ntpd on SG-1100 failing to bind on IPv6 LAN interface

stephenw10

Will it start on LAN if you disable it on OPT for example?

I assume you LAN has an IPv6 address using the same prefix that VLANs 20 and 30 are using?

Steve

defunct78

@stephenw10 That is a good question. Just tested. Selecting only LAN, the service comes up, below shows the sockstat output. Though I am still getting the error, where it is trying to bind to the public IPv6 address.

root     ntpd       20886 20 udp6   ::1:123               *:*
root     ntpd       20886 22 udp6   fe80::f2ad:4eff:fe0e:78ca%mvneta0.4091:123 *:*

And yes, the LAN and OPT interfaces all have valid and tested IPv6 address through he.net. I have an /48 allocated to me, and have applied a /64 to each of these interfaces. The "xxxx:xxx:xxxx:" in the output is just me blanking out the public address

stephenw10

Mmm, this feels like it's trying to add the same thing for each interface. Possibly because the MAC address is the same on all VLANs.
Does it only start on LAN if that's the only interface selected?

defunct78

@stephenw10 That is what I tried above, just LAN, and I was still getting the error in the log.

Using NMAP, i was able to test to verify that it is responding.

$ sudo nmap -6 -sU -p 123 --script ntp-info xxxx:xxx:xxxx::
Starting Nmap 7.80 ( https://nmap.org ) at 2023-02-23 17:27 UTC
Nmap scan report for hostname (xxxx:xxx:xxxx::)
Host is up (0.15s latency).

PORT    STATE  SERVICE
123/udp closed ntp

I can add the output, but I did bring up NTP on the OPT interfaces, and NMAP was able to verify a valid response.

defunct78

Going to add, that IPv4 always works, whether I have only LAN selected or all the OPT interfaces selected. IPv4 always responds.

stephenw10

Sorry I mean does LAN fail if you try to add any other interface? Not just OPT for example?

defunct78

@stephenw10 At this point, I have had most combinations selected. What I found is if the LAN is selected, the error is seen, and the result of not listening to the IPv6 is the result.

If the LAN is just selected, I see the error.
If the LAN is selected with other OPT interfaces, I see the error.
If others are selected, and no LAN selected, i do not see the error.

stephenw10

Ah, what about if none are selected, which implies 'all interfaces'? That's the default setting.

defunct78

@stephenw10 Had not tired that...

Just tried, unselected everything and I am still seeing the error.

Now I will report that I may have had a mistake in my networking of the LAN interface. Though traffic was flowing, I made a change to my network interface IP and now it is listening. The NTP error message may have been a symptom of the real problem

Basically changed the LAN interface from xxxx:xxx:xxxx:: to xxxx:xxx:xxxx:50::, which I believe fits into the network properly allowing NTP to listen to it.

stephenw10

Ah, OK. Yes, that was almost certainly it. I was unable to replicate it here using any combination of selected interfaces.