Bug #3317
closedntpd sets stratum 16 (unsynced) when selected to listen on multiple interfaces
0%
Description
Somehow ntpd sets stratum 16 number if one selects to listen on multiple interfaces
and virtual IPs. If it only listens on LAN for example then it works and sets proper stratum number.
Scenario when two interfaces are selected: LAN and em5 10.27.88.1
Nov 12 14:04:49 pfsense ntpd[43928]: ntpd exiting on signal 15 Nov 12 14:04:49 pfsense ntpd[70455]: ntpd 4.2.6p5@1.2349-o Wed Jul 24 14:36:48 UTC 2013 (1) Nov 12 14:04:49 pfsense ntpd[70513]: proto: precision = 2.794 usec Nov 12 14:04:49 pfsense ntpd[70513]: ntp_io: estimated max descriptors: 11095, initial socket boundary: 20 Nov 12 14:04:49 pfsense ntpd[70513]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen and drop on 1 v6wildcard :: UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 2 em1 10.27.0.1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 3 em1 fe80::290:bff:fe19:ac5f UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 4 em1 10.27.2.1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 5 em1 10.27.3.1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 6 em1 10.27.1.1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 7 em5 10.27.88.1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 8 em5 fe80::290:bff:fe19:ac63 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 9 lo0 127.0.0.1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: Listen normally on 10 lo0 ::1 UDP 123 Nov 12 14:04:49 pfsense ntpd[70513]: peers refreshed Nov 12 14:04:49 pfsense ntpd[70513]: Listening on routing socket on fd #33 for interface updates
Gets me:
ntpq -c peers 127.0.0.1 remote refid st t when poll reach delay offset jitter ============================================================================== pepi.vitel.si .INIT. 16 u - 64 0 0.000 0.000 0.000 diane.ensma.fr .INIT. 16 u - 64 0 0.000 0.000 0.000 pehta.net .INIT. 16 u - 64 0 0.000 0.000 0.000
[root@burja ~]# ntpdate 10.27.0.1 12 Nov 13:56:37 ntpdate[26935]: no server suitable for synchronization found
While when I select only LAN I immediately get:
ntpq -c peers 127.0.0.1 remote refid st t when poll reach delay offset jitter ============================================================================== ns1.vitel.si 194.249.234.70 2 u - 64 1 8.365 1.726 0.209 www.nierle.com 192.53.103.108 2 u 1 64 1 28.922 6.454 0.004 pehta.net 193.2.1.117 2 u - 64 1 1.315 1.850 0.004
[root@burja ~]# ntpdate 10.27.0.1 12 Nov 13:53:07 ntpdate[26665]: adjust time server 10.27.0.1 offset -0.013700 sec
Nov 12 14:07:26 pfsense ntpd[70513]: ntpd exiting on signal 15 Nov 12 14:07:26 pfsense ntpd[39833]: ntpd 4.2.6p5@1.2349-o Wed Jul 24 14:36:48 UTC 2013 (1) Nov 12 14:07:26 pfsense ntpd[40109]: proto: precision = 2.794 usec Nov 12 14:07:27 pfsense ntpd[40109]: ntp_io: estimated max descriptors: 11095, initial socket boundary: 20 Nov 12 14:07:27 pfsense ntpd[40109]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen and drop on 1 v6wildcard :: UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 2 em1 10.27.0.1 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 3 em1 fe80::290:bff:fe19:ac5f UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 4 em1 10.27.2.1 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 5 em1 10.27.3.1 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 6 em1 10.27.1.1 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 7 lo0 127.0.0.1 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: Listen normally on 8 lo0 ::1 UDP 123 Nov 12 14:07:27 pfsense ntpd[40109]: peers refreshed Nov 12 14:07:27 pfsense ntpd[40109]: Listening on routing socket on fd #31 for interface updates
List of interfaces:
