Project

General

Profile

Actions
Copy link

Feature #10322

closed

Force ipv4/ipv6 DNS resolution for NTP servers

Added by Christian Borchert over 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Very Low
Assignee:
Viktor Gurov
Category:
NTPD
Target version:
2.5.0
Start date:
03/08/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

Per http://doc.ntp.org/current-stable/confopt.html one should be able to prefix an NTP server hostname with either '-4' or '-6' to force DNS resolution in either ipv4 or ipv6.

"_Note that in contexts where a host name is expected, a -4 qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a -6 qualifier forces DNS resolution to the IPv6 namespace._"

This does not currently work in the pfsense GUI - attempting to do so corrupts the confirguration.

Files

ipv6 resolution.PNG (47.1 KB) ipv6 resolution.PNG ipv6 resolution on a system with ipv6 disabled Christian Borchert, 03/10/2020 03:07 PM
Actions
Copy link
 #1

Updated by Jim Pingle over 4 years ago

  • Tracker changed from Bug to Feature
  • Subject changed from Force ipv4/ipv6 DNS resolution for NTP servers fails to Force ipv4/ipv6 DNS resolution for NTP servers
  • Category set to NTPD
  • Priority changed from Normal to Very Low
  • Target version set to Future

It's not a bug, it's just not supported.

It could be added. For example, with an option for each server in the NTP settings.

But for most people it isn't necessary.

Actions
Copy link
 #2

Updated by Christian Borchert over 4 years ago

Jim,

For an unknown reason - even though my setup is configured for only ipv4, sometimes NTP will randomly resolve servers to ipv6 addresses and try to connect....

This option would fix that bug

Actions
Copy link
 #4

Updated by Monseigneur Phelypeaux about 4 years ago

I'm facing the same bug. I have an IPv4-only network with IPv6 disabled in pfSense, but my DNS servers reply with both an IPv4 and IPv6 address. When I set ntp.ripe.net, NTPd will consistently pick the IPv6 over the IPv4 address. This then becomes 'unreach/pending' (same as in Christian's screenshot) and will not get a time. My only 'workaround' is to use an NTP server/pool for which the DNS lookup only replies with an IPv4 address.

I consider this a bug, the feature proposed by Christian would work, but would require user interaction.

Actions
Copy link
 #6

Updated by Jim Pingle about 4 years ago

  • Status changed from New to Pull Request Review
  • Target version changed from Future to 2.5.0
Actions
Copy link
 #7

Updated by Renato Botelho about 4 years ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Viktor Gurov

PR has been merged. Thanks!

Actions
Copy link
 #8

Updated by Viktor Gurov about 4 years ago

  • % Done changed from 0 to 100
Actions
Copy link
 #9

Updated by Viktor Gurov about 4 years ago

  • Status changed from Feedback to Resolved

works as expected on 2.5.0.a.20201021.1850

If I set force to IPv4:
ntp.ix.ru - 194.190.168.1
If I set force to IPv6:
ntp.ix.ru - 2001:6d0:ffd4::1

Actions
Copy link

Also available in: Atom PDF