0
Linux myhost 4.1.12-103.7.1.el7uek.x86_64 #(host edited)
Red Hat Enterprise Linux Server release 7.4 (Maipo)
ntpd - NTP daemon program - Ver. 4.2.6p5
ntp-4.2.6p5-25.0.1.el7_3.2.x86_64

/etc/ntp.conf:

driftfile /var/lib/ntp/drift
restrict default nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict ::1
server someserver iburst #edited
server someserver iburst #edited
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor

ntp is running like this, so no deprecated -I interface options..:

ntp      25451  0.0  0.0  25676  4156 ?        Ss   11:27   0:00 /usr/sbin/ntpd -u ntp:ntp -g

on startup it says:

/usr/sbin/ntpd -n -dd
[...]
Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123
Listen and drop on 1 v6wildcard :: UDP 123
Listen normally on 2 lo 127.0.0.1 UDP 123
Listen normally on 6 vethr9d35e1373f fe80::70f4:4aff:fe83:7639 UDP 123    
[...]

and also it says a line like: create_interface(fe80::70f4:4aff:fe83:7639#123) for each interface.. but not for ::1

the /etc/hosts:

::1         localhost localhost.localdomain localhost6   
localhost6.localdomain6
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
172.27.30.10 hostname1 hostname2
172.27.30.10 hostname3 hostname4
172.27.30.10 hostname5 hostname6

now following straces of the ntpq calls on the faulty first and then on a working server:

strace ntpq -np |& grep -i conn
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_INET6, sin6_port=htons(123), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0
connect(3, {sa_family=AF_UNSPEC, sa_data="\0\0\0\0\0\0\0\0\0\0\0\0\0\0"}, 16) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
connect(3, {sa_family=AF_INET6, sin6_port=htons(123), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0

and ntpq -pn does NOT WORK:

ntpq -pn
::1: timed out, nothing received
***Request timed out

on a similar server, with the same /etc/hosts, and same /etc/ntp.conf and same kernel/os/ntp version it has create_interface(::1#123) - but not on my server. any pointers/things to try greatly appreciated.

strace ntpq -np |& grep -i conn
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
connect(3, {sa_family=AF_INET6, sin6_port=htons(123), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0
connect(3, {sa_family=AF_INET6, sin6_port=htons(123), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0
connect(4, {sa_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
connect(4, {sa_family=AF_INET6, sin6_port=htons(123), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0

and ntpq -pn WORKS

frisbee23
  • 75
  • 2
  • 10

1 Answers1

1

For ntp-4.2.6p5 and up try to change restrict 127.0.0.1, or restrict 127.0.0.1 mask ..., to restrict localhost.

MarcoP
  • 11
  • 2