OPNsense Forum

Hello,
NTP is not working, status unreach/pending. The log states

unable to bind to wildcard address :: - another process may be running - EXITING


Any idea to solve the problem?
Thx!!!!

issues with IPv6?

take a look at your routing and make sure you are able to ping the NTP servers.

Ping is possible. Only v4. I currently have a problem with v6. I request a 61 prefix and assign ID0 ID1 etc, but for whatever reason various interfaces get assigned the same v6 subnet?

Could that be the problem?

How to solve?

61 is no valid. 64 or 56 should be seleted.

The 61 prefix is pre programmed by my internet provider and until some time ago everything worked fine. Was there any change regarding that on Opnsense?

it's not opnsense.

Hello, the ipv6 issue is solved. IPv6 works flawlessly now. BUT: NTP does not work yet. The protocol says:
2023-08-28T17:36:58 Notice ntpd Command line: /usr/local/sbin/ntpd -q -g -c /var/etc/ntpd.conf
2023-08-28T17:36:58 Notice ntpd ntpd 4.2.8p17@1.4004-o Tue Aug 8 02:15:10 UTC 2023 (1): Starting
2023-08-28T17:36:58 Error ntpd unable to bind to wildcard address :: - another process may be running - EXITING
2023-08-28T17:36:58 Informational ntpd initial drift restored to 0.000000
2023-08-28T17:36:58 Informational ntpd gps base set to 2023-07-30 (week 2273)
2023-08-28T17:36:58 Informational ntpd basedate set to 2023-07-27
2023-08-28T17:36:58 Informational ntpd proto: precision = 0.104 usec (-23)

My settings:

[x]  Quit NTP server immediately after time synchronisation
Interfaces: ALL
Orphan Mode 12
Maxclock 10
[x] Enable Kiss-o'-death packets
[x] Enable Rate limiting
[ ] Deny state modifications (i.e. run time configuration) by ntpq and ntpdc
[ ] Disable ntpq and ntpdc queries
[x] Disable all except ntpq and ntpdc queries
[x] Deny packets that attempt a peer association
[x] Deny mode 6 control message trap service

try using Chrony package and see if you see the same issue.

Chrony works without problems. So? Use Chrony instead??!

Sure. I do!

Can I disable the NTP tool?

Nevertheless it would be interesting to know why it does not work on my machine.

If you remove all the pools, it will stop ntp service.

Works, thank you!

[x] Deny packets that attempt a peer association

If you use a "pool" directive and "nopeer" at the same time ntpd cannot work.

Makes no difference.

Unreach/Pending 1.de.pool.ntp.org .POOL.         16 p - 64 0 0.000 +0.000 0.000
Unreach/Pending 192.168.1.1         213.239.234.28 3 u 48m 512 0 1.293 +0.043 0.000


Update: under access restrictions is deselected "Disable all except ntpq and ntpdc queries". Now the result is still unreach/pending for the pool, but it seems to work for "content" of the pool, even though I have no idea what ".PZFs." means (and I don't have GPS).

Unreach/Pending 0.de.pool.ntp.org               .POOL. 16 p - 64 0 0.000 +0.000 0.000
Unreach/Pending 1.de.pool.ntp.org               .POOL. 16 p - 64 0 0.000 +0.000 0.000
Candidate 213.209.109.45                 10.129.9.96 2 u 28 64 377 18.335 -0.258 3.273
Active Peer 131.188.3.223                  .PZFs. 1 u 29 64 377 17.491 +0.860 2.054
Candidate 49.12.125.53               131.188.3.222 2 u 27 64 377 18.710 +1.093 2.421
Candidate 85.214.127.75               208.90.67.116 3 u 26 64 377 24.587 +0.649 3.101
Candidate 193.203.3.170                             .GPS. 1 u 33 64 377 25.712 -1.734 3.365
Candidate 85.215.93.134               192.53.103.108 2 u 22 64 377 25.651 -0.275 0.987
Candidate 91.107.199.28               36.224.68.195 2 u 32 64 377 19.211 +0.997 1.131
Candidate 81.169.199.94               161.143.24.141 2 u 22 64 377 25.849 +2.366 2.736

All very strange.

IIRC, the third column is telling you where that particular time server is getting it's time from.  Not familiar with PZFs though.