Hi,
NTPD seems to be simple service, but I found it challenging it doesn't do what I need. Currently local date synchronization works well, however I need to use it as local network service no matter if ntp client has access to Internet or no. No NAT is better.
I have 2 network interfaces:
em0 inet 192.168.0.1 WAN
em1 inet 10.0.0.1 LAN
I need to achieve NTPD listening on 127.0.0.1 and 10.0.0.1 and serving local servers which are disconnected from NAT. Currently it only synchronizes time on server and need to be available as a network service. NTPD should not listen on 192.168.0.1. Also it must be read only for network clients.
In /etc/rc.conf:
Service starts, however on all addresses what is wrong (should be for internal use only):
I started from simplest possible /etc/ntp.conf:
For debugging time I decided to disable firewall. Errors occur no matter if packet filtering is enabled or not.
Issue 1: NTPD listens on wrong addresses. How to achieve listening only on selected addresses?
Issue 2: I am testing connectivity right now. Simple rdate seems to be compatible with NTP (I'm aware that by default it uses legacy time protocol). It responds when I try to connect to local NTPD (from NTPD host shell):
It doesn't respond via network.
Issue 3: Is it possible to query NTPD using TCP instead?
What am I doing wrong?
Best regards,
Marcin
NTPD seems to be simple service, but I found it challenging it doesn't do what I need. Currently local date synchronization works well, however I need to use it as local network service no matter if ntp client has access to Internet or no. No NAT is better.
I have 2 network interfaces:
em0 inet 192.168.0.1 WAN
em1 inet 10.0.0.1 LAN
I need to achieve NTPD listening on 127.0.0.1 and 10.0.0.1 and serving local servers which are disconnected from NAT. Currently it only synchronizes time on server and need to be available as a network service. NTPD should not listen on 192.168.0.1. Also it must be read only for network clients.
In /etc/rc.conf:
# NTP
ntpdate_enable="YES"
ntp_sync_on_start="YES"
ntpd_enable="YES"
Service starts, however on all addresses what is wrong (should be for internal use only):
root ntpd 52931 21 udp4 *:123 *:*
root ntpd 52931 22 udp4 192.168.0.1:123 *:*
root ntpd 52931 23 udp4 10.0.0.1.1:123 *:*
root ntpd 52931 26 udp4 127.0.0.1:123 *:*
I started from simplest possible /etc/ntp.conf:
server 0.pool.ntp.org # better to use than a single server pool, temporary solution
driftfile /var/db/ntp.drift
listen on 127.0.0.1
listen on 10.0.0.1
For debugging time I decided to disable firewall. Errors occur no matter if packet filtering is enabled or not.
Issue 1: NTPD listens on wrong addresses. How to achieve listening only on selected addresses?
Issue 2: I am testing connectivity right now. Simple rdate seems to be compatible with NTP (I'm aware that by default it uses legacy time protocol). It responds when I try to connect to local NTPD (from NTPD host shell):
root@host:/home/mar # rdate -p 10.0.0.1
Sun Apr 24 17:29:49 CEST 2022
root@host:/home/mar # rdate -p 127.0.0.1
Sun Apr 24 17:29:52 CEST 2022
It doesn't respond via network.
Issue 3: Is it possible to query NTPD using TCP instead?
What am I doing wrong?
Best regards,
Marcin