Bug #15552
closed
NTP option "DNS Resolution" has no effect when using NTP pool hostnames
100%
Description
This issue happened in the past on #10322. It appears it was corrected but has come back.
Details- System -> Advanced -> Networking -> IPv6 Options -> Allow IPv6 (unchecked, effectively disabled)
- Services -> NTP -> NTP Server Configuration -> DNS Resolution -> IPv4 (forcing IPv4 DNS Queries)
- Services -> NTP -> NTP Server Configuration -> Logging -> Log system messages (checked, logs are created)
Symptom
System Logs -> NTP
Observe NTP service querying IPv6 hosts, continually every minute or so
- Tried toggling Auto/IPv4/IPv6 in NTP DNS settings, no effect
- Restarting the NTP service after changing NTP DNS & NTP server pools (note: the pools contain IPv4 and IPv6 hosts)
- Ensured all WAN interfaces contain no public IPv6 addresses
Files
Updated by Jim Pingle 6 months ago
- Subject changed from NTP on 2.7.2 queries IPv6 when IPv6 is administratively disabled to NTP option "DNS Resolution" has no effect when using NTP pool hostnames
- Target version set to 2.8.0
- Plus Target Version set to 24.08
Point 1 isn't relevant -- that has no effect on anything other than the firewall rules being able to pass IPv6, it does not disable anything at the networking/stack level.
The actual issue appears to be that the "DNS Resolution" option has no effect on pools, only peers and servers.
It appears to work by adjusting the code to hit both paths, but could use some more testing. It's possible it wasn't supported by ntpd in the past when that option was added initially.
You can try applying the following diff (ignoring whitespace) in the System Patches package:
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index c7549317c4..bb0a785667 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -2538,11 +2538,11 @@ function system_ntp_configure() {
} else {
$ntpcfg .= 'server ';
}
- if (config_get_path('ntpd/dnsresolv') == 'inet') {
- $ntpcfg .= '-4 ';
- } elseif (config_get_path('ntpd/dnsresolv') == 'inet6') {
- $ntpcfg .= '-6 ';
- }
+ }
+ if (config_get_path('ntpd/dnsresolv') == 'inet') {
+ $ntpcfg .= '-4 ';
+ } elseif (config_get_path('ntpd/dnsresolv') == 'inet6') {
+ $ntpcfg .= '-6 ';
}
$ntpcfg .= "{$ts}";
Updated by Travis McMurry 5 months ago
On 7/29 I've applied the diff. Since applying, the NTP log has stopped showing the "Soliciting Pool Server" requests to IPv6 addresses. If this changes I'll report back.
As of 8/6, the patch appears stable, no issues, time is syncing.
Updated by Jim Pingle 2 months ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 26a06fbad188a772f862c830d3918fb5588a2002.
Updated by Jim Pingle 2 months ago
- Plus Target Version changed from 24.08 to 24.11
Updated by Jordan G about 2 months ago
the info/tip below NTP's DNS resolution option currently states it has no affect on pools. This should be updated if it now does change pool name resolution.
"Force NTP peers DNS resolution IP protocol. Do not affect pools."
Updated by Jim Pingle about 2 months ago
- Assignee set to Jim Pingle
Jordan G wrote in #note-5:
the info/tip below NTP's DNS resolution option currently states it has no affect on pools. This should be updated if it now does change pool name resolution.
Updated by Jim Pingle about 1 month ago
- Status changed from Feedback to Resolved