Errors with ntp configuration

Started by Minskaya2, March 10, 2024, 07:44:42 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 10, 2024, 07:44:42 PM
Hello,

I have installed a few time ago my opnsense routerand i have just noticed that the ntp synchronisation is always in error.
In the Network Time / Status all 3 servers stay in 'Unreach/Pending' status.
When i made a try with ntpdate on the router i always get a permission error :
Code Select

ntpdate -q 0.fr.pool.ntp.org
9 Mar 23:21:30 ntpdate[94426]: sendto(ntp.tuxfamily.net): Permission denied
9 Mar 23:21:30 ntpdate[94426]: sendto(eva.aplu.fr): Permission denied
9 Mar 23:21:31 ntpdate[94426]: sendto(vps-f60b2d25.vps.ovh.net): Permission denied
9 Mar 23:21:31 ntpdate[94426]: sendto(ns3051461.ip-51-255-95.eu): Permission denied
9 Mar 23:21:33 ntpdate[94426]: no server suitable for synchronization found


I have made some researches with G but none of them have produced results.
What i am almost sure that it is not an issue with firewall rules because i can see the requests allowed in the logs.
Neither with the dns : the names are correctly resolved.

Has anyone an idea ?

Thanks in advance
Mins
March 10, 2024, 07:56:11 PM #1
ntpd will use source and destination ports both 123/UDP. ntpdate -q will use a high port (>1023) as the source IIRC.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 10, 2024, 08:23:11 PM #2 Last Edit: March 10, 2024, 08:25:15 PM by Minskaya2
Hi patrick

Thanks for this information : it explains why my manual try have failed but i have no clues about the results in the Network Time Status windows :
Code Select

Status                 Server             Ref ID Stratum Type When Poll Reach Delay Offset Jitter
Unreach/Pending  fr.pool.ntp.org     .POOL. 16 p - 64 0 0.000 +0.000 0.000
Unreach/Pending  0.fr.pool.ntp.org  .POOL. 16 p - 64 0 0.000 +0.000 0.000
Unreach/Pending  1.fr.pool.ntp.org  .POOL. 16 p - 64 0 0.000 +0.000 0.000


The logs stays on 'Soliciting...'
Code Select

Date Severity Process Line
2024-03-10T20:23:47 Informational ntpd Soliciting pool server 51.195.104.188
2024-03-10T20:23:42 Informational ntpd Soliciting pool server 185.123.84.51
2024-03-10T20:23:37 Informational ntpd Soliciting pool server 51.210.104.72
2024-03-10T20:22:43 Informational ntpd Soliciting pool server 82.64.42.185
March 30, 2024, 05:37:10 PM #3
Ping
March 30, 2024, 06:32:56 PM #4
I can not tell why the statuses are what they are but if you put the defaults back and say only one preferred like an opsnese one, there will eventually be a peer. I'm in the UK, so you might need to check your locale (assuming France). These are mine:
After a few minutes when I go back to status, it shows a peer.
April 05, 2024, 11:49:34 PM #5
Hi,
Thanks for your help.
I have edited my configuration to accordingly yours. I have transposed the server name to use fr ones.

Can you please post a screen of your ntp status screen ?
Thanks

Mins
April 06, 2024, 12:20:56 AM #6
sure, as of now:

April 06, 2024, 09:56:28 PM #7
Thanks for the screen, it has helped.

All the servers from the pool ntp.org are 'unreach/pending' as for me.
But for me, there is no other server in the status list.
I think i have to check my firewall rules to verify if ntp queries are allowed

Have a good day
Mins
Print
Go Up Pages1
User actions