Stateless DHCPv6 and NTP server
-
I'm setting up a stateless DHCPv6 server and noticed that NTP servers require an actual address, rather than a host name as can be used on the IPv4 DHCP server. Why is this?
Is this a bug or a "feature"?
-
"A valid IPv6 address must be specified for the primary/secondary NTP servers.
You refer to this in the dhcpv6 options when you try to give a fqdn for a ntp server?
Pretty sure option 42 in dhcp calls for an IP per the rfc
https://www.rfc-editor.org/rfc/rfc2132.html
8.3. Network Time Protocol Servers OptionThis option specifies a list of IP addresses indicating NTP [18]
servers available to the client. Servers SHOULD be listed in order
of preference.The code for this option is 42. Its minimum length is 4, and the
length MUST be a multiple of 4.if the gui for v4 dhcp convert a fqdn to an IP for you, that would be a feature. That has not been implemented for the dhcpv6 gui page.
I am not aware that the options for dhcpv6 are any different than the options for dhcpv4. This has always been required to be an IP address.
edit: seems for dhcp v6 there is an option for fqdn for ntp
https://www.rfc-editor.org/rfc/rfc5908.html#page-6Prob want to put in a feature request to allow that.
-
@johnpoz said in Stateless DHCPv6 and NTP server:
Prob want to put in a feature request to allow that.
It's not a problem as I can provide the address. However, I just thought it odd that the host name could be used for IPv4, but not IPv6. What happens if you want to use a NTP pool? On the NTP server page, host names can be used.
-
@jknott most clients don't even honer what is handed out for ntp via dhcp anyway.. Be that dhcp or dhcpv6
dhcp client why would you hand them a pool fqdn? You would hand them the local ntp server ;)
-
@johnpoz said in Stateless DHCPv6 and NTP server:
dhcp client why would you hand them a pool fqdn? You would hand them the local ntp server ;)
I have always used the name for a server. Also, there may be more than one NTP server on a network. I was on a project a few years ago, where they had two stratum 0 GPS receivers, at different locations, and multiple servers at other levels.
Still I find it odd you can use names in the same software for IPv4 but not IPv6. I may be crazy, but I'd think it should be the same, one way or the other, for both.
-
@jknott said in Stateless DHCPv6 and NTP server:
I may be crazy,
Pretty much yeah ;)
dhcpV4 does not allow for handing out fqdn in option 42.. See the rfc.. Pfsense allowed for you to put in a fqdn in the qui that they just converted to IP that gets handed out..
Here I put in pool.ntp.org in my dhcpV4 server
I now ask for dhcp lease.. Via sniff look what was handed out
While it looks like dhcpV6 does have a fqdn option for ntp.. Doesn't look to be implemented in the dhcpV6 gui as of yet, put in a feature request.
Btw windows clients won't even ask for ntp in their discover or request, so you can put whatever you want in there and windows isn't going to use it for v4..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
@johnpoz said in Stateless DHCPv6 and NTP server:
Btw windows clients won't even ask for ntp in their discover or request, so you can put whatever you want in there and windows isn't going to use it for v4..
I got so annoyed about the above , and lot's of ntp "deny's" in my log for win clients , that i ended up doing a DNS override of time.windows.com (i think it was) , to point at my firewall interface (ipv4) ... TAKE THAT M$
/Bingo
-
@bingo600 not a fan of windows time anything ;) I disable its local builtin nonsense and just install actual official ntp client.
You can grab it over at https://www.meinbergglobal.com/english/sw/ntp.htm#ntp_stable
-
@johnpoz
100% sure i would install that on any M$ Server, have been using that for close to 20 years now.But not on a Win10 client/laptop ....
Actually a bit strange ....
Since i have no issue installing NTP on any Linux laptop./Bingo
-
@bingo600 said in Stateless DHCPv6 and NTP server:
But not on a Win10 client/laptop ....
why is that? If your windows is part of your AD sure I would concur, since your clients should pull time from your AD you setup.
I wouldn't prob setup on a laptop that is off most of the time, etc. But my pc is on 24/7 so yeah I install it on those.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
I just did a capture of both DHCP and DHCPv6. Even though a host name is specified in the DHCP server, an address is provided. So, it appears pfsense does a lookup to get the address.
I got so annoyed about the above , and lot's of ntp "deny's" in my log for win clients , that i ended up doing a DNS override of time.windows.com (i think it was) , to point at my firewall interface (ipv4) ... TAKE THAT M$
You can change the server in Windows. I pointed mine to pool.ntp.org and created a DNS alias to point to my server. I've had to do similar with my TV and Chromebook. I look to see what server they're trying to use and create an alias so that it goes to pfsense.
-
@johnpoz said in Stateless DHCPv6 and NTP server:
I wouldn't prob setup on a laptop that is off most of the time, etc. But my pc is on 24/7 so yeah I install it on those.
I just change where "Internet time" points to.
