Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
ntp doesn't work over IPv6
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
pa4wdh
Guru
Guru


Joined: 16 Dec 2005
Posts: 300

PostPosted: Thu Dec 20, 2012 11:23 am    Post subject: ntp doesn't work over IPv6 Reply with quote

Hi All,

My ntp server doesn't respond to IPv6, but i can't see what's wrong. Hopefully someone over here is able to help.

When i try ntpdate -d:
Code:

20 Dec 12:15:18 ntpdate[3184]: ntpdate 4.2.6p5@1.2349-o Sun Jun  3 14:33:17 UTC 2012 (1)
transmit(xxxx:xxx:xxxx::xx)
transmit(xxxx:xxx:xxxx::xx)
transmit(xxxx:xxx:xxxx::xx)
transmit(xxxx:xxx:xxxx::xx)
transmit(xxxx:xxx:xxxx::xx)
xxxx:xxx:xxxx::xx: Server dropped: no data
server xxxx:xxx:xxxx::xx, port 123
stratum 0, precision 0, leap 00, trust 000
refid [xxxx:xxx:xxxx::xx], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  7:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  7:28:16.000
transmit timestamp:  d47d71cc.c7c83972  Thu, Dec 20 2012 12:15:24.780
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

20 Dec 12:15:26 ntpdate[3184]: no server suitable for synchronization found

I replaced the IPv6 addresses with x's because they're public addresses :)

I'm quite sure this isn't a firewall issue, i flushed ip6tables, accepted anything, but the rules don't even match.
A tcpdump confirms the packet is received but nothing is send back.

On the server side, netstat shows it's listening:
Code:

pc10 ~ # netstat -apn | grep ntp
udp        0      0 192.168.96.9:123        0.0.0.0:*                           3376/ntpd           
udp        0      0 192.168.96.1:123        0.0.0.0:*                           3376/ntpd           
udp        0      0 xx.xx.xxx.xx:123        0.0.0.0:*                           3376/ntpd           
udp        0      0 192.168.21.59:123       0.0.0.0:*                           3376/ntpd           
udp        0      0 10.0.0.59:123           0.0.0.0:*                           3376/ntpd           
udp        0      0 127.0.0.1:123           0.0.0.0:*                           3376/ntpd           
udp        0      0 0.0.0.0:123             0.0.0.0:*                           3376/ntpd           
udp6       0      0 :::123                  :::*                                3376/ntpd           
unix  3      [ ]         STREAM     CONNECTED     5543     3376/ntpd           
pc10 ~ #

On the client side i can also see ntpdate listening for the returning packet with netstat.

Any other communication (dns, http, ssh) runs okay between the same hosts.

Any ideas on how to troubleshoot this ?
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse world

Free as in Freedom is not limited to software only:
Music: http://www.jamendo.com
Recipes: http://www.opensourcefood.com


Last edited by pa4wdh on Fri Dec 21, 2012 1:42 pm; edited 1 time in total
Back to top
View user's profile Send private message
gentoo_ram
Guru
Guru


Joined: 25 Oct 2007
Posts: 410
Location: San Diego, California USA

PostPosted: Fri Dec 21, 2012 12:48 am    Post subject: Reply with quote

Maybe ntp is set so that it drops everything on IPv6. Look at your 'restrict' commands in your ntp.conf. If you don't know what they mean, post them here.
Back to top
View user's profile Send private message
pa4wdh
Guru
Guru


Joined: 16 Dec 2005
Posts: 300

PostPosted: Fri Dec 21, 2012 1:45 pm    Post subject: Reply with quote

I'm using the default ntp.conf. There are a lot of comments in the file but the only active restrict rules are:
Code:

# To deny other machines from changing the
# configuration but allow localhost:
restrict default nomodify nopeer
restrict 127.0.0.1

Just to be sure i removed them but that didn't help.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse world

Free as in Freedom is not limited to software only:
Music: http://www.jamendo.com
Recipes: http://www.opensourcefood.com
Back to top
View user's profile Send private message
pa4wdh
Guru
Guru


Joined: 16 Dec 2005
Posts: 300

PostPosted: Fri Dec 21, 2012 2:22 pm    Post subject: Reply with quote

Ok, i think i fixed it ! ... or actually, worked around it :)

I was searching the net and checking my logs and found this: http://fixunix.com/ntp/250044-ntpd-deletes-ipv6-interface-after-startup.html
In my /var/log/messages i found this:
Code:


