시스템 시계가 systemd-timesyncd를 사용하여 NTP 서버와 동기화되지 않았습니다.

tag-icon tag-icon debian ntp tcpdump tshark systemd-timesyncd
시스템 시계가 systemd-timesyncd를 사용하여 NTP 서버와 동기화되지 않았습니다.

나는 팔로우한다이 답변은 여기에 있습니다, 하지만 내 시스템 시계가 NTP 서버와 동기화되지 않은 것 같습니다.

$ cat /etc/debian_version
10.9
$ egrep -v "^$|^#" /etc/systemd/timesyncd.conf
[Time]
NTP=x.y.z.t1
FallbackNTP=x.y.z.t2
$ sudo timedatectl set-ntp true
$ sudo systemctl restart systemd-timesyncd
$ systemctl status systemd-timesyncd
● systemd-timesyncd.service - Network Time Synchronization
   Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled)
  Drop-In: /usr/lib/systemd/system/systemd-timesyncd.service.d
           └─disable-with-time-daemon.conf
   Active: active (running) since Wed 2022-08-24 16:46:29 CEST; 2ms ago
     Docs: man:systemd-timesyncd.service(8)
 Main PID: 23412 (systemd-timesyn)
   Status: "Idle."
    Tasks: 2 (limit: 4915)
   Memory: 1.4M
   CGroup: /system.slice/systemd-timesyncd.service
           └─23412 /lib/systemd/systemd-timesyncd

Aug 24 16:46:29 EncoderBack systemd[1]: Starting Network Time Synchronization...
Aug 24 16:46:29 EncoderBack systemd[1]: Started Network Time Synchronization.
$ timedatectl timesync-status
       Server: x.y.z.t1 (x.y.z.t1)
Poll interval: 1min 4s (min: 32s; max 34min 8s)
 Packet count: 0
$ timedatectl show-timesync
SystemNTPServers=x.y.z.t1
FallbackNTPServers=x.y.z.t2
ServerName=x.y.z.t1
ServerAddress=x.y.z.t1
RootDistanceMaxUSec=5s
PollIntervalMinUSec=32s
PollIntervalMaxUSec=34min 8s
PollIntervalUSec=1min 4s
Frequency=0
$ journalctl -u systemd-timesyncd.service -n 5
-- Logs begin at Mon 2022-08-22 15:20:05 CEST, end at Wed 2022-08-24 16:46:29 CEST. --
Aug 24 16:46:29 EncoderBack systemd[1]: Stopping Network Time Synchronization...
Aug 24 16:46:29 EncoderBack systemd[1]: systemd-timesyncd.service: Succeeded.
Aug 24 16:46:29 EncoderBack systemd[1]: Stopped Network Time Synchronization.
Aug 24 16:46:29 EncoderBack systemd[1]: Starting Network Time Synchronization...
Aug 24 16:46:29 EncoderBack systemd[1]: Started Network Time Synchronization.
$ timedatectl status
               Local time: Wed 2022-08-24 16:46:29 CEST
           Universal time: Wed 2022-08-24 14:46:29 UTC
                 RTC time: Wed 2022-08-24 14:46:19
                Time zone: Europe/Paris (CEST, +0200)
System clock synchronized: no
              NTP service: active
          RTC in local TZ: no
$

EDIT0: 이것은tcpdump다시 시작 시 추적 systemd-timesyncd.service:

$ sudo tcpdump -v dst port 123
tcpdump: listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes
16:46:34.136278 IP (tos 0x10, ttl 64, id 18841, offset 0, flags [DF], proto UDP (17), length 76)
    ntpclient.lan.53695 > ntpserver.lan.ntp: NTPv4, length 48
        Client, Leap indicator:  (0), Stratum 0 (unspecified), poll 0 (1s), precision 0
        Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec)
          Reference Timestamp:  0.000000000
          Originator Timestamp: 0.000000000
          Receive Timestamp:    0.000000000
          Transmit Timestamp:   3870427594.031728329 (2022/08/25 16:46:34)
            Originator - Receive Timestamp:  0.000000000
            Originator - Transmit Timestamp: 3870427594.031728329 (2022/08/25 16:46:34)
^C
1 packet captured
1 packet received by filter
0 packets dropped by kernel

편집 1: 여기tshark다시 시작 시 추적 systemd-timesyncd.service:

$ sudo tshark -n -f 'udp port 123' -c2
Running as user "root" and group "root". This could be dangerous.
Capturing on 'eno1'
    1 0.000000000 a.b.c.d  → x.y.z.t1 NTP 90 NTP Version 4, client
    2 0.000678872 x.y.z.t1 → a.b.c.d  NTP 90 NTP Version 3, server
C2 packets captured

EDIT2: @Bib 및 출력 덕분에 클라이언트가 NTPv4 프로토콜 요청을 보냈지만 서버는 NTPv3 프로토콜 응답으로 응답한 것으로 tshark보입니다 .systemd-timesyncd

@QuartzCristal과 @Bib가 제안한 대로 ntpsec.

