BIND: Clocks are Unsynchronized Error and Solution

Q. I've configured BIND named TSIG as documented here. It worked for some time, but my /var/log/messages got the errors as follows:

zone example.org/IN: refresh: failure trying master 71.22.11.22#53 (source 0.0.0.0#0): clocks are unsynchronized: 9 Time(s)
zone example.org/IN: refresh: failure trying master 71.22.11.22#53 (source 71.22.11.22#0): clocks are unsynchronized: 9 Time(s)

How do I fix these errors under Debian Linux 64 bit etch server?

A. BIND and many other UNIX / Linux / BSD services depends upon accurate timings. You need to use the Network Time Protocol (NTP), which is a protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. NTP uses UDP port 123 as its transport layer. It is designed particularly to resist the effects of variable latency by using a jitter buffer. Under Linux / UNIX you can use ntpd or openntpd software implementation to sync clock.

To install ntpd under Debian, enter:
# apt-get update
# apt-get install ntp

You need ntp installed and configured on both master and slave DNS server. Once installed it will automatically sync clock using server specified in /etc/ntp.conf file:
server 0.debian.pool.ntp.org iburst
server 1.debian.pool.ntp.org iburst
server 2.debian.pool.ntp.org iburst
server 3.debian.pool.ntp.org iburst

Once ntpd started bind should work without a problem. Reload named to push pending updates:
# bind reload

Featured Articles:

• 20 Linux System Monitoring Tools Every SysAdmin Should Know
• 20 Linux Server Hardening Security Tips
• My 10 UNIX Command Line Mistakes
• Linux: 20 Iptables Examples For New SysAdmins
• 25 PHP Security Best Practices For Sys Admins
• The Novice Guide To Buying A Linux Laptop
• 10 Greatest Open Source Software Of 2009
• Top 5 Email Client For Linux, Mac OS X, and Windows Users
• Top 20 OpenSSH Server Best Security Practices
• Top 10 Open Source Web-Based Project Management Software
• Top 5 Linux Video Editor Software