Location: Alberta, Canada

Re: NTP Client

by bburley » Wed Jul 06, 2011 11:58 am

Thanks Normis :)

djmuk
newbie
 
Posts: 42
Joined: Mon Jan 18, 2010 9:48 pm

Re: NTP Client

by djmuk » Wed Jul 06, 2011 9:31 pm

I don't know the details of how bigpond is set up but the address / network on the bigpond interface looks 'wrong' - Normally the address wouldn't be a /32 but /29 or lower and the network would tally with the interface IP address.

Can't you use DHCP on the internet facing address?

Can users on the LAN get to the Internet?

Can you ping www.yahoo.com or an internet IP address from the mikrotik?

David

fewi
Forum Guru
Forum Guru
 
Posts: 7734
Joined: Tue Aug 11, 2009 3:19 am

Re: NTP Client

by fewi » Wed Jul 06, 2011 10:34 pm

It's a PPP connection - they hand out /32s, and the network address/broadcast address/gateway can be on entirely unrelated interfaces. With a /32 the IP information is irrelevant since it's just a host address, the interface itself becomes the gateway.
Specific answers require specific questions. When in doubt, post the output of "/ip address print detail", "/ip route print detail", "/interface print detail", "/ip firewall export", and an accurate network diagram.

djmuk
newbie
 
Posts: 42
Joined: Mon Jan 18, 2010 9:48 pm

Re: NTP Client

by djmuk » Wed Jul 06, 2011 11:18 pm

OK now I see...

Looks like the NTP server being used might be 'dead' - as suggested earlier try another pair from pool.ntp.org - if you use nslookup you should get the list of servers...

David

petrn
Member Candidate
Member Candidate
 
Posts: 175
Joined: Thu Jul 29, 2010 3:56 am

Re: NTP Client

by petrn » Thu Jul 07, 2011 12:17 am

Hi,

i have this script scheduled once in month or two:

Code: Select all
# ROS V5.5
# once in some time lets use some other NTP servers
# pick your country code (but not all works):
:local region "us"
:local ntp1 [:resolve ("0.".$region.".pool.ntp.org")]
:local ntp2 [:resolve ("1.".$region.".pool.ntp.org")]
/system ntp client set primary-ntp=$ntp1 secondary-ntp=$ntp2
:log info ("NTP servers updated, ".$ntp1.", ".$ntp2)
Petr

RogerWilco
Member Candidate
Member Candidate
 
Posts: 208
Joined: Wed Feb 16, 2011 7:02 am
Location: Australia

Re: NTP Client

by RogerWilco » Thu Jul 07, 2011 1:15 am

Thanks for the help - I changed to another NTP IP and it works.

User avatar
elgo
Member Candidate
Member Candidate
 
Posts: 151
Joined: Sat Apr 02, 2011 2:34 am
Location: France

Re: NTP Client

by elgo » Thu Jul 07, 2011 2:08 am

@petrn: thanks, great idea :)
RB450G - OpenWrt (so much more stable than with routerOS)
-> now: UBNT EdgeRouter Lite

(very unlikely to be MT customer again in the future)

17 posts   •   Page 1 of 1

Who is online

Users browsing this forum: Google Feedfetcher, Yahoo [Bot] and 38 guests

It is currently Sun Dec 21, 2014 3:44 pm