Bug #15552
closed
NTP option "DNS Resolution" has no effect when using NTP pool hostnames
Added by Travis McMurry 6 months ago.
Updated about 1 month ago.
Plus Target Version:
24.11
Affected Architecture:
amd64
Description
This issue happened in the past on #10322. It appears it was corrected but has come back.
Details
- System -> Advanced -> Networking -> IPv6 Options -> Allow IPv6 (unchecked, effectively disabled)
- Services -> NTP -> NTP Server Configuration -> DNS Resolution -> IPv4 (forcing IPv4 DNS Queries)
- Services -> NTP -> NTP Server Configuration -> Logging -> Log system messages (checked, logs are created)
Symptom
System Logs -> NTP
Observe NTP service querying IPv6 hosts, continually every minute or so
Troubleshooting
- Tried toggling Auto/IPv4/IPv6 in NTP DNS settings, no effect
- Restarting the NTP service after changing NTP DNS & NTP server pools (note: the pools contain IPv4 and IPv6 hosts)
- Ensured all WAN interfaces contain no public IPv6 addresses
Files
- Subject changed from NTP on 2.7.2 queries IPv6 when IPv6 is administratively disabled to NTP option "DNS Resolution" has no effect when using NTP pool hostnames
- Target version set to 2.8.0
- Plus Target Version set to 24.08
Point 1 isn't relevant -- that has no effect on anything other than the firewall rules being able to pass IPv6, it does not disable anything at the networking/stack level.
The actual issue appears to be that the "DNS Resolution" option has no effect on pools, only peers and servers.
It appears to work by adjusting the code to hit both paths, but could use some more testing. It's possible it wasn't supported by ntpd in the past when that option was added initially.
You can try applying the following diff (ignoring whitespace) in the System Patches package:
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index c7549317c4..bb0a785667 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -2538,11 +2538,11 @@ function system_ntp_configure() {
} else {
$ntpcfg .= 'server ';
}
- if (config_get_path('ntpd/dnsresolv') == 'inet') {
- $ntpcfg .= '-4 ';
- } elseif (config_get_path('ntpd/dnsresolv') == 'inet6') {
- $ntpcfg .= '-6 ';
- }
+ }
+ if (config_get_path('ntpd/dnsresolv') == 'inet') {
+ $ntpcfg .= '-4 ';
+ } elseif (config_get_path('ntpd/dnsresolv') == 'inet6') {
+ $ntpcfg .= '-6 ';
}
$ntpcfg .= "{$ts}";
On 7/29 I've applied the diff. Since applying, the NTP log has stopped showing the "Soliciting Pool Server" requests to IPv6 addresses. If this changes I'll report back.
As of 8/6, the patch appears stable, no issues, time is syncing.
- Status changed from New to Feedback
- % Done changed from 0 to 100
- Plus Target Version changed from 24.08 to 24.11
the info/tip below NTP's DNS resolution option currently states it has no affect on pools. This should be updated if it now does change pool name resolution.
"Force NTP peers DNS resolution IP protocol. Do not affect pools."
- Assignee set to Jim Pingle
- Status changed from Feedback to Resolved
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by