ntpd fails to synchronize on FreeBSD 6.3-STABLE
Pongthep Kulkrisada
ptkrisada at gmail.com
Fri Feb 29 18:44:51 UTC 2008
Firstly, thank all of you for supporting me!
But please note that I shall install FreeBSD 7.0-RELEASE this weekend.
So I can no longer give you more information regarding 6.3-STABLE.
Secondly I'm sorry for confusing you (NAT: I mean the machine ``behind NAT.'')
> > 1. FreeBSD 5.4-RELEASE(dial up) - can sync all servers
> > 2. FreeBSD 6.2-RELEASE(dial up) - can sync all servers
> > 3. FreeBSD 6.2-RELEASE(behind NAT) - can sync IPv6 servers
> > 4. FreeBSD 6.3-STABLE (behind NAT) - not sync at all
The followings are my answers to all your questions.
Answers to Jeremy Chadwick...
> Okay, so this really sounds like something that changed between 6.2 and
> 6.3. I don't know what kind of NAT you're using; I believe FreeBSD
> offers a couple different methods.
> More information is required...
> 1) What NAT method are you using (ipfw, ipnat, etc.)
As said earlier I'm not running FreeBSD 6.3 as a router or gateway.
My NAT is very simple. It is stationed at home. A ``Conexant'' router and 2 computers running Windows XP and FreeBSD 6.3-STABLE. Connection is made with CAT5e cables.
> 2) What does your network topology look like (draw a diagram, referring
> to each NIC/ethernet device, IPs, and so on)
I'm sorry, I'm not familiar with any kinds of GUI.
ISP
|
| dynamic IP
Conexant router (firewall diabled)
| 192.168.1.1
/ \
/ \
/ \
static IP 192.168.1.10/ \ static IP 192.168.1.11
FreeBSD-6.3 Windows XP
running gw6 client for IPv6
running ipfw
> 3) Please post your NAT rules
No NAT rules as per my configuration above. Or I misunderstood something!
> 4) Have you checked /usr/src/UPDATING for relevant changes?
Yes of course as said in my previous post.
But nothing is relevant to ntpd from 6.2 to 6.3.
> Then I'm not sure why you're using NAT on the box at all?
I'm not using NAT on the box. I mean machine behind NAT, sorry.
Answers to Peter Jeremy
> If you are expecting to connect via IPv6 then the first issue you need
> to address is why your ntpd is failing to generate any IPv6 packets.
> Have you changed your rc.conf, ntpd.conf, hosts, nsswitch.conf or
> resolv.conf since you upgraded?
Since last mergemaster I only added ntpdate_enable and ntpdate_flags to /etc.rc.conf and removing driftfile from /etc/ntp.conf following suggestion from Jeremy Chadwick. Nothing else.
% grep ntpdate /etc/rc.conf
ntpdate_enable="YES"
ntpdate_flags="-b time.navy.mi.th asia.pool.ntp.org ntp.nict.jp"
> Do you have IP addresses or hostnames in your ntp.conf?
% cat /etc/ntp.conf
server time.navy.mi.th prefer
server asia.pool.ntp.org
server ntp.nict.jp
> If you have hostnames, can you do an AAAA lookup on them and get back
> the correct addresses?
I don't know which option for nslookup to resolve AAAA record.
I tried it, only IPv4 address is presented.
So I use ping6 instead.
Note that only the last one, ntp.nict.jp, has AAAA record.
% ping6 -c 5 ntp.nict.jp
PING6(56=40+8+8 bytes) 2001:5c0:8fff:fffe::42ad --> 2001:2f8:29:100::fff3
16 bytes from 2001:2f8:29:100::fff3, icmp_seq=0 hlim=30 time=552.329 ms
16 bytes from 2001:2f8:29:100::fff3, icmp_seq=1 hlim=31 time=549.556 ms
16 bytes from 2001:2f8:29:100::fff3, icmp_seq=2 hlim=31 time=593.890 ms
16 bytes from 2001:2f8:29:100::fff3, icmp_seq=3 hlim=30 time=616.043 ms
16 bytes from 2001:2f8:29:100::fff3, icmp_seq=4 hlim=31 time=610.353 ms
--- ntp.nict.jp ping6 statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 549.556/584.434/616.043/28.311 ms
> If you built your own world, are you sure a NOINET6 hasn't snuck in
> somewhere?
I'm not quite sure, I just simply follow the procedure in handbook as per my previous post. But I CAN ping6 any IPv6 hosts. Therefore I don't think so.
Answers to Clifton Royston
> What the first 3 items in your list suggest, totally independent of
> any questions involving 6.3 vs. 6.2, is that you don't have a NAT/LAN
> configuration which works correctly with NTP on IPv4.
Yes you are right.
> Do any other UDP services work with NAT on IPv4, under either 6.2,
> 6.3, or 5.4?
Yes I ran many UDP clients/servers.
Mostly I coded C on my own.
All work without any problems.
> If you want to confirm this is the problem, try running 6.3-STABLE on
> the same dialup connection that worked for 5.4 and 6.2. My prediction
> is that NTP will work via your dialup connection.
Yes ntp works with both IPv4 and IPv6 on dial up.
root at bsdhost:~# ntpdc -c peers
remote local st poll reach delay offset disp
=======================================================================
*122.154.11.67 118.174.95.234 1 128 7 0.17996 -14.62198 1.93799
=www.hypercore.c 118.174.95.234 3 128 7 0.31084 -14.61814 1.93852
=ntp-b2.nict.go. :: 1 128 7 0.37003 -14.67507 1.93871
> If that is case, your problem is that your NAT implementation is
> broken or incomplete, or your NAT configuration also incorporates a
> firewall blocking NTP. (Note also that if you connect through dial-up,
> naturally you're not going through any firewall present on the LAN, so
> a firewall could well be the problem.)
Probably, but there is still divergence between 6.2-RELEASE and 6.3-STABLE.
Thanks,
Pongthep
More information about the freebsd-stable
mailing list