OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: gungner on August 03, 2017, 09:04:26 am

Title: NTP broken after upgrade
Post by: gungner on August 03, 2017, 09:04:26 am

Hi, After upgrading to 17.7 the NTP service is broken, please see attachment. It report that another process using the port but I can't find which. Also UnboundDNS is a bit shaky, it restarts from time to time. NTP say's Network is unreachable although the network is fully accessible. Firewall reports pass on all port 123, and it worked flawless in 17.1.

Any ideas what to try, I've tried all what comes to my mind.

cheers, tord

Title: Re: NTP broken after upgrade
Post by: franco on August 03, 2017, 09:20:38 am

Looks like side effects from a different kind of issue: traffic from the firewall itself has trouble connecting to the Internet. I'm not aware of particular Unbound or NTP changes.

Are you using floating rules? Does the firewall log show abnormally dropped packets?


Cheers,
Franco

Title: Re: NTP broken after upgrade
Post by: gungner on August 03, 2017, 03:34:14 pm

no floating rules, or any dropped packages. It even looks like my WAN address goes out on port 123

Title: Re: NTP broken after upgrade
Post by: va176thunderbolt on August 03, 2017, 05:43:40 pm

Not sure if it's related, but I've started getting this after the 17.7 upgrade in my ntp logs:
ntpd[79677]: mlockall(): Cannot allocate memory

Title: Re: NTP broken after upgrade
Post by: gungner on August 04, 2017, 07:01:52 am

after endless testing/rebooting and when I was just about to rebuild is started to work even with "ntpd[35280]: mlockall(): Cannot allocate memory". Sorry I can't report what I did since I tried out so many things, now I just keep my fingers crossed.

Update. now I found it. By enabling IPS again it started to fail with the same pattern, NTP stops and Unbound started to get unstable. By disable IPS again, rebooting and all works again. What's wrong with the settings for IPS I don't know

Title: Re: NTP broken after upgrade
Post by: gungner on August 10, 2017, 09:52:12 am

In my effort to get IPS working again I've only downloaded only the default rules and disabled them. When Starting. Still, when starting NTP stops and DNS gets instable. I hope for 17.7.1

Title: Re: NTP broken after upgrade
Post by: franco on August 15, 2017, 11:12:07 am

Can you try this patch[1] and reboot?

# opnsense-patch 0b38eff5


Cheers,
Franco

[1] https://github.com/opnsense/core/commit/0b38eff5

Title: Re: NTP broken after upgrade
Post by: gungner on August 17, 2017, 05:04:38 pm

I've now applied the patch and tried it again just by Enable & IPS mode, all without any rules enabled (just as the last time I tried). Unfortunate with the same outcome, NTP can't access network and DNS gets unstable. SO from my point of the same problem  :-\