Project

General

Profile

Actions

Feature #11496

open

NTP Peer

Added by Christian Borchert 9 months ago. Updated 5 days ago.

Status:
Feedback
Priority:
Normal
Assignee:
Category:
NTPD
Target version:
Start date:
02/21/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
22.01
Release Notes:

Description

If operating two pfSense machines, both of the same Stratum (for example both with GPS and stratum 1), it would be nice for them to peer with each other, as opposed to client-server mode.

https://www.freebsd.org/cgi/man.cgi?query=ntp.conf

looking at ntpd.conf in /var/etc is appears only SERVER and POOL modes are available through the GUI - not PEER

peer For type s addresses (only), this command mobilizes a persistent
symmetric-active mode association with the specified remote peer.
In this mode the local clock can be synchronized to the remote
peer or the remote peer can be synchronized to the local clock.
This is useful in a network of servers where, depending on vari-
ous failure scenarios, either the local or remote peer may be the
better source of time. This command should NOT be used for type
b, m or r addresses.

pool For type s addresses, this command mobilizes a persistent client
mode association with a number of remote servers. In this mode
the local clock can synchronized to the remote server, but the
remote server can never be synchronized to the local clock.

server For type s and r addresses, this command mobilizes a persistent
client mode association with the specified remote server or local
radio clock. In this mode the local clock can synchronized to
the remote server, but the remote server can never be synchro-
nized to the local clock. This command should not be used for
type b or m addresses.


Files

clipboard-202111130746-qzaqm.png (23.8 KB) clipboard-202111130746-qzaqm.png Christian Borchert, 11/13/2021 07:46 AM
clipboard-202111130747-iaxc7.png (91.3 KB) clipboard-202111130747-iaxc7.png Christian Borchert, 11/13/2021 07:47 AM
clipboard-202111130822-wawmh.png (10.4 KB) clipboard-202111130822-wawmh.png Christian Borchert, 11/13/2021 08:22 AM
458 (2).diff (5.39 KB) 458 (2).diff Viktor Gurov, 11/13/2021 08:35 AM
Actions #3

Updated by Christian Borchert 17 days ago

Viktor Gurov wrote in #note-2:

https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/458

Hi Viktor,

That link doesn't work for me

Actions #4

Updated by Viktor Gurov 17 days ago

  • File 458.diff added

Christian Borchert wrote in #note-3:

Viktor Gurov wrote in #note-2:

https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/458

Hi Viktor,

That link doesn't work for me

You can try to test the attached patch

Actions #5

Updated by Jim Pingle 17 days ago

  • Status changed from New to Pull Request Review
  • Assignee set to Viktor Gurov
  • Target version set to CE-Next
  • Plus Target Version set to Plus-Next
Actions #6

Updated by Christian Borchert 17 days ago

Thanks Viktor,

I believe I applied the changes to the files correctly - where does pfsense save the ntp.conf file - I want to verify the changes are made as expected to the file

-Christian

Actions #7

Updated by Christian Borchert 17 days ago

OK - I was able to find the ntpd.conf file in pfsense's /var/etc directory

Looks like it is specifying server/pool/peer as selected in the webgui

The documentation recommends the following:
A peer is configured in symmetric active mode using the peer command and specifying the other peer DNS name or IPv4 or IPv6 address. The burst and iburst options should not be used in symmetric modes, as this can upset the intended symmetry of the protocol and result in spurious duplicate or dropped messages.

https://www.eecis.udel.edu/~mills/ntp/html/assoc.html

However, when Peer is selected in the webgui, iburst is configured in ntpd.conf

Can this be changed to match the recommendation above?

Thanks,
-Christian

Actions #8

Updated by Viktor Gurov 16 days ago

  • File deleted (458.diff)
Actions #9

Updated by Viktor Gurov 16 days ago

  • File 458 (1).diff added

Christian Borchert wrote in #note-7:

OK - I was able to find the ntpd.conf file in pfsense's /var/etc directory

Looks like it is specifying server/pool/peer as selected in the webgui

The documentation recommends the following:
A peer is configured in symmetric active mode using the peer command and specifying the other peer DNS name or IPv4 or IPv6 address. The burst and iburst options should not be used in symmetric modes, as this can upset the intended symmetry of the protocol and result in spurious duplicate or dropped messages.

https://www.eecis.udel.edu/~mills/ntp/html/assoc.html

However, when Peer is selected in the webgui, iburst is configured in ntpd.conf

Can this be changed to match the recommendation above?

Thanks,
-Christian

Thanks for info

You can re-test the attached patch
Please read https://docs.netgate.com/pfsense/en/latest/development/system-patches.html

Actions #10

Updated by Christian Borchert 16 days ago

Thanks Viktor,

I installed the "System_Patches" package, reverted to backup copies I made of system.inc and services_ntpd.php, and then installed the newly revised patch.

the peer line in ntpd.conf now correcly does not have the iburst flag, but now it is missing the host address

Actions #11

Updated by Christian Borchert 16 days ago

I'm not sure - but I think we need an 'else' added to the code:

Actions #12

Updated by Viktor Gurov 16 days ago

Christian Borchert wrote in #note-11:

I'm not sure - but I think we need an 'else' added to the code:

Thank you!
fixed

Actions #13

Updated by Viktor Gurov 16 days ago

  • File deleted (458 (1).diff)
Actions #14

Updated by Christian Borchert 16 days ago

Awesome! Thank you Viktor.

Running this latest revision and it all looks good to me.

There was a bounty attached to this request - do you have a Paypal?

Actions #15

Updated by Viktor Gurov 14 days ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100
Actions #16

Updated by Viktor Gurov 10 days ago

  • Target version changed from CE-Next to 2.6.0
  • Plus Target Version changed from Plus-Next to 22.01
Actions #17

Updated by Viktor Gurov 5 days ago

works as expected on 2.6.0.a.20211123.0600
but I don't see this option on 22.01.a.20211122.0600

Actions

Also available in: Atom PDF