Page 1 of 1

NTP Client

Posted: Mon Jul 04, 2011 9:19 am
by RogerWilco
I've set up the NTP client as follows:
/system ntp client print
enabled: yes
mode: unicast
primary-ntp: 67.215.65.132
secondary-ntp: 67.215.65.132
poll-interval: 16s
active-server: 67.215.65.132
The time never updates on the router. Am I missing something?

Re: NTP Client

Posted: Mon Jul 04, 2011 9:29 am
by normis
configuration looks fine. the NTP client doesn't give any detailed status, uninstall the NTP package if you are not using it as a NTP server, and you will get SNTP client, which gives better status info:
Capture.PNG

Re: NTP Client

Posted: Tue Jul 05, 2011 11:27 am
by bburley
You didn't give much information about how your router is set up, but if you are using it as an AP within a local subnet you could be missing a default route or default gateway. Another possibility is firewall filter rules that are interfering.

Re: NTP Client

Posted: Wed Jul 06, 2011 3:50 am
by RogerWilco
Thanks Normis - done this but it doesn't ever update.

Here is some of my router details:
[admin@Lamp Post] > /ip  pool print detail 
 0 name="dhcp_pool1" ranges=192.168.88.3-192.168.88.254


[admin@Lamp Post] >> /ip dhcp-server print detail   
Flags: X - disabled, I - invalid 
 0   name="dhcp1" interface=ether1 lease-time=3d address-pool=dhcp_pool1 
     bootp-support=static authoritative=after-2sec-delay 


[admin@Lamp Post] >> /ip dhcp-server network print detail 
 0 address=192.168.88.0/24 gateway=192.168.88.1 
   dns-server=208.67.222.222,208.67.220.220


[admin@Lamp Post] >> /ip dns export 
# jan/02/1970 10:02:44 by RouterOS 5.2
# software id = V9I9-BAQY
#
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=512 servers=208.67.222.222,208.67.222.220


[admin@Lamp Post] >> /ip address print detail 
Flags: X - disabled, I - invalid, D - dynamic 
 0   address=192.168.88.1/24 network=192.168.88.0 interface=ether1 
     actual-interface=ether1 

 1 D address=58.165.11.141/32 network=10.112.112.125 interface=BigPon
     actual-interface=BigPond


[admin@Lamp Post] >> /ip route print detail   
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 0 ADS  dst-address=0.0.0.0/0 gateway=10.112.112.125 
        gateway-status=10.112.112.125 reachable BigPond distance=1 scope=30 
        target-scope=10 

 1 ADC  dst-address=10.112.112.125/32 pref-src=58.165.11.141 gateway=BigPond 
        gateway-status=BigPond reachable distance=0 scope=10 

 2 ADC  dst-address=192.168.88.1/24 pref-src=192.168.88.1 gateway=ether1 
        gateway-status=ether1 reachable distance=0 scope=10


[admin@Lamp Post] >> /interface print 
Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME                                            TYPE             MTU   
 0  R  ether1                                          ether            1500  
 1  R  BigPond


[admin@Lamp Post] >> /ip firewall export    
# jan/02/1970 10:04:59 by RouterOS 5.2
# software id = V9I9-BAQY
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout
    10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
    tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
    udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat disabled=no out-interface=BigPond
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no

Re: NTP Client

Posted: Wed Jul 06, 2011 8:20 am
by normis
please show the SNTP client status. you can also enable debug logs and see what they say

Re: NTP Client

Posted: Wed Jul 06, 2011 8:56 am
by RogerWilco
Here is the SNTP client:
sntp.png
Here is the log:
log.png
it looks like to is working fine, but as you can see by the timestamp in the logs, it is not updating.

Re: NTP Client

Posted: Wed Jul 06, 2011 9:02 am
by normis
change the servers to something else from pool.ntp.org, see if the behavior changes. also have different addresses in primary and secondary

Re: NTP Client

Posted: Wed Jul 06, 2011 11:43 am
by bburley
It isn't clear to me why you need to masquerade in both directions. I haven't seen it done this way before.
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat disabled=no out-interface=BigPond

Re: NTP Client

Posted: Wed Jul 06, 2011 11:44 am
by normis
good catch, bburley. yes, masquerade should have one rule, out interface is the INTERNET

Re: NTP Client

Posted: Wed Jul 06, 2011 11:57 am
by bburley
I don't think this has anything to do with NTP but I think the second DNS should be 208.67.220.220
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=512 servers=208.67.222.222,208.67.222.220
I also wonder why the network address doesn't match the IP address for the BigPon Interface. The use of interface=BigPon / actual-interface=BigPond suggests that something is configured in a way that I can't follow.
/ip address print detail 
Flags: X - disabled, I - invalid, D - dynamic 
0   address=192.168.88.1/24 network=192.168.88.0 interface=ether1 
     actual-interface=ether1 

1 D address=58.165.11.141/32 network=10.112.112.125 interface=BigPon
     actual-interface=BigPond

Re: NTP Client

Posted: Wed Jul 06, 2011 11:58 am
by bburley
Thanks Normis :)

Re: NTP Client

Posted: Wed Jul 06, 2011 9:31 pm
by djmuk
I don't know the details of how bigpond is set up but the address / network on the bigpond interface looks 'wrong' - Normally the address wouldn't be a /32 but /29 or lower and the network would tally with the interface IP address.

Can't you use DHCP on the internet facing address?

Can users on the LAN get to the Internet?

Can you ping www.yahoo.com or an internet IP address from the mikrotik?

David

Re: NTP Client

Posted: Wed Jul 06, 2011 10:34 pm
by fewi
It's a PPP connection - they hand out /32s, and the network address/broadcast address/gateway can be on entirely unrelated interfaces. With a /32 the IP information is irrelevant since it's just a host address, the interface itself becomes the gateway.

Re: NTP Client

Posted: Wed Jul 06, 2011 11:18 pm
by djmuk
OK now I see...

Looks like the NTP server being used might be 'dead' - as suggested earlier try another pair from pool.ntp.org - if you use nslookup you should get the list of servers...

David

Re: NTP Client

Posted: Thu Jul 07, 2011 12:17 am
by petrn
Hi,

i have this script scheduled once in month or two:
# ROS V5.5
# once in some time lets use some other NTP servers
# pick your country code (but not all works):
:local region "us"
:local ntp1 [:resolve ("0.".$region.".pool.ntp.org")]
:local ntp2 [:resolve ("1.".$region.".pool.ntp.org")]
/system ntp client set primary-ntp=$ntp1 secondary-ntp=$ntp2
:log info ("NTP servers updated, ".$ntp1.", ".$ntp2)

Re: NTP Client

Posted: Thu Jul 07, 2011 1:15 am
by RogerWilco
Thanks for the help - I changed to another NTP IP and it works.

Re: NTP Client

Posted: Thu Jul 07, 2011 2:08 am
by elgo
@petrn: thanks, great idea :)

Re: NTP Client

Posted: Sun Apr 16, 2023 10:03 am
by jhonmarton
Based on the information you provided, it appears that you have correctly configured the NTP client on your router with the primary and secondary NTP servers set to 67.215.65.132, and a polling interval of 16 seconds. However, you mentioned that the time on the router never updates.

One thing you may want to check is if the NTP servers 67.215.65.132 are reachable and responding to NTP requests from your router. You can try pinging the NTP servers or using an NTP client tool to verify their availability. If the servers are not responding, you may need to update the NTP server addresses to valid and reachable NTP servers.

Additionally, make sure that the NTP client is enabled and running on your router. You can check the status of the NTP client using the "/system ntp client print" command to ensure that it is enabled and configured correctly or light is on