Dec 21 15:10:00 pc10 ntpd[3373]: ntpd 4.2.6p5@1.2349 Mon Dec 17 16:08:39 UTC 2012 (1)
Dec 21 15:10:00 pc10 ntpd[3374]: proto: precision = 1.892 usec
Dec 21 15:10:00 pc10 ntpd[3374]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen and drop on 1 v6wildcard :: UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 2 lo 127.0.0.1 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 3 eth0 10.0.0.59 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 4 eth1 192.168.21.59 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 8 eth0 fe80::200:24ff:feca:93c4 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 9 sit0 ::192.168.21.59 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 10 sit0 ::127.0.0.1 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 11 sit0 ::10.0.0.59 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 12 eth1 fe80::200:24ff:feca:93c5 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: Listen normally on 15 lo ::1 UDP 123
Dec 21 15:10:00 pc10 ntpd[3374]: peers refreshed
Dec 21 15:10:00 pc10 ntpd[3374]: Listening on routing socket on fd #32 for interface updates
Dec 21 15:10:03 pc10 ntpd[3374]: Listen normally on 16 tun0 192.168.96.1 UDP 123
Dec 21 15:10:03 pc10 ntpd[3374]: Listen normally on 17 tun1 192.168.96.9 UDP 123
Dec 21 15:10:03 pc10 ntpd[3374]: Deleting interface #15 lo, ::1#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Dec 21 15:10:03 pc10 ntpd[3374]: Deleting interface #12 eth1, fe80::200:24ff:feca:93c5#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Dec 21 15:10:03 pc10 ntpd[3374]: Deleting interface #11 sit0, ::10.0.0.59#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Dec 21 15:10:03 pc10 ntpd[3374]: Deleting interface #10 sit0, ::127.0.0.1#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Dec 21 15:10:03 pc10 ntpd[3374]: Deleting interface #9 sit0, ::192.168.21.59#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Dec 21 15:10:03 pc10 ntpd[3374]: Deleting interface #8 eth0, fe80::200:24ff:feca:93c4#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Dec 21 15:10:03 pc10 ntpd[3374]: peers refreshed

Some lines are deleted again due to addresses.

The workaround as described works and now the time sync works over IPv6 :D
I guess this has to be fixed in ntpd itself because the behavior seems odd to me.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse world

Free as in Freedom is not limited to software only:
Music: http://www.jamendo.com
Recipes: http://www.opensourcefood.com
Back to top
View user's profile Send private message
pa4wdh
Guru
Guru


Joined: 16 Dec 2005
Posts: 300

PostPosted: Fri Dec 21, 2012 2:34 pm    Post subject: Reply with quote

I found a better solution, a real solution :)
It seems chroot usage causes this behavior if /proc is not available within the chroot environment. I modified /etc/conf.d/ntpd and /etc/init.d/ntpd to do this automatically:

/etc/conf.d/ntpd (the NTPD_CHROOT is new)
Code:

# /etc/conf.d/ntpd

NTPD_CHROOT="/opt/chroot/ntp"

# Options to pass to the ntpd process
# Most people should leave this line alone ...
# however, if you know what you're doing, feel free to tweak
NTPD_OPTS="-u ntp:ntp -i $NTPD_CHROOT"


And /etc/init.d/ntpd actually does the "magic":
Code:

#!/sbin/runscript
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/ntp/files/ntpd.rc,v 1.24 2010/07/18 21:53:24 vapier Exp $

depend() {
   use net dns logger
   after ntp-client
}

checkconfig() {
   if [ ! -f /etc/ntp.conf ] ; then
      eerror "Please create /etc/ntp.conf"
      eerror "Sample conf: /usr/share/ntp/ntp.conf"
      return 1
   fi
   return 0
}

start() {
   checkconfig || return $?

   ebegin "Bind-mounting /proc to $NTPD_CHROOT/proc"
   mount --bind /proc $NTPD_CHROOT/proc
   eend $? "Failed to mount /proc"

   ebegin "Starting ntpd"
   start-stop-daemon --start --exec /usr/sbin/ntpd \
       --pidfile /var/run/ntpd.pid \
       -- -p /var/run/ntpd.pid ${NTPD_OPTS}
   eend $? "Failed to start ntpd"
}

stop() {
   ebegin "Stopping ntpd"
   start-stop-daemon --stop \
      --pidfile /var/run/ntpd.pid \
      --exec /usr/sbin/ntpd
   eend $? "Failed to stop ntpd"

   ebegin "Unmounting $NTPD_CHROOT/proc"
   umount $NTPD_CHROOT/proc
   eend $? "Failed to unmount $NTPD_CHROOT/proc"
}

Should i file a bug to get a similar change into the official script ?
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse world

Free as in Freedom is not limited to software only:
Music: http://www.jamendo.com
Recipes: http://www.opensourcefood.com
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum