OpenNTP will not start

AhnHEL

I'm using a 64 bit snap from April 1st. Is it possible there are some code differences and thats why the inc edits arent working for me?

There are two instances of ntpdcfg that I changed to ntpcfg to match what you posted that I highlighted in red but still no luck. Once I put the d back in ntpcfg, the service starts again.

function system_ntp_configure() {
global $config, $g;

$ntpcfg = "# \n";
$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
$ntpcfg .= "# \n\n";

/* foreach through servers and write out to ntpd.conf /
foreach (explode(' ', $config['system']['timeservers']) as $ts) {
$ntpcfg .= "servers {$ts}\n";
}
/ Setup listener(s) if the user has configured one /
if ($config['installedpackages']['openntpd']) {
/ server config is in coregui1 */
$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
if ($xmlsettings['enable'] == 'on') {
$ifaces = explode(',', $xmlsettings['interface']);
$ifaces = array_map('get_real_interface', $ifaces);
$ifaces = array_filter($ifaces, 'does_interface_exist');
$ips = array_map('find_interface_ip', $ifaces);
foreach ($ips as $ip) {
if (is_ipaddr($ip))
$ntpcfg .= "listen on $ip\n";
}
}
}
$ntpcfg .= "\n";

/* open configuration for wrting or bail */
$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
if(!$fd) {
log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
return;
}
fwrite($fd, $ntpcfg);

/* slurp! */
fclose($fd);

Tikimotel

$ntpcfg is only a collection of "strings" which will be used to write to a file called "/var/etc/ntpd.conf" and has nothing to do with the starting or stopping of the service.
So I'm baffled why it is going "wrong" with your install…
Have you tried executing the command-line I showed earlier? (using the correct /var/etc/ntpd.conf offcourse)

function system_ntp_configure() {
global $config, $g;

$ntpcfg = "# \n";
$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
$ntpcfg .= "# \n\n";

$ntpcfg =
# 
# pfSense OpenNTPD configuration file 
#

/* foreach through servers and write out to ntpd.conf */
foreach (explode(' ', $config['system']['timeservers']) as $ts) {
$ntpcfg .= "servers {$ts}\n";
}

$ntpcfg =
# 
# pfSense OpenNTPD configuration file 
# 

servers nl.pool.ntp.org
servers de.pool.ntp.org
servers europe.pool.ntp.org

/* Setup listener(s) if the user has configured one /
if ($config['installedpackages']['openntpd']) {
/ server config is in coregui1 */

Here it checks if the "packageinformation" is in /conf/config.xml

$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
if ($xmlsettings['enable'] == 'on') {

locate and test if <enable>on</enable> is true

$ifaces = explode(',', $xmlsettings['interface']);

locate and put into array <interface>LAN,Loopback</interface>

$ifaces = array_map('get_real_interface', $ifaces);
$ifaces = array_filter($ifaces, 'does_interface_exist');
$ips = array_map('find_interface_ip', $ifaces);

convert LAN and Loopback into ipnumbers --> 192.168.0.1,127.0.0.1 --> Test ipnumbers --> into array $ips

foreach ($ips as $ip) {
if (is_ipaddr($ip))
$ntpcfg .= "listen on $ip\n";
}
}
}
$ntpcfg .= "\n";

$ntpcfg =
# 
# pfSense OpenNTPD configuration file 
# 

servers nl.pool.ntp.org
servers de.pool.ntp.org
servers europe.ntp.org
listen on 192.168.0.1
listen on 127.0.0.1

/* open configuration for wrting or bail */
$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");

test if $ntpcfg can be written, "{$g['varetc_path']}/ntpd.conf" is destination of $ntpcfg

if(!$fd) {
log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
return;
}
fwrite($fd, $ntpcfg);

here $ntpcfg is written to file

/* slurp! */
fclose($fd);

file is closed

AhnHEL

Executing the command line I get the following after making the edit:

root(1): /usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf
listening on 192.168.1.1
fatal: bind: Address already in use
dispatch_imsg in main: pipe closed
Terminating

Without making any edits, I get output and the service is running but mind you I dont have the listen on entries in the conf file so no clients can sync to ntpd.

/usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf
ntp engine ready
reply from 209.167.68.100: offset 0.076802 delay 0.020013, next query 8s
reply from 173.193.227.67: offset 0.080000 delay 0.019019, next query 9s
reply from 72.26.125.125: offset 0.081708 delay 0.085034, next query 8s
reply from 209.167.68.100: offset 0.078196 delay 0.018326, next query 8s
reply from 72.26.125.125: offset 0.082557 delay 0.084236, next query 7s
reply from 173.193.227.67: offset 0.080637 delay 0.014315, next query 7s
reply from 72.26.125.125: offset 0.081665 delay 0.080064, next query 9s
reply from 209.167.68.100: offset 0.078240 delay 0.018210, next query 6s
reply from 173.193.227.67: offset 0.082350 delay 0.018398, next query 6s
peer 209.167.68.100 now valid
reply from 209.167.68.100: offset 0.079528 delay 0.019125, next query 8s
peer 173.193.227.67 now valid
reply from 173.193.227.67: offset 0.083322 delay 0.019781, next query 6s
peer 72.26.125.125 now valid
reply from 72.26.125.125: offset 0.082294 delay 0.079365, next query 9s
reply from 173.193.227.67: offset 0.083190 delay 0.016300, next query 6s
reply from 209.167.68.100: offset 0.080482 delay 0.019987, next query 8s
/etc/inc/system.increply from 72.26.125.125: offset 0.083860 delay 0.081156, next query 9s
reply from 173.193.227.67: offset 0.083825 delay 0.015223, next query 8s
reply from 209.167.68.100: offset 0.081236 delay 0.019048, next query 8s
^Cntp engine exiting
Terminating

