Record an analysis of the 30s delayed output when executing the ntpq -p command and the error report when executing the ntpstat command in the Galaxy Kirin server system

1. Problem description

Question 1: After executing the ntpq -p command, there will be output about 30 seconds later. By executing the command time ntpq -p, you can get the 30s delayed output time.

Question 2: When executing the ntpstat command, an error message is reported: Unable to talk to NTP daemon. Is it running?

2. System version information

############## Kylin Linux Version #################
Release:
Kylin Linux Advanced Server release V10 (Sword)

Kernel:
4.19.90-25.31.v2101.ky10.aarch64

Build:
Kylin Linux Advanced Server
release V10 (SP2) /(Sword)-aarch64-Build09/20210524
#################################################

3. Troubleshooting and solutions

3.1 Analysis of the 30s delay output problem when executing ntpq -p

After executing the ntpq -p command, there will be output about 30 seconds later. By executing the command time ntpq -p, you can get the 30s delayed output time.

3.1.1 Cause of the problem

It is possible that ntpq is trying to resolve DNS for the name of the NTP peers and that a misconfigured DNS is causing the timeout and delay of 5 minutes.

You can confirm that that's the case by asking it not to resolve DNS, using the ntpq -np command (the -n flag tells it not to resolve DNS.)

If that's indeed the case, you can then look into why resolving DNS for those IPs is not working (but that's a separate topic, probably deserves a specific question.)

如果主机/etc/resolv.conf 里，没有配置nameserver ，则不会去DNS解析，不会有该问题。

3.1.2 Solutions

加上-n选项，没有配置nameserver ，则不会去DNS解析，不会有该问题。
ntpq -np

3.2 Analysis of errors reported when executing the ntpstat command

When executing the ntpstat command, an error message is reported: Unable to talk to NTP daemon. Is it running?

3.2.1 Problem analysis

(1) Check the status of the ntpd service

systemctl status ntpd

(2) Check the communication status of the client and server 123udp ports

[root@localhost ~]# nmap -sU 172.16.210.142 -p 123 -Pn
Starting Nmap 7.80 ( https://nmap.org ) at 2023-12-08 14:44 CST
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Nmap scan report for 172.16.210.142
Host is up (0.00076s latency).

PORT    STATE SERVICE
123/udp open  ntp

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds

#state状态为open表示端口通信正常。
#state状态为open|filtered表示端口通信不正常，确认是否存在端口限制。

(3) Check the ntp configuration file

Check if there are any abnormalities in the ntp file configuration

(4) Check the integrity of the ntpstat software package

rpm -V ntpstat

#正常执行命令是没有输出的

rpm -V ntpstat
s.5....T.  /usr/bin/ntpstat
#非正常输出
#在排查过程中，发现/usr/bin/ntpstat文件被修改过

3.2.2 Solutions

Uninstall the ntpstat package and reinstall it. Execute the ntpstat command to return to normal.