# [SOLVED] ntpq -p times out

## Sum1

NOQUERY APPEARS TO HAVE BEEN THE PROBLEM:  restrict default nomodify noquery

Upon removing "noquery" and adding "nopeer" , ntpq -p provides a list of all current ntp server peer connections.

-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -

I have a gentoo "backup" server behind a firewall and cannot query gentoo ntp server pools.

Cannot figure out why.

When I monitor port 123 on the gentoo server it shows ntp traffic to external servers every 15-20 seconds, so ntpd seems to be functional but I cannot query the peers I'm connected to.

I also have a slackware server behind the same firewall setup to use ntp with the same gentoo ntp server pools and the ntpq -p queries work on that server, no problem.

Background:

1.  ntpd service is on

```
 ps -e|grep -i ntpd

13317 ?        00:00:00 ntpd

```

2. /etc/ntp.conf

```
server 0.gentoo.pool.ntp.org

server 1.gentoo.pool.ntp.org

server 2.gentoo.pool.ntp.org

server 3.gentoo.pool.ntp.org

driftfile       /var/lib/ntp/ntp.drift

restrict default nomodify noquery

restrict 127.0.0.1

restrict 195.195.195.0 mask 255.255.255.0 nomodify nopeer notrap

```

3. ntpd traffic on port 123

```
 tcpdump -i eth0 port 123

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

10:04:51.238191 IP 195.195.195.192.ntp > 204.109.63.243.ntp: NTPv4, Client, length 48

10:04:51.307717 IP 204.109.63.243.ntp > 195.195.195.192.ntp: NTPv4, Server, length 48

10:05:20.238101 IP 195.195.195.192.ntp > 129.250.35.251.ntp: NTPv4, Client, length 48

10:05:20.265070 IP 129.250.35.251.ntp > 195.195.195.192.ntp: NTPv4, Server, length 48

10:05:53.238094 IP 195.195.195.192.ntp > 216.66.0.142.ntp: NTPv4, Client, length 48

10:05:53.282440 IP 216.66.0.142.ntp > 195.195.195.192.ntp: NTPv4, Server, length 48

10:06:02.238119 IP 195.195.195.192.ntp > 199.7.177.206.ntp: NTPv4, Client, length 48

10:06:02.298278 IP 199.7.177.206.ntp > 195.195.195.192.ntp: NTPv4, Server, length 48

```

4. ntpq -p

```
b1 ~ # ntpq -p

b1: timed out, nothing received

***Request timed out

```

<<sigh>>  

what am i missing?

there's no active firewall or iptables configuration on the gentoo backup server.

thank you for your time and help.

----------

## RazielFMX

My restrict default has noquery and ntpq -p works for me...

```

restrict default nomodify nopeer noquery limited kod

```

----------