So it seems my only issue is getting the string(s) that put the listen on entries into the conf file because the service is running fine.

skywalker

has someone managed to fix this?
I ran into exactly the same problem.
I noticed that after fixing the system.inc, the /usr/local/sbin/ntpdate_sync_once.sh script seems to run forever thus blocking port 123 thus ntpd won't start.
Does this help?

racmar

Yes, I have this same problem with ntpdate_sync_once.sh running forever. My temp. fix is to comment out ntpdate on line 7 like so:

	#ntpdate $SERVER

I haven't figured out why it is hanging and blocking port 123, but the above temp. fix at least lets ntpd run.

Tikimotel

I'm puzzled by the message from Onhel:
root(1): /usr/local/sbin/ntpd -d -f /var/etc/ntpd.conf
listening on 192.168.1.1
fatal: bind: Address already in use
dispatch_imsg in main: pipe closed
Terminating

Have you tried "loopback" (a.k.a 127.0.0.1) is it also already in use?

I only needed to make my above mentioned adjustments and open the firewall (locally) for the ntp port, in order to get clients to use pfsense as a ntp-server.

Onhel ? Clean install or Update over pfsense 1.2.3 ?
Maybe some older 1.2.3 firewall settings mess thing up. (old default rules?)

My system is a clean pfsense 2.0 install from late march and updated via manual update. (2.0-RC1 (amd64) built on Fri Mar 25 03:25:35 EDT 2011 )
(stopped updating for a while now, since the upnp problems of recent snapshots.)

I had to add the LAN firewall settings myself. No default "rules" for reaching dns forwarder, upnp or nat-pmp for instance.
(this works for me… )

Firewall_settings_NTP.png_thumb

AhnHEL

Yes Loopback is on.

Its from a clean install, started from scratch some time ago so no remnants of 1.2.3

I even used a clean install and removed all references to ntpd in my config. Only way to get it running is to kill all ntp processes and then I can start and stop the service as normal but I still get fatal bind error running the above command.

vorgusa

I am having the same problem still with "built on Wed Apr 6 " its the script used to update the time when the pfsense starts (at least thats what I think it does)

[2.0-RC1][user@router]/home/user(5): ps -aux | grep ntp
root 38597 0.0 0.1 3656 1400 ?? SN 7:47PM 0:05.38 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh
root 38697 0.0 0.1 3656 1364 ?? IN 7:47PM 0:00.00 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh
root 41630 0.0 0.1 3504 1356 ?? SN 7:47PM 0:00.25 ntpdate 0.pfsense.pool.ntp.org
root 12536 0.0 0.1 3656 1396 v0- S 7:47PM 0:05.34 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh

It just hangs and leaves the port open so when NTPD tries to start it can not. Once those are killed ntpd can start.

The script seems to run fine once the original ones have been killed, maybe something to do with when/how its started?

[2.0-RC1][root@router]/usr/local/sbin(7): ./ntpdate_sync_once.sh
7 Apr 08:28:57 ntpdate[41586]: adjust time server 207.150.168.70 offset 0.032785 sec
[2.0-RC1][root@router]/usr/local/sbin(9): ps -aux | grep ntp
root 42402 0.0 0.1 3316 1340 ?? Ss 8:29AM 0:00.00 ntpd: [priv] (ntpd)
_ntp 42196 0.0 0.1 3316 1344 1 S 8:29AM 0:00.00 ntpd: ntp engine (ntpd)

vorgusa

Do the people with the problem have a VPN running? if I stop my NTPD and restart my site to site vpn, I get the ntpdate_sync_once script again plus ntpdate. NTPD does not start up which I believe the ntpdate_synch script is supposed to do when its done

[2.0-RC1][root@router]/etc(48): ps -aux | grep ntp
root 22882 1.1 0.1 3504 1396 ?? SN 9:00AM 0:00.01 ntpdate 0.pfsense.pool.ntp.org
root 21483 1.0 0.1 3656 1504 ?? SN 9:00AM 0:00.00 /bin/sh /usr/local/sbin/ntpdate_sync_once.sh

racmar

Now that I think about it, the NTPD problem did start after I enabled the VPN.

racmar

I just deleted my VPN and NTPD start fine after a reboot. Interesting, and good catch vorgusa!

AhnHEL

Some commits but still not running right, see below link.

http://redmine.pfsense.org/issues/1397