NTP Peer Availability

stephenw10

Does it still show the full list of peers in the main NTP status page? Just non active?

Are they marked as invalid because the time difference is too large?

Sounds like a virtualisation issue somewhere.

Steve

provels

@stephenw10
Just shows this:

Bouncing NTP populates the list:

Sometimes when I login to the Dashboard, it's fine, other times broken. Not consistent, but yes, may well be a VM thing.

bartkowski

I noticed the same thing on my 2440. As I write this, I see "No active peers available". I'm using pool.ntp.org

provels

Maybe it something that happens on reboot. NTP unable to resolve the pool, then never checks back? NTP starting before DNS? Just spitballing.

EDIT - OK, so I restarted the FW @ 10:10 AM.

Resolver starts.
NTPD starts.
PFB starts.

PFB finishes last.

NTP shows no peers.

Maybe DNS N/A until PFB completes? ¯\(ツ)/¯

Will monitor and see if the peers list populates w/o bouncing the NTP service.

provels

OK, after 70 minutes after reboot, still no peers listed.

@bartkowski it would be interesting if you could try duplicating this behavior on a physical box.

stephenw10

NTP will only sync when it has sufficient data to do so. That number of servers agreeing and showing sufficient reach. It takes time to build up the reach value, it won't sync to those at 0 or 3.
They should all be showing 377 eventually if they are good time sources.

Steve

provels

@stephenw10
Any idea what kind of time interval this could require?

PS - See my previous post on reboot behavior.

bartkowski

@provels I'm using Netgate SG-2440

provels

@bartkowski
That's what I mean. Mine runs virtual, yours physical. That could help determine if it's something triggered somehow by only the virtual environment.

provels

OK, after 2 hours 20 minutes, still no NTP pool servers listed "No Active Peers".
Restarted NTP, widget status "Updating...".
A few minutes later, "No Active Peers"... ¯\(ツ)/¯

stephenw10

Hmm, two different issues here. If the list never populates from the pool I would be looking for a DNS issue or something else that might stop it pulling the list.

If it populates but no ntp servers ever show as active that's something else.

Steve

provels

@stephenw10
Checked back after 10 minutes, now NTP Status was populated, widget shows a sync source. Just something to monitor after reboots I guess.

stephenw10

Yeah, 5-10mins is not unusual for the reach value to get to what ntp will accept.
http://www.ntp.org/ntpfaq/NTP-s-trouble.htm#Q-MON-REACH

Steve

provels

@stephenw10
Thanks for the link. Yeah, but i think there may be a DNS problem, since nothing showed for over 2 hours after boot. Will pursue.