NTP broken after upgrade

Started by gungner, August 03, 2017, 09:04:26 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 03, 2017, 09:04:26 AM
Hi, After upgrading to 17.7 the NTP service is broken, please see attachment. It report that another process using the port but I can't find which. Also UnboundDNS is a bit shaky, it restarts from time to time. NTP say's Network is unreachable although the network is fully accessible. Firewall reports pass on all port 123, and it worked flawless in 17.1.

Any ideas what to try, I've tried all what comes to my mind.

cheers, tord
August 03, 2017, 09:20:38 AM #1
Looks like side effects from a different kind of issue: traffic from the firewall itself has trouble connecting to the Internet. I'm not aware of particular Unbound or NTP changes.

Are you using floating rules? Does the firewall log show abnormally dropped packets?


Cheers,
Franco
August 03, 2017, 03:34:14 PM #2
no floating rules, or any dropped packages. It even looks like my WAN address goes out on port 123
August 03, 2017, 05:43:40 PM #3
Not sure if it's related, but I've started getting this after the 17.7 upgrade in my ntp logs:
ntpd[79677]: mlockall(): Cannot allocate memory
AMD Ryzen 3 1200
GA-A320M-S2H
8GB DDR4
Intel X550-T2 10GB
32GB Industrial SSD

Shuttle SZ270R8
Intel i5-6500
8gb ram
120gb ssd
Intel x540-t2 10gb nic
August 04, 2017, 07:01:52 AM #4 Last Edit: August 04, 2017, 07:48:58 AM by gungner
after endless testing/rebooting and when I was just about to rebuild is started to work even with "ntpd[35280]: mlockall(): Cannot allocate memory". Sorry I can't report what I did since I tried out so many things, now I just keep my fingers crossed.

Update. now I found it. By enabling IPS again it started to fail with the same pattern, NTP stops and Unbound started to get unstable. By disable IPS again, rebooting and all works again. What's wrong with the settings for IPS I don't know
August 10, 2017, 09:52:12 AM #5
In my effort to get IPS working again I've only downloaded only the default rules and disabled them. When Starting. Still, when starting NTP stops and DNS gets instable. I hope for 17.7.1
August 15, 2017, 11:12:07 AM #6
Can you try this patch[1] and reboot?

# opnsense-patch 0b38eff5


Cheers,
Franco

[1] https://github.com/opnsense/core/commit/0b38eff5
August 17, 2017, 05:04:38 PM #7
I've now applied the patch and tried it again just by Enable & IPS mode, all without any rules enabled (just as the last time I tried). Unfortunate with the same outcome, NTP can't access network and DNS gets unstable. SO from my point of the same problem  :-\
Print
Go Up Pages1
User actions