Page 1 of 1
NTP Client
Posted: Mon Jul 04, 2011 9:19 am
by RogerWilco
I've set up the NTP client as follows:
/system ntp client print
enabled: yes
mode: unicast
primary-ntp: 67.215.65.132
secondary-ntp: 67.215.65.132
poll-interval: 16s
active-server: 67.215.65.132
The time never updates on the router. Am I missing something?
Re: NTP Client
Posted: Mon Jul 04, 2011 9:29 am
by normis
configuration looks fine. the NTP client doesn't give any detailed status, uninstall the NTP package if you are not using it as a NTP server, and you will get SNTP client, which gives better status info:
Capture.PNG
Re: NTP Client
Posted: Tue Jul 05, 2011 11:27 am
by bburley
You didn't give much information about how your router is set up, but if you are using it as an AP within a local subnet you could be missing a default route or default gateway. Another possibility is firewall filter rules that are interfering.
Re: NTP Client
Posted: Wed Jul 06, 2011 3:50 am
by RogerWilco
Thanks Normis - done this but it doesn't ever update.
Here is some of my router details:
[admin@Lamp Post] > /ip pool print detail
0 name="dhcp_pool1" ranges=192.168.88.3-192.168.88.254
[admin@Lamp Post] >> /ip dhcp-server print detail
Flags: X - disabled, I - invalid
0 name="dhcp1" interface=ether1 lease-time=3d address-pool=dhcp_pool1
bootp-support=static authoritative=after-2sec-delay
[admin@Lamp Post] >> /ip dhcp-server network print detail
0 address=192.168.88.0/24 gateway=192.168.88.1
dns-server=208.67.222.222,208.67.220.220
[admin@Lamp Post] >> /ip dns export
# jan/02/1970 10:02:44 by RouterOS 5.2
# software id = V9I9-BAQY
#
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 servers=208.67.222.222,208.67.222.220
[admin@Lamp Post] >> /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 address=192.168.88.1/24 network=192.168.88.0 interface=ether1
actual-interface=ether1
1 D address=58.165.11.141/32 network=10.112.112.125 interface=BigPon
actual-interface=BigPond
[admin@Lamp Post] >> /ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 ADS dst-address=0.0.0.0/0 gateway=10.112.112.125
gateway-status=10.112.112.125 reachable BigPond distance=1 scope=30
target-scope=10
1 ADC dst-address=10.112.112.125/32 pref-src=58.165.11.141 gateway=BigPond
gateway-status=BigPond reachable distance=0 scope=10
2 ADC dst-address=192.168.88.1/24 pref-src=192.168.88.1 gateway=ether1
gateway-status=ether1 reachable distance=0 scope=10
[admin@Lamp Post] >> /interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU
0 R ether1 ether 1500
1 R BigPond
[admin@Lamp Post] >> /ip firewall export
# jan/02/1970 10:04:59 by RouterOS 5.2
# software id = V9I9-BAQY
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout
10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat disabled=no out-interface=BigPond
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
Re: NTP Client
Posted: Wed Jul 06, 2011 8:20 am
by normis
please show the SNTP client status. you can also enable debug logs and see what they say
Re: NTP Client
Posted: Wed Jul 06, 2011 8:56 am
by RogerWilco
Here is the SNTP client:
sntp.png
Here is the log:
log.png
it looks like to is working fine, but as you can see by the timestamp in the logs, it is not updating.
Re: NTP Client
Posted: Wed Jul 06, 2011 9:02 am
by normis
change the servers to something else from pool.ntp.org, see if the behavior changes. also have different addresses in primary and secondary
Re: NTP Client
Posted: Wed Jul 06, 2011 11:43 am
by bburley
It isn't clear to me why you need to masquerade in both directions. I haven't seen it done this way before.
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat disabled=no out-interface=BigPond
Re: NTP Client
Posted: Wed Jul 06, 2011 11:44 am
by normis
good catch, bburley. yes, masquerade should have one rule, out interface is the INTERNET
Re: NTP Client
Posted: Wed Jul 06, 2011 11:57 am
by bburley
I don't think this has anything to do with NTP but I think the second DNS should be 208.67.220.220
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 servers=208.67.222.222,208.67.222.220
I also wonder why the network address doesn't match the IP address for the BigPon Interface. The use of interface=BigPon / actual-interface=BigPond suggests that something is configured in a way that I can't follow.
/ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 address=192.168.88.1/24 network=192.168.88.0 interface=ether1
actual-interface=ether1
1 D address=58.165.11.141/32 network=10.112.112.125 interface=BigPon
actual-interface=BigPond
Re: NTP Client
Posted: Wed Jul 06, 2011 11:58 am
by bburley
Thanks Normis
Re: NTP Client
Posted: Wed Jul 06, 2011 9:31 pm
by djmuk
I don't know the details of how bigpond is set up but the address / network on the bigpond interface looks 'wrong' - Normally the address wouldn't be a /32 but /29 or lower and the network would tally with the interface IP address.
Can't you use DHCP on the internet facing address?
Can users on the LAN get to the Internet?
Can you ping
www.yahoo.com or an internet IP address from the mikrotik?
David
Re: NTP Client
Posted: Wed Jul 06, 2011 10:34 pm
by fewi
It's a PPP connection - they hand out /32s, and the network address/broadcast address/gateway can be on entirely unrelated interfaces. With a /32 the IP information is irrelevant since it's just a host address, the interface itself becomes the gateway.
Re: NTP Client
Posted: Wed Jul 06, 2011 11:18 pm
by djmuk
OK now I see...
Looks like the NTP server being used might be 'dead' - as suggested earlier try another pair from pool.ntp.org - if you use nslookup you should get the list of servers...
David
Re: NTP Client
Posted: Thu Jul 07, 2011 12:17 am
by petrn
Hi,
i have this script scheduled once in month or two:
# ROS V5.5
# once in some time lets use some other NTP servers
# pick your country code (but not all works):
:local region "us"
:local ntp1 [:resolve ("0.".$region.".pool.ntp.org")]
:local ntp2 [:resolve ("1.".$region.".pool.ntp.org")]
/system ntp client set primary-ntp=$ntp1 secondary-ntp=$ntp2
:log info ("NTP servers updated, ".$ntp1.", ".$ntp2)
Re: NTP Client
Posted: Thu Jul 07, 2011 1:15 am
by RogerWilco
Thanks for the help - I changed to another NTP IP and it works.
Re: NTP Client
Posted: Thu Jul 07, 2011 2:08 am
by elgo
@petrn: thanks, great idea
Re: NTP Client
Posted: Sun Apr 16, 2023 10:03 am
by jhonmarton
Based on the information you provided, it appears that you have correctly configured the NTP client on your router with the primary and secondary NTP servers set to 67.215.65.132, and a polling interval of 16 seconds. However, you mentioned that the time on the router never updates.
One thing you may want to check is if the NTP servers 67.215.65.132 are reachable and responding to NTP requests from your router. You can try pinging the NTP servers or using an NTP client tool to verify their availability. If the servers are not responding, you may need to update the NTP server addresses to valid and reachable NTP servers.
Additionally, make sure that the NTP client is enabled and running on your router. You can check the status of the NTP client using the "/system ntp client print" command to ensure that it is enabled and configured correctly or
light is on