EDIT3: /etc/ntpsec/ntp.conf파일을 구성하고 ntpsec서비스를 다시 시작하면 이제 제대로 작동합니다.

$ grep ^server /etc/ntpsec/ntp.conf
server x.y.z.t1 iburst
server x.y.z.t2 iburst
$ sudo mkdir /var/log/ntpsec/
$ sudo chown ntpsec:ntpsec /var/log/ntpsec/
$ sudo systemctl restart ntpsec
$ systemctl status ntpsec.service
● ntpsec.service - Network Time Service
   Loaded: loaded (/lib/systemd/system/ntpsec.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2022-08-26 11:06:49 CEST; 2s ago
     Docs: man:ntpd(8)
  Process: 22622 ExecStart=/usr/lib/ntp/ntp-systemd-wrapper (code=exited, status=0/SUCCESS)
 Main PID: 22625 (ntpd)
    Tasks: 1 (limit: 4915)
   Memory: 1.6M
   CGroup: /system.slice/ntpsec.service
           └─22625 /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec

Aug 26 11:06:49 EncoderBack ntpd[22625]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): loaded, expire=2021-12-28T00:00Z last=2017-01-01T00:00Z ofs=37
Aug 26 11:06:49 EncoderBack ntpd[22625]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): expired less than 242 days ago
Aug 26 11:06:49 EncoderBack ntpd[22625]: INIT: Using SO_TIMESTAMPNS
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listen and drop on 0 v6wildcard [::]:123
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listen normally on 2 lo 127.0.0.1:123
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listen normally on 3 eno1 a.b.c.d:123
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listen normally on 4 lo [::1]:123
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listen normally on 5 eno1 [fe80::3e7c:3fff:fed4:a223%2]:123
Aug 26 11:06:49 EncoderBack ntpd[22625]: IO: Listening on routing socket on fd #22 for interface updates

이제 시스템 시계가 동기화되었습니다.

$ timedatectl
               Local time: Fri 2022-08-26 11:08:05 CEST
           Universal time: Fri 2022-08-26 09:08:05 UTC
                 RTC time: Fri 2022-08-26 09:08:05
                Time zone: Europe/Paris (CEST, +0200)
System clock synchronized: yes
              NTP service: n/a
          RTC in local TZ: no

EDIT4: 이것은 tcpdump를 사용할 때 발생하는 출력 입니다 ntpsec. 소스 패킷이 tos변경되었으며 소스 포트는 이제 123입니다.

$ sudo tcpdump dst port 123 -n -c 2 -v
tcpdump: listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes
11:53:49.185280 IP (tos 0xb8, ttl 64, id 54505, offset 0, flags [DF], proto UDP (17), length 76)
    a.b.c.d.123 > x.y.z.t1: NTPv4, length 48
        Client, Leap indicator:  (0), Stratum 0 (unspecified), poll 0 (1s), precision 32
        Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec)
          Reference Timestamp:  0.000000000
          Originator Timestamp: 0.000000000
          Receive Timestamp:    0.000000000
          Transmit Timestamp:   1839874488.898661747 (2094/05/28 04:43:04)
            Originator - Receive Timestamp:  0.000000000
            Originator - Transmit Timestamp: 1839874488.898661747 (2094/05/28 04:43:04)
11:53:49.185929 IP (tos 0x0, ttl 126, id 18818, offset 0, flags [none], proto UDP (17), length 76)
    x.y.z.t1.123 > a.b.c.d.123: NTPv3, length 48
        Server, Leap indicator:  (0), Stratum 1 (primary reference), poll 0 (1s), precision -23
        Root Delay: 0.000000, Root dispersion: 10.751129, Reference-ID: LOCL
          Reference Timestamp:  3870431575.277677199 (2022/08/25 17:52:55)
          Originator Timestamp: 1839874488.898661747 (2094/05/28 04:43:04)
          Receive Timestamp:    3870496473.230674199 (2022/08/26 11:54:33)
          Transmit Timestamp:   3870496473.230678499 (2022/08/26 11:54:33)
            Originator - Receive Timestamp:  +2030621984.332012452
            Originator - Transmit Timestamp: +2030621984.332016752
2 packets captured
2 packets received by filter
0 packets dropped by kernel

다음은 tshark를 사용할 때 발생하는 결과 입니다 ntpsec. 이상하게도 를 사용할 때 얻은 출력과 동일합니다 systemd-timesyncd.service(소스 포트가 현재 123인 것을 제외하고).

