Feature #11496
closedSupport for NTP Peer mode
100%
Description
If operating two pfSense machines, both of the same Stratum (for example both with GPS and stratum 1), it would be nice for them to peer with each other, as opposed to client-server mode.
https://www.freebsd.org/cgi/man.cgi?query=ntp.conf
looking at ntpd.conf in /var/etc is appears only SERVER and POOL modes are available through the GUI - not PEER
peer For type s addresses (only), this command mobilizes a persistent
symmetric-active mode association with the specified remote peer.
In this mode the local clock can be synchronized to the remote
peer or the remote peer can be synchronized to the local clock.
This is useful in a network of servers where, depending on vari-
ous failure scenarios, either the local or remote peer may be the
better source of time. This command should NOT be used for type
b, m or r addresses.
pool For type s addresses, this command mobilizes a persistent client
mode association with a number of remote servers. In this mode
the local clock can synchronized to the remote server, but the
remote server can never be synchronized to the local clock.
server For type s and r addresses, this command mobilizes a persistent
client mode association with the specified remote server or local
radio clock. In this mode the local clock can synchronized to
the remote server, but the remote server can never be synchro-
nized to the local clock. This command should not be used for
type b or m addresses.
Files
Updated by Christian Borchert about 3 years ago
Updated by Viktor Gurov about 3 years ago
Updated by Christian Borchert about 3 years ago
Viktor Gurov wrote in #note-2:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/458
Hi Viktor,
That link doesn't work for me
Updated by Viktor Gurov about 3 years ago
- File 458.diff added
Christian Borchert wrote in #note-3:
Viktor Gurov wrote in #note-2:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/458
Hi Viktor,
That link doesn't work for me
You can try to test the attached patch
Updated by Jim Pingle about 3 years ago
- Status changed from New to Pull Request Review
- Assignee set to Viktor Gurov
- Target version set to CE-Next
- Plus Target Version set to Plus-Next
Updated by Christian Borchert about 3 years ago
Thanks Viktor,
I believe I applied the changes to the files correctly - where does pfsense save the ntp.conf file - I want to verify the changes are made as expected to the file
-Christian
Updated by Christian Borchert about 3 years ago
OK - I was able to find the ntpd.conf file in pfsense's /var/etc directory
Looks like it is specifying server/pool/peer as selected in the webgui
The documentation recommends the following:
A peer is configured in symmetric active mode using the peer command and specifying the other peer DNS name or IPv4 or IPv6 address. The burst and iburst options should not be used in symmetric modes, as this can upset the intended symmetry of the protocol and result in spurious duplicate or dropped messages.
https://www.eecis.udel.edu/~mills/ntp/html/assoc.html
However, when Peer is selected in the webgui, iburst is configured in ntpd.conf
Can this be changed to match the recommendation above?
Thanks,
-Christian
Updated by Viktor Gurov about 3 years ago
- File 458 (1).diff added
Christian Borchert wrote in #note-7:
OK - I was able to find the ntpd.conf file in pfsense's /var/etc directory
Looks like it is specifying server/pool/peer as selected in the webgui
The documentation recommends the following:
A peer is configured in symmetric active mode using the peer command and specifying the other peer DNS name or IPv4 or IPv6 address. The burst and iburst options should not be used in symmetric modes, as this can upset the intended symmetry of the protocol and result in spurious duplicate or dropped messages.https://www.eecis.udel.edu/~mills/ntp/html/assoc.html
However, when Peer is selected in the webgui, iburst is configured in ntpd.conf
Can this be changed to match the recommendation above?
Thanks,
-Christian
Thanks for info
You can re-test the attached patch
Please read https://docs.netgate.com/pfsense/en/latest/development/system-patches.html
Updated by Christian Borchert about 3 years ago
- File clipboard-202111130746-qzaqm.png clipboard-202111130746-qzaqm.png added
- File clipboard-202111130747-iaxc7.png clipboard-202111130747-iaxc7.png added
Thanks Viktor,
I installed the "System_Patches" package, reverted to backup copies I made of system.inc and services_ntpd.php, and then installed the newly revised patch.
the peer line in ntpd.conf now correcly does not have the iburst flag, but now it is missing the host address
Updated by Christian Borchert about 3 years ago
I'm not sure - but I think we need an 'else' added to the code:
Updated by Viktor Gurov about 3 years ago
- File 458 (2).diff 458 (2).diff added
Christian Borchert wrote in #note-11:
I'm not sure - but I think we need an 'else' added to the code:
Thank you!
fixed
Updated by Christian Borchert about 3 years ago
Awesome! Thank you Viktor.
Running this latest revision and it all looks good to me.
There was a bounty attached to this request - do you have a Paypal?
Updated by Viktor Gurov about 3 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset 0cfd008330b543a1674787cb031507fb1951a1f9.
Updated by Viktor Gurov about 3 years ago
- Target version changed from CE-Next to 2.6.0
- Plus Target Version changed from Plus-Next to 22.01
Updated by Viktor Gurov about 3 years ago
works as expected on 2.6.0.a.20211123.0600
but I don't see this option on 22.01.a.20211122.0600
Updated by Jim Pingle about 3 years ago
- Subject changed from NTP Peer to Support for NTP Peer mode
Updating subject for release notes.
Updated by Danilo Zrenjanin about 3 years ago
- Status changed from Feedback to Resolved
Tested against:
2.6.0-BETA (amd64) built on Thu Dec 16 06:22:38 UTC 2021 FreeBSD 12.3-STABLE
You can choose Pool, Server, and Peer types.
Resolving the ticket.