Project

General

Profile

Feature #10322

Force ipv4/ipv6 DNS resolution for NTP servers

Added by Christian Borchert about 1 year ago. Updated 6 months ago.

Status:
Resolved
Priority:
Very Low
Assignee:
Category:
NTPD
Target version:
Start date:
03/08/2020
Due date:
% Done:

100%

Estimated time:
Release Notes:
Default

Description

Per http://doc.ntp.org/current-stable/confopt.html one should be able to prefix an NTP server hostname with either '-4' or '-6' to force DNS resolution in either ipv4 or ipv6.

"_Note that in contexts where a host name is expected, a -4 qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a -6 qualifier forces DNS resolution to the IPv6 namespace._"

This does not currently work in the pfsense GUI - attempting to do so corrupts the confirguration.

ipv6 resolution.PNG (47.1 KB) ipv6 resolution.PNG ipv6 resolution on a system with ipv6 disabled Christian Borchert, 03/10/2020 03:07 PM

Associated revisions

Revision bdb26b26 (diff)
Added by Viktor Gurov 6 months ago

Force NTP peers DNS resolution protocol. Implements #10322

History

#1 Updated by Jim Pingle about 1 year ago

  • Tracker changed from Bug to Feature
  • Subject changed from Force ipv4/ipv6 DNS resolution for NTP servers fails to Force ipv4/ipv6 DNS resolution for NTP servers
  • Category set to NTPD
  • Priority changed from Normal to Very Low
  • Target version set to Future

It's not a bug, it's just not supported.

It could be added. For example, with an option for each server in the NTP settings.

But for most people it isn't necessary.

#2 Updated by Christian Borchert about 1 year ago

Jim,

For an unknown reason - even though my setup is configured for only ipv4, sometimes NTP will randomly resolve servers to ipv6 addresses and try to connect....

This option would fix that bug

#4 Updated by Monseigneur Phelypeaux 6 months ago

I'm facing the same bug. I have an IPv4-only network with IPv6 disabled in pfSense, but my DNS servers reply with both an IPv4 and IPv6 address. When I set ntp.ripe.net, NTPd will consistently pick the IPv6 over the IPv4 address. This then becomes 'unreach/pending' (same as in Christian's screenshot) and will not get a time. My only 'workaround' is to use an NTP server/pool for which the DNS lookup only replies with an IPv4 address.

I consider this a bug, the feature proposed by Christian would work, but would require user interaction.

#6 Updated by Jim Pingle 6 months ago

  • Status changed from New to Pull Request Review
  • Target version changed from Future to 2.5.0

#7 Updated by Renato Botelho 6 months ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Viktor Gurov

PR has been merged. Thanks!

#8 Updated by Viktor Gurov 6 months ago

  • % Done changed from 0 to 100

#9 Updated by Viktor Gurov 6 months ago

  • Status changed from Feedback to Resolved

works as expected on 2.5.0.a.20201021.1850

If I set force to IPv4:
ntp.ix.ru - 194.190.168.1
If I set force to IPv6:
ntp.ix.ru - 2001:6d0:ffd4::1

Also available in: Atom PDF