SCIENTIFIC-LINUX-USERS Archives

March 2016

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: *RESOLVED* "Not using downloaded repomd.xml because it is older than what we have:"
From:
Thomas Leavitt <[log in to unmask]>
Reply To:
Thomas Leavitt <[log in to unmask]>
Date:
Fri, 11 Mar 2016 19:54:02 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (83 lines) 
... if you're running into similar problems with other operating systems, then the adoption of "systemd-timesyncd" as a part of "systemd-networkd" may be the cause. This appears to be primarily aimed at "desktops" (a very arbitrary distinction in the "real world" in my experience), as it reduces the attack surface associated with running ntp by being less complicated.

https://wiki.archlinux.org/index.php/systemd-timesyncd

I have all sorts of "feels", as my millennial compatriots put it, about the idea that there are now three different default implementations of the NTP protocol floating around the network (just within Linux), but this isn't the place to express them. :-P

Regards,
Thomas Leavitt


-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]] On Behalf Of Thomas Leavitt
Sent: Friday, March 11, 2016 11:26 AM
To: [log in to unmask]
Subject: RE: [SCIENTIFIC-LINUX-USERS] *RESOLVED* "Not using downloaded repomd.xml because it is older than what we have:"

I'm suspecting that the repomd.xml problem was a product of chronyd using a different algorithm than ntpd, and the result of that being a minor divergence in timestamps between server and client (seven seconds, as documented, on my case). Flipping the machines in question that were complaining from chronyd to ntpd seems to have resolved the problem.

I suspect that this particular issue is going to be near universal (any SL7 system running chronyd is going to have it), and manifest itself both locally on internal networks where servers run both 6 (and earlier) and 7, as well as externally, and that RedHat probably didn't think about the implications of this for overly time sensitive network applications when they switched the defaults. I'm guessing applications that actually need tighter links handle these issues differently, so basically, anything that complains as a result of this is either mis-configured or overly sensitive. Really, a 7 second time slew between servers literally thousands of miles away, even in this day and age, shouldn't produce error messages, especially for something that is as non-critical as the application in question.

Regards,
Thomas Leavitt

-----Original Message-----
From: David Sommerseth [mailto:[log in to unmask]]
Sent: Wednesday, March 09, 2016 3:59 PM
To: [log in to unmask]
Cc: Thomas Leavitt
Subject: Re: [SCIENTIFIC-LINUX-USERS] "Not using downloaded repomd.xml because it is older than what we have:"

On 09/03/16 22:20, Thomas Leavitt wrote:
> Hmm... looks like chronyd was installed by default under SL7 (learn 
> something new every day) rather than ntpd; systems seemed to still be 
> synced and accurate to the second. I swapped that out for ntpd. We'll 
> see if that makes any difference, though I doubt it. The times seemed 
> accurate to the second when I last looked at them. Looking at the web 
> page for chrony, it sounds like it is at least a functional equivalent 
> of ntp under Linux, if not superior in some respects.
> 
> http://chrony.tuxfamily.org/faq.html
> 
> No transparent proxies either, as per the network admins. Some web 
> filtering done via Checkpoint firewalls, but that's it.

All of my SL7 boxes are using ntpd and not chronyd too.


--
kind regards,

David Sommerseth



> -----Original Message-----
> From: [log in to unmask]
> [mailto:[log in to unmask]] On Behalf Of 
> Pat Riehecky
> Sent: Wednesday, March 09, 2016 6:42 AM
> To: Antonio Querubin; [log in to unmask]
> Subject: Re: [SCIENTIFIC-LINUX-USERS] "Not using downloaded repomd.xml because it is older than what we have:"
> 
> On 03/09/2016 03:36 AM, Antonio Querubin wrote:
>> On Wed, 9 Mar 2016, John Pilkington wrote:
>>
>>> But doesn't SL7 use chrony?
>>
>> We're talking servers (ie. always on systems) right? - where 
>> supposedly ntpd is the better choice.  I would think the mirrors are 
>> running ntpd instead of chronyd.
>>
>> But this discussion got me to rechecking again why ntpd wasn't 
>> starting up on some of my own servers and it turns out chronyd was 
>> still enabled on those.  Perhaps the repo servers have the same issue?
>>
> I've verified that the distribution servers have a stable ntpd running and remain synced with several on site stratum1 time sources.
> 
> Pat
> ________________________________
> 
> This e-mail may contain privileged or confidential information. If you are not the intended recipient: (1) you may not disclose, use, distribute, copy or rely upon this message or attachment(s); and (2) please notify the sender by reply e-mail, and then delete this message and its attachment(s). EAG, Inc. and its affiliates disclaim all liability for any errors, omissions, corruption or virus in this message or any attachments.
>

ATOM RSS1 RSS2