OpenNTP will not start
-
Solution:
In "/etc/inc/system.inc" replace $ntpdcfg with $ntpcfg
The correct function should be like below.function system_ntp_configure() { global $config, $g; $ntpcfg = "# \n"; $ntpcfg .= "# pfSense OpenNTPD configuration file \n"; $ntpcfg .= "# \n\n"; /* foreach through servers and write out to ntpd.conf */ foreach (explode(' ', $config['system']['timeservers']) as $ts) { $ntpcfg .= "servers {$ts}\n"; } /* Setup listener(s) if the user has configured one */ if ($config['installedpackages']['openntpd']) { /* server config is in coregui1 */ $xmlsettings = $config['installedpackages']['openntpd']['config'][0]; if ($xmlsettings['enable'] == 'on') { $ifaces = explode(',', $xmlsettings['interface']); $ifaces = array_map('get_real_interface', $ifaces); $ifaces = array_filter($ifaces, 'does_interface_exist'); $ips = array_map('find_interface_ip', $ifaces); foreach ($ips as $ip) { if (is_ipaddr($ip)) $ntpcfg .= "listen on $ip\n"; } } } $ntpcfg .= "\n"; /* open configuration for wrting or bail */ $fd = fopen("{$g['varetc_path']}/ntpd.conf","w"); if(!$fd) { log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing"); return; } fwrite($fd, $ntpcfg); /* slurp! */ fclose($fd);
line $ntpdcfg .= "listen on $ip\n"; was/is wrong, "listen on 192.168.0.1" for example was never written in "/var/etc/ntpd.conf"
To test / generate new ntpd.conf via:
Diagnostic:execute command (php execute)system_ntp_configure();
my "/var/etc/ntpd.conf"
# # pfSense OpenNTPD configuration file # servers nl.pool.ntp.org servers de.pool.ntp.org listen on 192.168.0.1
-
Thanks for your assistance Tikimotel.
Made your edits to the inc file and I can confirm the conf file is proper now with the "server" and the "listen on" entries.
Issue I'm having now is that when I start the service, Status/Services shows it as stopped always. Any ideas?
-
Onhel, i'm still looking for logging of the service.
The timeserver system of ntp and ntpd seems a mix of ntp and an old openntpd package integrated into the release.
Names of conf files mentioned in the various files involved with configuring the "openntd" are inconsistent.I can't reproduce your stopped service, it is running (and stops/starts) fine on my install.
The names of the ntp servers won't resolve? (so it won't start??) Try ipnumbers (not names) in system–>general setup
Maybe starting the service (ntpd) from a shell might return some information on why it won't start.
Since adding a "driftfile" to the config doesn't work.
I believe ntpd is not the ntp mentioned at http://support.ntp.org/bin/view/Servers/NTPPoolServers,
but openntp ported from openbsd see man pages here http://www.openbsd.org/cgi-bin/man.cgi?query=ntpd
and here http://www.openbsd.org/cgi-bin/man.cgi?query=ntpd.conf.Maybe the command-line options "-v" or "-n" could shed a light on your start / stop issue?
I'm trying to help but I'm no real expert. -
:)
Try this command-line in a shell/usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf
The output should be similar to this:
(use crtl+c to abort at anytime)listening on 192.168.0.1 listening on 127.0.0.1 ntp engine ready reply from 178.251.120.16: offset 0.088332 delay 0.009902, next query 6s reply from 109.72.80.61: offset 0.030679 delay 0.010436, next query 7s reply from 85.17.141.90: offset 0.018913 delay 0.010278, next query 7s reply from 213.198.55.2: offset 0.018760 delay 0.016012, next query 8s reply from 131.188.3.220: offset 0.019946 delay 0.020260, next query 5s reply from 212.112.227.201: offset 0.022334 delay 0.020664, next query 9s reply from 178.63.212.146: offset 0.019786 delay 0.021309, next query 8s reply from 193.228.143.13: offset 0.017242 delay 0.037530, next query 9s reply from 80.153.14.198: offset 0.021177 delay 0.041390, next query 9s reply from 131.188.3.220: offset 0.018617 delay 0.017646, next query 6s .. .. .. reply from 212.112.227.201: offset 0.022671 delay 0.020763, next query 8s reply from 193.228.143.13: offset 0.017741 delay 0.037683, next query 5s peer 178.251.120.16 now valid reply from 178.251.120.16: offset 0.087101 delay 0.008655, next query 8s peer 131.188.3.220 now valid reply from 131.188.3.220: offset 0.019348 delay 0.018466, next query 9s peer 85.17.141.90 now valid reply from 85.17.141.90: offset 0.018607 delay 0.008756, next query 7s peer 109.72.80.61 now valid reply from 109.72.80.61: offset 0.030426 delay 0.008848, next query 8s peer 178.63.212.146 now valid reply from 178.63.212.146: offset 0.019605 delay 0.019835, next query 6s .. .. .. reply from 213.198.55.2: offset 0.019852 delay 0.015709, next query 32s ^Cntp engine exiting Terminating
It seems the port is stripped clean, there aren't many options available.
ntpd: illegal option -- n usage: ntpd [-dSs] [-f file]
-
I'm using a 64 bit snap from April 1st. Is it possible there are some code differences and thats why the inc edits arent working for me?
