NTP SRV&CLEINT

RouterOS Beginner Basics
1

Hi…
Configured R1 as NTP SRV and for others as a client now:
like images as you can see everything is set yet, the statue of client is in “waiting” right a few hours ago I did it but this time no!
is there any problem with winbox or router itself or something else?
cleintntp.jpg
srvntp.jpg

2

There are two logical parts of setup:

  • NTP client which provides RB itself with accurate time.
    For solid synchronization it is recommended to configure at least 3 higher-stratum servers and it’s those addresses (DNS names should do as well) that need to be set in NTP client window. After at least one of servers is successfully polled for time, status changes to “synhronized”
  • NTP server, which answers NTP requests.
    NTP server needs the NTP client part to acquire synchronization first, without it clients will get reply essentially meaning “unsynchronized” and will ignore and other information passed to them.
    The most common comunication method used by NTP clients is unicast, so normally none of additional options need to be set Other communication methods need further configuration on clients and/or network infrastructure and I reckon you don’t need them.
    The option “Use Local Clock” is handy, but dangerous. If enabled (and Local Clock Stratum set reasonably, 5 is too low number IMO, 10 is much better value), then RB device can “hold together” connected clients from deviating when WAN connectivity breaks. Dangerous in sence RB devices don’t contain RTC clock and time is unknown until NTP client receives time from outside sources … if this option was set, NTP clients could be lead to believe it’s year 1970 again (I haven’t tried if that’s indeed what happens and I don’t intend to). I also have my doubts about mid-term clock stability on RB devices. For both reasons I rather run a small linux server in my LANs (an Intel Atom with small SSD does the trick while keeping power consumption very low).
3

What kind of server is that 172.16.3.1?
Maybe a Windows server? That does not always work correctly.
Try with a true NTP server, when not available use one on internet.

4

My guess: OP entered router’s own IP address thinking it’s about which IP address of router will accept client connections.

If one wants to limit service to certain clients, firewall filter rules are the place to do it (chain=input).

5

Put more plainly… NTP is a Router service and thus just like DNS or access to the router for winbox, AN input chain rule is required for user devices to get populated.

typically
Add chain=input action=accept in-interface-list=LAN dst-port=123 protocol=udp and if desired src-address-list { recommended to limit the devices with access to NTP }