Feb 21, '03 08:08:00AM • Contributed by: noworryz
If you've had a problem keeping your clock accurate using network time, this tip may help out. Network time is controlled from the System Preferences, Date & Time pane, Network Time tab. Symptoms of the problem include:
- The "Use a network time server" checkbox turning itself off after a restart.
- The clock drifting even though the "Set Time Now" button seems to work.
OS X has a confusing "feature" that makes diagnosing the problem difficult: After a restart or after disabling and enabling the "Use a network time server" checkbox, OS X attempts to synchronize the time using a different method than when you press the "Set Time Now" button. After a restart or enabling "Use a network time server," OS X sends Network Time Protocol (NTP) messages using the User Datagram Protocol (UDP) from port 123 of your machine to port 123 of the specified NTP Server. The server replies from port 123 to port 123 of your machine.
After pressing the "Set Time Now" button, OS X sends NTP messages from a very high port number (about 49150) of your machine to port 123 of the NTP Server. The server replies from port 123 to the same high port number of your machine.
Read the rest of the article for information on diagnosing and repairing this problem...
To see if you have a problem, enable the "Use a network time server" checkbox and press the "Set Time Now" button. Open the terminal and type ntpq -p. If ntpq outputs ntpq: read: Connection refused, then the "Use a network time server" checkbox is probably not enabled. If ntpq outputs No association ID's returned, then no NTP messages at all are getting through. If the ntpq output has a 16 in the st (stratum) column, then the (123/123) NTP messages are not getting through but the high port numbered "Set Time Now" messages are being received:
remote refid st t when poll reach delay offset jitter ===================================================================== [server] 0.0.0.0 16 u - 68m 0 0.000 0.000 4000.00
Where [server] is the specified NTP server.
If the ntpq output has a number lower than 16 in the "st" column, then NTP is working correctly:
remote refid st t when poll reach delay offset jitter ===================================================================== [server] [something] 2 u 48 68m 1 141.594 14.361 0.004Fixing NTP
NTP problems are often caused by a firewall between you and the NTP server, either a software firewall on your machine or a hardware firewall at your Internet connection. Check to see if you have a software firewall installed, such as Brickhouse or have the Jaguar built-in firewall enabled in the System Preferences, Sharing pane, Firewall tab.
If you have no control over the firewall, the problem will be unsolvable, at least until Apple makes changes to OS X. Otherwise, you will want to reduce the firewall security by the smallest amount necessary to solve the problem. Note that traffic from the NTP server always:
- uses the UDP (not TCP) protocol,
- is from port 123,
- is either to port 123 or to a port over 10,000,
- is from the IP address of the specified NTP server.
add [number1] allow udp from any 123 to any 123 via en0 add [number2] allow udp from any 123 to any 10000-65535 via en0Where [number1] and [number2] are integers that specify the order in which to execute the filter rules. You can list the existing firewall rules within Brickhouse or with the terminal command sudo ipfw list. Other firewalls may have a different syntax; reading your firewall manual is required.