Messages

Indeed that's exactly my setup :

Internet -> WAN - OPN - LAN-> switch -> AP -> wifi clients
                              |                  |
                              |                  ---------------> wired clients
                              - OPT1-> Synology

Thanks for the screen, it has helped.

All the servers from the pool ntp.org are 'unreach/pending' as for me.
But for me, there is no other server in the status list.
I think i have to check my firewall rules to verify if ntp queries are allowed

Have a good day
Mins

I have increased the loglevel and i am trying to forward them to another host with some sort of kibana to analyse them more easily

Work still in progress ...
Mins

Could the DNS silently drop the queries ?
I observe the clients waiting a long time before displaying an error as if they were waiting the name resolution without never getting it.
In case there is an active functionality dropping the queries (i think a kind of adblock), Would this cause this kind of issue ?

Mins

Hi,
Thanks for your help.
I have edited my configuration to accordingly yours. I have transposed the server name to use fr ones.

Can you please post a screen of your ntp status screen ?
Thanks

Mins

Hi,

I'm aware my problem is not easy to investigate.
That's why my last question is what i can activate as logs in my opnsense box to see where the trouble begins because currently i see no request failed neither in dns or firewall logs.

My setup is this one :
- my opnsense box is a little vault protectli like this one : https://eu.protectli.com/vault-4-port/ My mistake was to think opnsense is an all in box system and the dns was provided.
- the Dns is UnboundDns running on the vault
- the vault is linked to an access point netgear WAX 214 like this one https://www.netgear.com/business/wifi/access-points/wax214/
- i don't us any vlan

What i noticed is the problem seems to affect all the android devices using wifi.
For example when i connect a smartphone to my pc to diagnose the problem using adb, i used to share the pc network connection to the device and the problem suddenly vanished.

All the devices acquire an ip v4 and ip v6 from the dhcp running on the vault but I haven't been able to determine if the issue is related to ipv6 or not but ping -4 and ping -6 to google are ok.


I know this is a difficult question so i thank you very much for any help you can provide.

Mins

Ping

Ping

No one has an idea of what i can do to log more accurately what's happen between a specific device and my router while i make some tests to diagnose my problem ?

Mins

Hi patrick

Thanks for this information : it explains why my manual try have failed but i have no clues about the results in the Network Time Status windows :

Code Select Expand


Status                 Server             Ref ID Stratum Type When Poll Reach Delay Offset Jitter
Unreach/Pending  fr.pool.ntp.org     .POOL. 16 p - 64 0 0.000 +0.000 0.000
Unreach/Pending  0.fr.pool.ntp.org  .POOL. 16 p - 64 0 0.000 +0.000 0.000
Unreach/Pending  1.fr.pool.ntp.org  .POOL. 16 p - 64 0 0.000 +0.000 0.000


The logs stays on 'Soliciting...'

Code Select Expand


Date Severity Process Line
2024-03-10T20:23:47 Informational ntpd Soliciting pool server 51.195.104.188
2024-03-10T20:23:42 Informational ntpd Soliciting pool server 185.123.84.51
2024-03-10T20:23:37 Informational ntpd Soliciting pool server 51.210.104.72
2024-03-10T20:22:43 Informational ntpd Soliciting pool server 82.64.42.185


Hello every one,

I have installed my opnsense box a few time ago and since the beginning i have an issue with the android devices on my network.
They are all connected to wifi by an access point connected by ethernet on my network.
If we use them to browse with http/https sites, all is fine . Youtube App is also working.
But a lot other apps are not working. It seems theses apps are having some time out : bank app, Deezer app, Microsoft authenticator, ...
As soon i deconnect the device from wifi they are working properly.
All the phones and tablet are concerned.

What confuses me it's the lack of logs to make a diagnostic: i don't see in the firewall logs any blocked queries for these devices when i made some test, neither in the dns logs.

Anybody could give me some advice to investigate my problem as i am searching from several months without any success.
I have already checked my firewal rules, dns configuration, ipV6 configuration.
I have made a lot of tries, all have failed. Thanks to the backup configuration functionality.

I thank in advance everyone who agrees to help me because I have exhausted all my ideas.

Mins

Hello,

I have installed a few time ago my opnsense routerand i have just noticed that the ntp synchronisation is always in error.
In the Network Time / Status all 3 servers stay in 'Unreach/Pending' status.
When i made a try with ntpdate on the router i always get a permission error :

Code Select Expand


ntpdate -q 0.fr.pool.ntp.org
9 Mar 23:21:30 ntpdate[94426]: sendto(ntp.tuxfamily.net): Permission denied
9 Mar 23:21:30 ntpdate[94426]: sendto(eva.aplu.fr): Permission denied
9 Mar 23:21:31 ntpdate[94426]: sendto(vps-f60b2d25.vps.ovh.net): Permission denied
9 Mar 23:21:31 ntpdate[94426]: sendto(ns3051461.ip-51-255-95.eu): Permission denied
9 Mar 23:21:33 ntpdate[94426]: no server suitable for synchronization found


I have made some researches with G but none of them have produced results.
What i am almost sure that it is not an issue with firewall rules because i can see the requests allowed in the logs.
Neither with the dns : the names are correctly resolved.

Has anyone an idea ?

Thanks in advance
Mins