Does it work without the -6 option?

Does it work if you bring back the pool servers?

-dsr-

Apologies to all, I previously replied to the wrong email.



Steve,


I was not even aware of the move from NTP to NTPsec. Thanks for
posting. I should [fully] read the release notes.

https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#changes-to-packages-that-set-the-system-clock
5.1.2. Changes to packages that set the system clock
The ntp package, which used to be the default way to set the system
clock from a Network Time Protocol (NTP) server, has been replaced by
ntpsec.



When I did a bit of research I found this comment which seems similar
to your issue (well at least to me it does):


https://forums.debian.net/viewtopic.php?t=156136
/etc/ntpsec/ntp.conf


Re: NTPSec: no servers found error despite finding the server
#3 Post by michael_S » 2023-09-26 13:54
Solved the problem for me. The cause behind this behaviour is the
following line in /etc/ntpsec/ntp.conf
Code: Select all
tos minclock 4 minsane 3

The option minsane 3 implies to (my understanding) that the ntpd wants
at least 3 "good" NTP servers, i.e. servers that somewhat agree. I
changed this to
Code: Select all
tos minclock 4 minsane 2

And now it works for me with 2 NTP servers available. If you only have
a single NTP server, change this to 1 should work - but it naturally
there won't be any redundancy in there.
Last edited by michael_S on 2023-09-26 13:55, edited 1 time in total.


https://docs.ntpsec.org/latest/miscopt.html
minsane _minsane_

    Specify the number of servers used by the selection algorithm
as the minimum to set the system clock. The default is 1 for legacy
purposes; however, for critical applications the value should be
somewhat higher (e.g. 3) but less than minclock.



Please let me know if the above solves your problem?


George.


https://docs.ntpsec.org/latest/quick.html





On Monday, 23-09-2024 at 22:21 Steve Keller wrote:


This is on a Raspberry Pi 3 with Raspberry Pi OS Bookworm 64 Bit,
ie. Debian 12.  I have uninstalled systemd-timesyncd and installed
ntpsec, then have commented out the 4 NTP servers
{0,1,2,3}.debian.pool.ntp.org, and instead added my own server with

  server -6 my-ntp.my-domain

When I call ntpdate my-ntp.my-domain manually it steps the time as
expected.  But then, ntpd doesn't sync the local clock to the NTP
server, although it seems to consider that server's clock stable:

  $ ntpq -p
       remote             refid      st t when
poll reach   delay   offset   jitter
  =================================================================================
  +my-ntp.my-domain  237.17.204.95    2 u   29  
64  377   0.4696  -0.0378   0.0196
  $ ntpstat
  unsynchronised
     polling server every 1 s

I usually see a '*' in the first row to indicate that the local clock
is in sync with that server.  The ntpq(8) man page says about +:

  +    │ included by the combine algorithm

In /var/log or with journalctl I don't see any hint what might be the
reason.  When I let it run, the offset as shown by ntpq grows over
time.

Steve

In Debian 12 the default /etc/ntpsec/ntp.conf file contains the lines

# Comment this out if you have a refclock and want it to be able to discipline
# the clock by itself (e.g. if the system is not connected to the network).
tos minclock 4 minsane 3

which means ntpd needs at least 3 servers to choose from. If you
haven't changed that line and you have only one server configured like
your output shows, you can never get synchronisation.

urs