NTP errors
-
Yeah this smells of DNS mis-configuration on the firewall.
-
As I said, I didn't configure any DNS server address.
But is pfSense really configured to resolve anything specified as the NTP server (even an IP address)?Now, I have a multi-wan configuration, with each ISP having its own DNS servers.
Which link will pfSense use to resolve any FQDN? The default interface "WAN"?
Or should I specify all 6 DNS servers or any of the 6? -
how did you expect the firewall to resolve the name without specifying a dns server ;)
Add static routes for the external dns servers to go out the right interface. -
How would I know that pfSense would try to resolve an IP address !!!? ;)
Will try adding the static routes as you say. -
Every domainname you enter at any field of your pfsense requires to be resolved and that's what DNS are for ;)
-
How would I know that pfSense would try to resolve an IP address !!!? ;)
Will try adding the static routes as you say.Technically it's msntp that tries to resolve it. Not much we can do about that I'm afraid. The code probably looks something like "ip = gethostbyname(hostnameoripsuppliedbyuser)" The gethostbyname() call returns an IP when given an hostname or IP so it's a rather safe call…and it'd be unexpected to not have DNS on your box ;)
--Bill
-
Yeah, I understand.
Anyway, I've specified the DNS servers and unchecked the "Allow DNS server list to be overridden by DHCP/PPP on WAN" option.
That option also caused some problem when left checked by default.
Seems to be OK now:May 31 18:41:12 msntp[72982]: msntp: packets out of order on socket 0
May 31 18:41:12 msntp[72982]: msntp: after 4 hours 59 mins acc. 1 rej. 1 flush 0 max.off. -12.936 corr. -12.936
May 31 18:41:12 msntp[72982]: msntp: 2006 May 31 18:41:09.871 + 2.469 +/- 0.475 secs
May 31 18:41:10 msntp[72982]: msntp: after 4 hours 59 mins acc. 2 rej. 1 flush 0 max.off. -2.457 corr. -2.457
May 31 18:41:10 msntp[72982]: msntp: 2006 May 31 18:41:10.332 + -0.000 +/- 0.464 secsOne question:
Can I use the firewall time as a time source to correct time errors on local client PCs?
On a Windows client, I tried "net time \10.0.0.3 /set /yes" but got the following error message:
System error 53 occurred.
The network path was not found.Does pfSense only implement an ntp client and not an ntp server?
-
That'S true for 1.0. There already is a timeserver in HEAD.
-
OK, but what exactly is the "HEAD" version?
-
http://faq.pfsense.org/index.php?sid=61682&lang=en&action=artikel&cat=1&id=165&artlang=en