I recently moved my main time-server to another system, e.g. old.fqdn to new.fqdn. All subordinate ntpd daemons use ntp.fqdn as server, which is a CNAME now pointing to new.fqdn, i.e. host ntp.fqdn on that system yields:
ntp.fqdn is an alias for new.fqdn.
new.fqdn has address xxx.xxx.xxx.xxx
However ntpq -p yields:
remote refid st t when poll reach delay offset jitter
==============================================================================
old.fqdn .INIT. 16 u - 1024 0 0.000 0.000 0.000
which is consistent, since old.fqdn has been shut down. But why does it stick to that server? This is /etc/ntp.conf:
driftfile /var/lib/ntp/ntp.drift
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
server ntp.fqdn iburst
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
restrict 127.0.0.1
restrict ::1
And of course ntpd has been restarted after the DNS change. Also ntpdate -s ntp.fqdn is able to synchronize, and other systems on the network using the exact same configuration work perfectly. The only apparent difference is that those systems never used old.fqdn before. Is there any other place, where ntpd keeps record of its parental server?
System is current Debian Jessie: ntp 1:4.2.6.p5+dfsg-7+deb8u2, amd64
Update: I began to re-install ntp (apt-get --purge remove ntp && apt-get install ntp) on the workstations. After re-installation the same configuration works as expected.
Solution: The reason is that ntpd is not started with /etc/ntp.conf, but with /var/lib/ntp/ntp.conf.dhcp. The latter had the IP of old.fqdn hardcoded. Yes, in the past the systems have been configured by DHCP, currently they aren't.
The Debian start script /etc/init.d/ntp checks whether the file exists, and uses it for configuration instead. So the solution to the problem is to delete /var/lib/ntp/ntp.conf.dhcp. Don't know why I didn't check ps aux earlier.
Best Answer
NTP doesn't automatically retry DNS lookups when using the
serverdirective. Switchservertopooland restart NTP to get this behaviour.