Project

General

Profile

Actions

Bug #15552

open

NTP option "DNS Resolution" has no effect when using NTP pool hostnames

Added by Travis McMurry 15 days ago. Updated 14 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Services
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
24.08
Release Notes:
Default
Affected Version:
2.7.2
Affected Architecture:
amd64

Description

This issue happened in the past on #10322. It appears it was corrected but has come back.

Details
  1. System -> Advanced -> Networking -> IPv6 Options -> Allow IPv6 (unchecked, effectively disabled)
  2. Services -> NTP -> NTP Server Configuration -> DNS Resolution -> IPv4 (forcing IPv4 DNS Queries)
  3. Services -> NTP -> NTP Server Configuration -> Logging -> Log system messages (checked, logs are created)

Symptom
System Logs -> NTP
Observe NTP service querying IPv6 hosts, continually every minute or so

Troubleshooting
  • Tried toggling Auto/IPv4/IPv6 in NTP DNS settings, no effect
  • Restarting the NTP service after changing NTP DNS & NTP server pools (note: the pools contain IPv4 and IPv6 hosts)
  • Ensured all WAN interfaces contain no public IPv6 addresses

Files

clipboard-202406112137-db4h6.png (74.2 KB) clipboard-202406112137-db4h6.png Travis McMurry, 06/12/2024 01:37 AM
Actions #1

Updated by Jim Pingle 14 days ago

  • Subject changed from NTP on 2.7.2 queries IPv6 when IPv6 is administratively disabled to NTP option "DNS Resolution" has no effect when using NTP pool hostnames
  • Target version set to 2.8.0
  • Plus Target Version set to 24.08

Point 1 isn't relevant -- that has no effect on anything other than the firewall rules being able to pass IPv6, it does not disable anything at the networking/stack level.

The actual issue appears to be that the "DNS Resolution" option has no effect on pools, only peers and servers.

It appears to work by adjusting the code to hit both paths, but could use some more testing. It's possible it wasn't supported by ntpd in the past when that option was added initially.

You can try applying the following diff (ignoring whitespace) in the System Patches package:

diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index c7549317c4..bb0a785667 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -2538,11 +2538,11 @@ function system_ntp_configure() {
                        } else {
                                $ntpcfg .= 'server ';
                        }
-                       if (config_get_path('ntpd/dnsresolv') == 'inet') {
-                               $ntpcfg .= '-4 ';
-                       } elseif (config_get_path('ntpd/dnsresolv') == 'inet6') {
-                               $ntpcfg .= '-6 ';
-                       }
+               }
+               if (config_get_path('ntpd/dnsresolv') == 'inet') {
+                       $ntpcfg .= '-4 ';
+               } elseif (config_get_path('ntpd/dnsresolv') == 'inet6') {
+                       $ntpcfg .= '-6 ';
                }

                $ntpcfg .= "{$ts}";
Actions

Also available in: Atom PDF