snooping ntp igmp packets

Thanks, using snoop -o /tmp/snoop.out multicast I found the following from a server that is working.

ETHER: -- Ether Header --

ETHER:

ETHER: Packet 11 arrived at 10:08:1.42

ETHER: Packet size = 42 bytes

ETHER: Destination = 1:0:5e:0:1:1, (multicast)

ETHER: Source= 0:3:ba:d1:23:2b,

ETHER: Ethertype = 0800 (IP)

ETHER:

IP:-- IP Header --

IP:

IP:Version = 4

IP:Header length = 20 bytes

IP:Type of service = 0x00

IP: xxx. .... = 0 (precedence)

IP: ...0 .... = normal delay

IP: .... 0... = normal throughput

IP: .... .0.. = normal reliability

IP: .... ..0. = not ECN capable transport

IP: .... ...0 = no ECN congestion experienced

IP:Total length = 28 bytes

IP:Identification = 46070

IP:Flags = 0x0

IP: .0.. .... = may fragment

IP: ..0. .... = last fragment

IP:Fragment offset = 0 bytes

IP:Time to live = 1 seconds/hops

IP:Protocol = 2 (IGMP)

IP:Header checksum = 07c8

IP:Source address = 10.19.19.14, janice

IP:Destination address = 224.0.1.1, NTP.MCAST.NET

IP:No options

IP:

I assume this is an NTP related IGMP packet requesting IP 10.19.19.14 to be included in the NTP (224.0.1.1) multicast group.

A snoop of the server that is failing is not sending IGMP packets.

Do you know who/what controls IGMP NTP packets?

Thanks for the help,

Glen

sysglen at 2007-7-7 2:52:01 >

Well, a quick look at the xntpd man page indicates a couple of config options in /etc/inet/ntp.conf that might be relevant

broadcast

broadcastclient

multicastclient

look likely.

Also whether the daemon was started with the -m flag.

As darren said, compare the configs of the 2 servers...

robertcohen at 2007-7-7 2:52:01 >