Problem with domain controller time-sync
by mfoley from LinuxQuestions.org on (#6JH7K)
I've installed a new Samba 4.18.9 Domain Controller. I have not been able to get the Windows domain members to sync with the ntpd time server on the DC. I ran the following tcpdump on the DC and posted it to the Samba maillist:
Code:# tcpdump -v -i eth0 port 123
tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:23:07.468629 IP (tos 0x0, ttl 128, id 22607, offset 0, flags [none], proto UDP (17), length 96)
192.168.0.53.ntp > mail.hprs.local.ntp: NTPv3, Client, length 68
Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 7 (128s), precision -23
Root Delay: 0.000000, Root dispersion: 1.000000, Reference-ID: (unspec)
Reference Timestamp: 3916127270.315146199 (2024-02-05T13:07:50Z)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3916480949.611151499 (2024-02-09T15:22:29Z)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3916480949.611151499 (2024-02-09T15:22:29Z)
Key id: 1711538176
Authentication: 00000000000000000000000000000000
10:23:07.468836 IP (tos 0xb8, ttl 64, id 2268, offset 0, flags [DF], proto UDP (17), length 80)
mail.hprs.local.ntp > 192.168.0.53.ntp: NTPv3, Server, length 52
Leap indicator: (0), Stratum 3 (secondary reference), poll 7 (128s), precision -19
Root Delay: 0.035171, Root dispersion: 0.085723, Reference-ID: 0x179da0a8
Reference Timestamp: 3916479890.214796580 (2024-02-09T15:04:50Z)
Originator Timestamp: 3916480949.611151499 (2024-02-09T15:22:29Z)
Receive Timestamp: 3916480987.468629691 (2024-02-09T15:23:07Z)
Transmit Timestamp: 3916480987.468801127 (2024-02-09T15:23:07Z)
Originator - Receive Timestamp: +37.857478191
Originator - Transmit Timestamp: +37.857649627
Key id: 0
^C
4 packets captured
5 packets received by filter
0 packets dropped by kernelOne of the list members responded, "The NTP server response is fishy. The request from your Windows machine is 68 bytes in length, and the response is 52 bytes. The response must be the same size as the request, otherwise the response is invalid."
I am trying to confirm this statement, but have not found anything thus far when searching. Is this true? I'm wondering because this same version ntpd program ran on the previous Samba 4.8.2 DC and I had no time-sync problems.
Code:# tcpdump -v -i eth0 port 123
tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:23:07.468629 IP (tos 0x0, ttl 128, id 22607, offset 0, flags [none], proto UDP (17), length 96)
192.168.0.53.ntp > mail.hprs.local.ntp: NTPv3, Client, length 68
Leap indicator: clock unsynchronized (192), Stratum 0 (unspecified), poll 7 (128s), precision -23
Root Delay: 0.000000, Root dispersion: 1.000000, Reference-ID: (unspec)
Reference Timestamp: 3916127270.315146199 (2024-02-05T13:07:50Z)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3916480949.611151499 (2024-02-09T15:22:29Z)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3916480949.611151499 (2024-02-09T15:22:29Z)
Key id: 1711538176
Authentication: 00000000000000000000000000000000
10:23:07.468836 IP (tos 0xb8, ttl 64, id 2268, offset 0, flags [DF], proto UDP (17), length 80)
mail.hprs.local.ntp > 192.168.0.53.ntp: NTPv3, Server, length 52
Leap indicator: (0), Stratum 3 (secondary reference), poll 7 (128s), precision -19
Root Delay: 0.035171, Root dispersion: 0.085723, Reference-ID: 0x179da0a8
Reference Timestamp: 3916479890.214796580 (2024-02-09T15:04:50Z)
Originator Timestamp: 3916480949.611151499 (2024-02-09T15:22:29Z)
Receive Timestamp: 3916480987.468629691 (2024-02-09T15:23:07Z)
Transmit Timestamp: 3916480987.468801127 (2024-02-09T15:23:07Z)
Originator - Receive Timestamp: +37.857478191
Originator - Transmit Timestamp: +37.857649627
Key id: 0
^C
4 packets captured
5 packets received by filter
0 packets dropped by kernelOne of the list members responded, "The NTP server response is fishy. The request from your Windows machine is 68 bytes in length, and the response is 52 bytes. The response must be the same size as the request, otherwise the response is invalid."
I am trying to confirm this statement, but have not found anything thus far when searching. Is this true? I'm wondering because this same version ntpd program ran on the previous Samba 4.8.2 DC and I had no time-sync problems.