: ifconfig em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWTSO> ether 00:90:0b:19:ac:5e inet6 fe80::290:bff:fe19:ac5e%em0 prefixlen 64 scopeid 0x1 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet autoselect (100baseTX <full-duplex>) status: active em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWTSO> ether 00:90:0b:19:ac:5f inet 10.27.0.1 netmask 0xffffff00 broadcast 10.27.0.255 inet6 fe80::290:bff:fe19:ac5f%em1 prefixlen 64 scopeid 0x2 inet 10.27.2.1 netmask 0xffffff00 broadcast 10.27.2.255 inet 10.27.3.1 netmask 0xffffff00 broadcast 10.27.3.255 inet 10.27.1.1 netmask 0xffffff00 broadcast 10.27.1.255 nd6 options=1<PERFORMNUD> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWTSO> ether 00:90:0b:19:ac:60 inet X.X.X.X netmask 0xfffffffc broadcast X.X.X.X inet6 fe80::290:bff:fe19:ac60%em2 prefixlen 64 scopeid 0x3 nd6 options=1<PERFORMNUD> media: Ethernet autoselect (100baseTX <full-duplex>) status: active em3: flags=8c02<BROADCAST,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:90:0b:19:ac:61 media: Ethernet autoselect status: no carrier em4: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:90:0b:19:ac:62 media: Ethernet autoselect status: no carrier em5: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether 00:90:0b:19:ac:63 inet 10.27.88.1 netmask 0xffffff00 broadcast 10.27.88.255 inet6 fe80::290:bff:fe19:ac63%em5 prefixlen 64 scopeid 0x6 nd6 options=1<PERFORMNUD> media: Ethernet autoselect (100baseTX <full-duplex>) status: active enc0: flags=41<UP,RUNNING> metric 0 mtu 1536 pfsync0: flags=0<> metric 0 mtu 1460 syncpeer: 224.0.0.240 maxupd: 128 syncok: 1 pflog0: flags=100<PROMISC> metric 0 mtu 33192 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa nd6 options=3<PERFORMNUD,ACCEPT_RTADV> pppoe0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1492 inet6 fe80::290:bff:fe19:ac5e%pppoe0 prefixlen 64 scopeid 0xb inet X.X.X.X --> Y.Y.Y.Y netmask 0xffffffff nd6 options=3<PERFORMNUD,ACCEPT_RTADV> ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> inet6 fe80::290:bff:fe19:ac5e%ovpns1 prefixlen 64 scopeid 0xc inet 10.222.222.1 --> 10.222.222.2 netmask 0xffffffff nd6 options=3<PERFORMNUD,ACCEPT_RTADV> Opened by PID 17788
Updated by Chris Buechler about 10 years ago
- Status changed from New to Rejected
I don't think there's a general issue here. There are tons of systems out there that run ntpd selected on multiple interfaces.
If you have a specific, repeatable scenario where that occurs, please provide details.
Updated by Ivo B over 9 years ago
What specific details do you need?
I'm having the same issue again.
2.1.2-RELEASE (i386) built on Thu Apr 10 05:23:34 EDT 2014 FreeBSD 8.3-RELEASE-p15
With ntpd listening on multiple interfaces:
[2.1.2-RELEASE][root@example.org]/root(3): ntpq -c peers 127.0.0.1 remote refid st t when poll reach delay offset jitter ============================================================================== stanjel.p-ng.si .INIT. 16 u - 512 0 0.000 0.000 0.000 citadel.alpha-f .INIT. 16 u - 512 0 0.000 0.000 0.000 goodtime.ijs.si .INIT. 16 u - 512 0 0.000 0.000 0.000
As soon as I switch to listening on one interface only I get:
[2.1.2-RELEASE][root@example.org]/root(4): ntpq -c peers 127.0.0.1 remote refid st t when poll reach delay offset jitter ============================================================================== stanjel.p-ng.si 194.249.234.70 2 u 1 64 1 8.850 2.271 0.004 pehta.net 46.54.224.12 2 u 1 64 1 1.279 -12.363 0.220 *84.52.184.247 193.2.1.117 2 u 1 64 1 6.124 2.753 0.257
Updated by Kill Bill over 9 years ago
2.1.2 is something you should not use, let alone report bugs about it.
Updated by Ivo B over 9 years ago
I use it because it has stable IPSEC. Racoon.
When my issues with strongswan disappear I'll switch.
Updated by Kill Bill over 9 years ago
Let me re-iterate the message: noone's fixing anything in 2.1.x.
Updated by Jesper Grann Laursen about 9 years ago
I have the same problem on one of my pfsense boxes today (virtual machine)
2.2.4-RELEASE (amd64) built on Sat Jul 25 19:57:37 CDT 2015 FreeBSD 10.1-RELEASE-p15
Updated by Eduard Rozenberg about 9 years ago
Same issue here with 2.2.5 in 2 firewall CARP scenario.
Both firewalls set to listen to 2 interfaces: LAN and LAN CARP.
Only Firewall 2 has a problem:
Firewall 1: Sync Source 198.60.22.240 (stratum 1, .GPS.)
Firewall 2: Sync Source No active peers available
Same problem at our two sites which have a 2 firewall CARP setup.