Clock Issue
-
@fireodo Thanks, yeah I have that setup but it doesn't seem to keep it in check, looking at the logs it looks like its working ok until the clock gets too far out then I see errors
-
However arnt these the settings for the NTP service that the firewall puts out to the lan, not the NTP receiver service?
-
@jp141 said in Clock Issue:
However arnt these the settings for the NTP service that the firewall puts out to the lan, not the NTP receiver service?
Both, receiver & service. Is your WAN_VODAFONE included or excludet?
-
- Looks like your NTP server cannot reach your configured WAN NTP pools. What's the status of the following command
ntpq -pnExample
/root: ntpq -pn remote refid st t when poll reach delay offset jitter ============================================================================== o127.127.20.0 .GPS. 0 l 2 8 377 0.000 +0.002 0.003 time.nist.gov .POOL. 16 p - 64 0 0.000 +0.000 0.000 +132.163.96.4 .NIST. 1 u 51 64 377 50.868 +0.618 0.366 +132.163.97.6 .NIST. 1 u 30 64 377 49.819 +0.604 0.366 +132.163.97.4 .NIST. 1 u 17 64 377 49.849 +0.427 0.431- Did you confiture a NTP server under System -> General?
-
@fireodo Its excluded, thats the main WAN, I was under the impression you selected internal interfaces on that page thats the way I have used PFSense on other hardware for years, is that wrong?
-
Interestingly the time corrects itself on a full system restart but not an NTP service restart
@elvisimprsntr I get this if I run that command:
-
@jp141 said in Clock Issue:
Its excluded, thats the main WAN
Probably this is the cause your box cannot reach the NTP servers so it cannot synchronize ...
-
Ahhha @elvisimprsntr @fireodo you both seem to be on to something, I enabled the WAN interface and now I am getting much more NTP info and the clock has corrected itself!! will monitor it but it looks like you may have fixed my issue, many thanks! the wording on that page should really be a bit more helpful, it even says you are selecting the interfaces for it to listen on not send requests out on!
-
Glad its working now!
-
@fireodo Thanks for your help :) this has been driving me nuts for weeks
-
I don't think you want to enable the WAN interface on the NTP server settings unless you are planning to advertise your personal NTP server on the public internet. See example
Check your System -> General setting.
-
@elvisimprsntr Well see thats what I thought, this is the general setting, I didnt have anything in the DNS servers until earlier, I added 127.0.0.1, im using the local resolver, possibly it needs something in there even if its just 127.0.0.1
-
You will want to add a valid external DNS server to the System -> General settings.
Otherwise it will not be able to resolve DNS names
-
Without the wan selected I get this:
With the WAN selected I get this:
So that must need to be selected, as long as I don't have a firewall rule allowing NTP on the WAN interface it shouldn't be accessible from the outside world right?
-
@elvisimprsntr Im using the DNS Resolver Service, never had an issue with the firewall installing packages or updates so it can resolve ok with just that and this command was working fine ntpdate -q 0.pfsense.pool.ntp.org
-
@elvisimprsntr said in Clock Issue:
You will want to add a valid external DNS server to the System -> General settings.
Only if you want to forward to this DNS Servers. Pfsense can resolve out from the box ...
-
You have likely made too many changes from the defaults that are conflicting with each other.
If you are relatively new to pfSense, you should use the defaults unless you are a spefiic reason to change them. Then only change them one at a time.
-
@elvisimprsntr Not new been using it for 15-20 years
-
-
@elvisimprsntr Yeah I will set that and a google DNS server just incase there is ever an issue with the resolver.
