Pfsense brake completely enable DHCP
-
Seams I geting better result but it still saying unreachable.
-
If you can talk to them then your reach should be 377..
And your offsets are so large not going to adjust anyway.. Set the time on the pfsense box to be somewhere close to start with.
Your connectivity is just broken from those jitter values..
-
I try to sett time manually. But same problem and offset time is still big.
-
Is is possible to remove all your firewall and NAT rules - and put in place the default pass all rule on LAN ?
-
@mullcom said in Pfsense brake completely enable DHCP:
I try to sett time manually. But same problem and offset time is still big
Well your not really talking to them... So the reach will go up as you get back answers.. it tells you how many out of the last 8 queries you got answers for... Normal is 377.. 7 means HORRIBLE!!! You could do the math to match up which ones got an answer..
7 would mean only the last 3 have gotten an answer
00000111377
11111111
would mean you got answers for the last 8 queries.What are your reaches now? When they are 377 and stay there you have a stable connection to the ntp servers.
-
This is a bit crazy...
No one in the list.
-
Finally. I delit pool and only use time.windows.com like all windows OS do.
I get that to pop-up.
2.4.4-RELEASE][admin@pfSense.localdomain]/root: ntpdate -d time.windows.com
13 Aug 19:42:45 ntpdate[62579]: ntpdate 4.2.8p13@1.3847-o Fri May 10 20:05:40 UTC 2019 (1)
transmit(40.74.70.63)
receive(40.74.70.63)
transmit(40.74.70.63)
receive(40.74.70.63)
transmit(40.74.70.63)
receive(40.74.70.63)
transmit(40.74.70.63)
receive(40.74.70.63)server 40.74.70.63, port 123
stratum 2, precision -23, leap 00, trust 000
refid [132.163.96.2], root delay 0.192383, root dispersion 0.014725
reference time: e0fd7778.aa4bf9d3 Tue, Aug 13 2019 19:52:56.665
originate timestamp: e0fd7795.26345eac Tue, Aug 13 2019 19:53:25.149
transmit timestamp: e0fd751b.ae457a08 Tue, Aug 13 2019 19:42:51.680
filter delay: 0.09448 0.09479 0.09439 0.09439
---- ---- ---- ----
filter offset: 615.057016 621.197134 627.284268 633.434036
---- ---- ---- ----
delay 0.09439, dispersion 6.89256, offset 627.28426813 Aug 19:42:51 ntpdate[62579]: step time server 40.74.70.63 offset 627.284268 sec
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: -
well if you can not resolve - then no nobody would be in the list..
Not sure why you are worried about ntp.. Does the wan get an IP from your isp - is it public or rfc1918.. What does the quality graph show? Can pfsense ping say 8.8.8.8 from the diag, ping tool?
-
I am glad you all help me with this.
Pfsense deliver NTP as a funktion so. I think that should work when it come with the box. Time is important. If not correct time with your hardware to getting trubbel in the end with other. Like when you deliver active directory for one example. It seams DHCP is also in need of time. But the thing is that I want it to work and function correctly before I move on. Not like to have failing funktionalitet in the network. Btw I feel some responses loss in web GUI when time is not Correct. Sometime it frozen for a minute.
With that sad.
I call my ISP to get a IP adress that's are derectly to the internet. If I didn't do that I don't get a fake ip that's not directly to internet and gets some limitations.
I did some more testing in ssh when I update time manually.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: date 1342 date: can't reach time daemon, time set locally Wed Aug 14 13:42:00 +02 2019 [2.4.4-RELEASE][admin@pfSense.localdomain]/root:Can't reach time deamon it say
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: time 0.006u 0.018s 29:48.45 0.0% 7908+1780k 4+0io 0pf+0w [2.4.4-RELEASE][admin@pfSense.localdomain]/root:Have no idea why it say like this.
I have sett correct location and that is Sweden Stockholm in web GUI. And when I ping 8.8.8.8
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=54 time=4.960 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=4.950 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=54 time=4.946 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=54 time=4.948 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=54 time=4.947 msAnd i get back all NTP servers in the list now. And that are 377 now. Start Frome 7 and get higher more I waited. But still saying unreachable
I did remove all NAT rules and open up WAN for everything to see if it working better.
LAN is already open as defoult.
-
When I enable Graf. where do i find it?
-
I am trying to finding NTP.conf in she'll. But it seams that it has moved away form defoult location ?
[2.4.4-RELEASE][admin@pfSense.localdomain]/etc: cd ntp [2.4.4-RELEASE][admin@pfSense.localdomain]/etc/ntp: ls [2.4.4-RELEASE][admin@pfSense.localdomain]/etc/ntp: -
Lets freaking forget ntp for the time being..
You show a block on your lan for dhcp that 0.0.0.0:68 are you not running dhcp server on your lan on pfsense?
If you enable dhcp server on pfsense lan - then there would be hidden rules to allow that traffic - since your seeing blocked, then you don't have it enabled?
There should be ZERO rules on your wan!!! unless you want a specific port forward..
Your ntp seems to be working from you latest screen shot, see the 377 reach. But your offset is still HUGE.. Do you have a timezone issue.. What do you have timezone set in the gui too? Make sure its correct and then reboot pfsense.
simple date cmd will show you time, date and zone
[2.4.4-RELEASE][admin@sg4860.local.lan]/: date Wed Aug 14 08:15:23 CDT 2019 [2.4.4-RELEASE][admin@sg4860.local.lan]/: -
@mullcom said in Pfsense brake completely enable DHCP:
moved away form defoult location
Default to what ? A Linux based system ? A pure FreeBSD install ? Maybe.
This is pfSense, based on the FreeBSD kernel OS.Check /var/etc/ntpd.conf ^^
This file is build by pfSense (GUI settings) just before pfSense start the time demaon.
/usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf -p /var/run/ntpd.pid# # pfSense ntp configuration file # tinker panic 0 # Orphan mode stratum tos orphan 12 # Upstream Servers pool fr.pool.ntp.org iburst maxpoll 9 statsdir /var/log/ntp logconfig =syncall +clockall +peerall +sysall driftfile /var/db/ntpd.drift restrict default kod limited nomodify nopeer notrap restrict -6 default kod limited nomodify nopeer notrap restrict source kod limited nomodify notrap interface ignore all interface ignore wildcard interface listen fxp0 interface listen sis0 interface listen ovpns1( This is mine - with the interface and settings I use ).
-
Weee. I have solved my issue. It's a kernel tune that needs to be done. I found out this on hardware forum that make this nice bords.
https://r.tapatalk.com/shareLink?url=https%3A%2F%2Fforum%2Eodroid%2Ecom%2Fviewtopic%2Ephp%3Ft%3D33911&share_tid=33911&share_fid=63351&share_type=t
Anyway I want to thx for all your help. It is very grateful.