$ sudo tshark -f 'udp port 123' -n -c 2
Running as user "root" and group "root". This could be dangerous.
Capturing on 'eno1'
    1 0.000000000 a.b.c.d  → x.y.z.t1 NTP 90 NTP Version 4, client
    2 0.000787978 x.y.z.t1 → a.b.c.d  NTP 90 NTP Version 3, server
2 packets captured

답변1

ntpdate 또는 sntp를 설치하고 서버를 테스트할 수 있습니다. 두 패키지 모두 상대적으로 작습니다. 팔로우해주세요https://weberblog.net/basic-ntp-client-test-ntpdate-sntp/

서버가 사용되어야 하는 컴퓨터에서 제대로 작동하는 경우 클라이언트를 테스트해야 합니다. systemdntp 사용을 테스트하는 쉬운 방법은 없습니다 . 와 같은 systemd-timesyncd.service실제 패키지를 제거하고 설치하면 더 빠른 솔루션을 찾을 수 있습니다 .ntpchronyntpsec

$ sudo systemctl stop systemd-timesyncd.service
$ sudo systemctl disable systemd-timesyncd.service
$ sudo systemctl mask systemd-timesyncd.service
$ sudo apt install ntpsec

/etc/ntpsec/ntp.conf구성 파일을 편집 하고 ntpsec서비스를 다시 시작합니다.

$ sudo systemctl restart ntpsec

그런 다음 ntpsec서버 상태를 확인합니다.

$ systemctl status ntpsec.service
● ntpsec.service - Network Time Service
     Loaded: loaded (/lib/systemd/system/ntpsec.service; enabled; preset: enabled)
     Active: active (running) since Thu 2022-08-25 19:21:58 AST; 2s ago
       Docs: man:ntpd(8)
    Process: 88959 ExecStart=/usr/libexec/ntpsec/ntp-systemd-wrapper (code=exited, status=0/SUCCESS)
   Main PID: 88962 (ntpd)
      Tasks: 1 (limit: 14032)
     Memory: 10.9M
        CPU: 11ms
     CGroup: /system.slice/ntpsec.service
             └─88962 /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec

$ ntpq -pn
     remote                                   refid      st t when poll reach   delay   offset   jitter
=======================================================================================================
 0.debian.pool.ntp.org                   .POOL.          16 p    -  256    0   0.0000   0.0000   0.0001
 1.debian.pool.ntp.org                   .POOL.          16 p    -  256    0   0.0000   0.0000   0.0001
 2.debian.pool.ntp.org                   .POOL.          16 p    -  256    0   0.0000   0.0000   0.0001
 3.debian.pool.ntp.org                   .POOL.          16 p    -  256    0   0.0000   0.0000   0.0001
-45.79.202.46                            216.239.35.0     2 u   22   64    1  65.0429   3.5154   2.1775
+129.250.35.250                          129.250.35.222   2 u   22   64    1  50.2368   1.9173   3.1973
-147.182.158.78                          15.254.136.119   2 u   22   64    1  88.7377   5.4637   1.6545
...
...

답변2

오래된 스레드이지만 나와 같은 문제를 보고 인생의 6시간을 낭비하는 사람(예: 보여주는 사람)을 위해 timedatectl내 2페니 가치를 추가할 가치가 있습니다.

System clock synchronized: no

그리고 서비스 상태를 표시합니다.

● systemd-timesyncd.service - Network Time Synchronization
   Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled)
  Drop-In: /usr/lib/systemd/system/systemd-timesyncd.service.d
           └─disable-with-time-daemon.conf
   Active: active (running) since Tue 2023-10-03 15:10:48 BST; 4s ago
     Docs: man:systemd-timesyncd.service(8)
 Main PID: 4302 (systemd-timesyn)
   Status: "Idle."
    Tasks: 2 (limit: 2178)
   CGroup: /system.slice/systemd-timesyncd.service
           └─4302 /lib/systemd/systemd-timesyncd

Oct 03 15:10:48 SMARTbox systemd[1]: Starting Network Time Synchronization...
Oct 03 15:10:48 SMARTbox systemd[1]: Started Network Time Synchronization.

systemd디버그 출력을 사용하여 대부분의 서비스를 대화형으로 실행하는 방법을 알아낼 때까지 모든 것을 시도했습니다.대화식으로 systemd 실행

서비스가 로컬에서 잘 실행되는데 왜 서비스로 제대로 실행되지 않는지 묻습니다. 뭔가를 기다리고 있는 것 같은데...

서비스 파일에 디버그 설정을 추가하고 시작한 후 문제의 원인을 찾았습니다. 서비스가 NTP 이름을 확인할 수 없습니다.

파일을 확인했는데 resolv.conf문제가 없습니다. 모든 것이 systemd 외부에서 작동합니다. 그러나 SD 카드에 대한 쓰기를 최소화하기 위해 거의 읽기 전용 상태에서 실행 중이므로 resolv.conf가 tmpfs 위치에 심볼릭 링크되어 있습니다.

파일을 non-symlink로 복원했는데 이제 작동합니다.

관련 정보