There are two instances of ntpdcfg that I changed to ntpcfg to match what you posted that I highlighted in red but still no luck. Once I put the d back in ntpcfg, the service starts again.
function system_ntp_configure() {
global $config, $g;$ntpcfg = "# \n";
$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
$ntpcfg .= "# \n\n";/* foreach through servers and write out to ntpd.conf /
foreach (explode(' ', $config['system']['timeservers']) as $ts) {
$ntpcfg .= "servers {$ts}\n";
}
/ Setup listener(s) if the user has configured one /
if ($config['installedpackages']['openntpd']) {
/ server config is in coregui1 */
$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
if ($xmlsettings['enable'] == 'on') {
$ifaces = explode(',', $xmlsettings['interface']);
$ifaces = array_map('get_real_interface', $ifaces);
$ifaces = array_filter($ifaces, 'does_interface_exist');
$ips = array_map('find_interface_ip', $ifaces);
foreach ($ips as $ip) {
if (is_ipaddr($ip))
$ntpcfg .= "listen on $ip\n";
}
}
}
$ntpcfg .= "\n";/* open configuration for wrting or bail */
$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
if(!$fd) {
log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
return;
}
fwrite($fd, $ntpcfg);/* slurp! */
fclose($fd); -
$ntpcfg is only a collection of "strings" which will be used to write to a file called "/var/etc/ntpd.conf" and has nothing to do with the starting or stopping of the service.
So I'm baffled why it is going "wrong" with your install…
Have you tried executing the command-line I showed earlier? (using the correct /var/etc/ntpd.conf offcourse)function system_ntp_configure() {
global $config, $g;$ntpcfg = "# \n";
$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
$ntpcfg .= "# \n\n";$ntpcfg = # # pfSense OpenNTPD configuration file #
/* foreach through servers and write out to ntpd.conf */
foreach (explode(' ', $config['system']['timeservers']) as $ts) {
$ntpcfg .= "servers {$ts}\n";
}$ntpcfg = # # pfSense OpenNTPD configuration file # servers nl.pool.ntp.org servers de.pool.ntp.org servers europe.pool.ntp.org
/* Setup listener(s) if the user has configured one /
if ($config['installedpackages']['openntpd']) {
/ server config is in coregui1 */Here it checks if the "packageinformation" is in /conf/config.xml
$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
if ($xmlsettings['enable'] == 'on') {locate and test if <enable>on</enable> is true
$ifaces = explode(',', $xmlsettings['interface']);
locate and put into array <interface>LAN,Loopback</interface>
$ifaces = array_map('get_real_interface', $ifaces);
$ifaces = array_filter($ifaces, 'does_interface_exist');
$ips = array_map('find_interface_ip', $ifaces);convert LAN and Loopback into ipnumbers --> 192.168.0.1,127.0.0.1 --> Test ipnumbers --> into array $ips
foreach ($ips as $ip) {
if (is_ipaddr($ip))
$ntpcfg .= "listen on $ip\n";
}
}
}
$ntpcfg .= "\n";$ntpcfg = # # pfSense OpenNTPD configuration file # servers nl.pool.ntp.org servers de.pool.ntp.org servers europe.ntp.org listen on 192.168.0.1 listen on 127.0.0.1
/* open configuration for wrting or bail */
$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");test if $ntpcfg can be written, "{$g['varetc_path']}/ntpd.conf" is destination of $ntpcfg
if(!$fd) {
log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
return;
}
fwrite($fd, $ntpcfg);here $ntpcfg is written to file
/* slurp! */
fclose($fd);file is closed
-
Executing the command line I get the following after making the edit:
root(1): /usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf listening on 192.168.1.1 fatal: bind: Address already in use dispatch_imsg in main: pipe closed Terminating
Without making any edits, I get output and the service is running but mind you I dont have the listen on entries in the conf file so no clients can sync to ntpd.
/usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf ntp engine ready reply from 209.167.68.100: offset 0.076802 delay 0.020013, next query 8s reply from 173.193.227.67: offset 0.080000 delay 0.019019, next query 9s reply from 72.26.125.125: offset 0.081708 delay 0.085034, next query 8s reply from 209.167.68.100: offset 0.078196 delay 0.018326, next query 8s reply from 72.26.125.125: offset 0.082557 delay 0.084236, next query 7s reply from 173.193.227.67: offset 0.080637 delay 0.014315, next query 7s reply from 72.26.125.125: offset 0.081665 delay 0.080064, next query 9s reply from 209.167.68.100: offset 0.078240 delay 0.018210, next query 6s reply from 173.193.227.67: offset 0.082350 delay 0.018398, next query 6s peer 209.167.68.100 now valid reply from 209.167.68.100: offset 0.079528 delay 0.019125, next query 8s peer 173.193.227.67 now valid reply from 173.193.227.67: offset 0.083322 delay 0.019781, next query 6s peer 72.26.125.125 now valid reply from 72.26.125.125: offset 0.082294 delay 0.079365, next query 9s reply from 173.193.227.67: offset 0.083190 delay 0.016300, next query 6s reply from 209.167.68.100: offset 0.080482 delay 0.019987, next query 8s /etc/inc/system.increply from 72.26.125.125: offset 0.083860 delay 0.081156, next query 9s reply from 173.193.227.67: offset 0.083825 delay 0.015223, next query 8s reply from 209.167.68.100: offset 0.081236 delay 0.019048, next query 8s ^Cntp engine exiting Terminating
So it seems my only issue is getting the string(s) that put the listen on entries into the conf file because the service is running fine.
-
has someone managed to fix this?
I ran into exactly the same problem.
I noticed that after fixing the system.inc, the /usr/local/sbin/ntpdate_sync_once.sh script seems to run forever thus blocking port 123 thus ntpd won't start.
Does this help? -
Yes, I have this same problem with ntpdate_sync_once.sh running forever. My temp. fix is to comment out ntpdate on line 7 like so:
#ntpdate $SERVER
I haven't figured out why it is hanging and blocking port 123, but the above temp. fix at least lets ntpd run.
-
I'm puzzled by the message from Onhel:
root(1): /usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf
listening on 192.168.1.1
fatal: bind: Address already in use
dispatch_imsg in main: pipe closed
TerminatingHave you tried "loopback" (a.k.a 127.0.0.1) is it also already in use?
I only needed to make my above mentioned adjustments and open the firewall (locally) for the ntp port, in order to get clients to use pfsense as a ntp-server.
Onhel ? Clean install or Update over pfsense 1.2.3 ?
Maybe some older 1.2.3 firewall settings mess thing up. (old default rules?)My system is a clean pfsense 2.0 install from late march and updated via manual update. (2.0-RC1 (amd64) built on Fri Mar 25 03:25:35 EDT 2011 )
(stopped updating for a while now, since the upnp problems of recent snapshots.)I had to add the LAN firewall settings myself. No default "rules" for reaching dns forwarder, upnp or nat-pmp for instance.
(this works for me… )
-
Yes Loopback is on.
Its from a clean install, started from scratch some time ago so no remnants of 1.2.3
I even used a clean install and removed all references to ntpd in my config. Only way to get it running is to kill all ntp processes and then I can start and stop the service as normal but I still get fatal bind error running the above command.
-
I am having the same problem still with "built on Wed Apr 6 " its the script used to update the time when the pfsense starts (at least thats what I think it does)
[2.0-RC1][user@router]/home/user(5): ps -aux | grep ntp
root 38597 0.0 0.1 3656 1400 ?? SN 7:47PM 0:05.38 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh
root 38697 0.0 0.1 3656 1364 ?? IN 7:47PM 0:00.00 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh
root 41630 0.0 0.1 3504 1356 ?? SN 7:47PM 0:00.25 ntpdate 0.pfsense.pool.ntp.org
root 12536 0.0 0.1 3656 1396 v0- S 7:47PM 0:05.34 /bin/sh /usr/local/sbin/ntpdate_sync_once.shIt just hangs and leaves the port open so when NTPD tries to start it can not. Once those are killed ntpd can start.
The script seems to run fine once the original ones have been killed, maybe something to do with when/how its started?
[2.0-RC1][root@router]/usr/local/sbin(7): ./ntpdate_sync_once.sh
7 Apr 08:28:57 ntpdate[41586]: adjust time server 207.150.168.70 offset 0.032785 sec
[2.0-RC1][root@router]/usr/local/sbin(9): ps -aux | grep ntp
root 42402 0.0 0.1 3316 1340 ?? Ss 8:29AM 0:00.00 ntpd: [priv] (ntpd)
_ntp 42196 0.0 0.1 3316 1344 1 S 8:29AM 0:00.00 ntpd: ntp engine (ntpd) -
Do the people with the problem have a VPN running? if I stop my NTPD and restart my site to site vpn, I get the ntpdate_sync_once script again plus ntpdate. NTPD does not start up which I believe the ntpdate_synch script is supposed to do when its done
[2.0-RC1][root@router]/etc(48): ps -aux | grep ntp
root 22882 1.1 0.1 3504 1396 ?? SN 9:00AM 0:00.01 ntpdate 0.pfsense.pool.ntp.org
root 21483 1.0 0.1 3656 1504 ?? SN 9:00AM 0:00.00 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh -
Now that I think about it, the NTPD problem did start after I enabled the VPN.
-
I just deleted my VPN and NTPD start fine after a reboot. Interesting, and good catch vorgusa!
-
Some commits but still not running right, see below link.
http://redmine.pfsense.org/issues/1397