From owner-freebsd-stable@FreeBSD.ORG Fri Feb 29 18:44:51 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1BE01106566C for ; Fri, 29 Feb 2008 18:44:51 +0000 (UTC) (envelope-from ptkrisada@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.187]) by mx1.freebsd.org (Postfix) with ESMTP id 803828FC21 for ; Fri, 29 Feb 2008 18:44:48 +0000 (UTC) (envelope-from ptkrisada@gmail.com) Received: by rv-out-0910.google.com with SMTP id g13so3021399rvb.43 for ; Fri, 29 Feb 2008 10:44:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject:message-id:mail-followup-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; bh=r50DwtGPgPqMbPKnw1NLNaKXFjTN29lMLSZvlCQu0LM=; b=TJJBO7l5+cTlAHb+2AEbIDcX/EZvMF1iO94cpjgtmswkNgKo92Rks1rmATwonrXiePL9qS50Fs6A+L6ZuZkM+Xi1+pLfBFP+D0cudVk86zlNTNnWhdEqN4NGOHVeUR1KWMObEaREJhKsJprXoUbCmfYfmsVIO/vz9LkM5QmWg/s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:mail-followup-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=O4i0OR359+/rqQ210DV2fbgp6LQEXTSaoawq8pQRNwmixZIQ1OCm4JzMrxS/NKFe/zPHanGz+MyZ6UOH3v/H0SGWZRDr+rvTW7fMaw4M1MMM++swgUD46sR1ALv2u8k2osKuDvYqvtyLyNiCck/Dbx805gdIcVuR/dwRUgKC0W4= Received: by 10.141.96.21 with SMTP id y21mr6624246rvl.132.1204310685292; Fri, 29 Feb 2008 10:44:45 -0800 (PST) Received: from gmail.com ( [125.24.104.59]) by mx.google.com with ESMTPS id g31sm6084046rvb.7.2008.02.29.10.44.39 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 29 Feb 2008 10:44:42 -0800 (PST) Date: Sat, 1 Mar 2008 01:44:33 +0700 From: Pongthep Kulkrisada To: freebsd-stable@freebsd.org Message-ID: <20080229184433.GA917@gmail.com> Mail-Followup-To: freebsd-stable@freebsd.org References: <20080228234338.81AA11065710@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080228234338.81AA11065710@hub.freebsd.org> User-Agent: Mutt/1.4.2.2i Subject: Re: ntpd fails to synchronize on FreeBSD 6.3-STABLE X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Feb 2008 18:44:51 -0000 Firstly, thank all of you for supporting me! But please note that I shall install FreeBSD 7.0-RELEASE this weekend. So I can no longer give you more information regarding 6.3-STABLE. Secondly I'm sorry for confusing you (NAT: I mean the machine ``behind NAT.'') > > 1. FreeBSD 5.4-RELEASE(dial up) - can sync all servers > > 2. FreeBSD 6.2-RELEASE(dial up) - can sync all servers > > 3. FreeBSD 6.2-RELEASE(behind NAT) - can sync IPv6 servers > > 4. FreeBSD 6.3-STABLE (behind NAT) - not sync at all The followings are my answers to all your questions. Answers to Jeremy Chadwick... > Okay, so this really sounds like something that changed between 6.2 and > 6.3. I don't know what kind of NAT you're using; I believe FreeBSD > offers a couple different methods. > More information is required... > 1) What NAT method are you using (ipfw, ipnat, etc.) As said earlier I'm not running FreeBSD 6.3 as a router or gateway. My NAT is very simple. It is stationed at home. A ``Conexant'' router and 2 computers running Windows XP and FreeBSD 6.3-STABLE. Connection is made with CAT5e cables. > 2) What does your network topology look like (draw a diagram, referring > to each NIC/ethernet device, IPs, and so on) I'm sorry, I'm not familiar with any kinds of GUI. ISP | | dynamic IP Conexant router (firewall diabled) | 192.168.1.1 / \ / \ / \ static IP 192.168.1.10/ \ static IP 192.168.1.11 FreeBSD-6.3 Windows XP running gw6 client for IPv6 running ipfw > 3) Please post your NAT rules No NAT rules as per my configuration above. Or I misunderstood something! > 4) Have you checked /usr/src/UPDATING for relevant changes? Yes of course as said in my previous post. But nothing is relevant to ntpd from 6.2 to 6.3. > Then I'm not sure why you're using NAT on the box at all? I'm not using NAT on the box. I mean machine behind NAT, sorry. Answers to Peter Jeremy > If you are expecting to connect via IPv6 then the first issue you need > to address is why your ntpd is failing to generate any IPv6 packets. > Have you changed your rc.conf, ntpd.conf, hosts, nsswitch.conf or > resolv.conf since you upgraded? Since last mergemaster I only added ntpdate_enable and ntpdate_flags to /etc.rc.conf and removing driftfile from /etc/ntp.conf following suggestion from Jeremy Chadwick. Nothing else. % grep ntpdate /etc/rc.conf ntpdate_enable="YES" ntpdate_flags="-b time.navy.mi.th asia.pool.ntp.org ntp.nict.jp" > Do you have IP addresses or hostnames in your ntp.conf? % cat /etc/ntp.conf server time.navy.mi.th prefer server asia.pool.ntp.org server ntp.nict.jp > If you have hostnames, can you do an AAAA lookup on them and get back > the correct addresses? I don't know which option for nslookup to resolve AAAA record. I tried it, only IPv4 address is presented. So I use ping6 instead. Note that only the last one, ntp.nict.jp, has AAAA record. % ping6 -c 5 ntp.nict.jp PING6(56=40+8+8 bytes) 2001:5c0:8fff:fffe::42ad --> 2001:2f8:29:100::fff3 16 bytes from 2001:2f8:29:100::fff3, icmp_seq=0 hlim=30 time=552.329 ms 16 bytes from 2001:2f8:29:100::fff3, icmp_seq=1 hlim=31 time=549.556 ms 16 bytes from 2001:2f8:29:100::fff3, icmp_seq=2 hlim=31 time=593.890 ms 16 bytes from 2001:2f8:29:100::fff3, icmp_seq=3 hlim=30 time=616.043 ms 16 bytes from 2001:2f8:29:100::fff3, icmp_seq=4 hlim=31 time=610.353 ms --- ntp.nict.jp ping6 statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 549.556/584.434/616.043/28.311 ms > If you built your own world, are you sure a NOINET6 hasn't snuck in > somewhere? I'm not quite sure, I just simply follow the procedure in handbook as per my previous post. But I CAN ping6 any IPv6 hosts. Therefore I don't think so. Answers to Clifton Royston > What the first 3 items in your list suggest, totally independent of > any questions involving 6.3 vs. 6.2, is that you don't have a NAT/LAN > configuration which works correctly with NTP on IPv4. Yes you are right. > Do any other UDP services work with NAT on IPv4, under either 6.2, > 6.3, or 5.4? Yes I ran many UDP clients/servers. Mostly I coded C on my own. All work without any problems. > If you want to confirm this is the problem, try running 6.3-STABLE on > the same dialup connection that worked for 5.4 and 6.2. My prediction > is that NTP will work via your dialup connection. Yes ntp works with both IPv4 and IPv6 on dial up. root@bsdhost:~# ntpdc -c peers remote local st poll reach delay offset disp ======================================================================= *122.154.11.67 118.174.95.234 1 128 7 0.17996 -14.62198 1.93799 =www.hypercore.c 118.174.95.234 3 128 7 0.31084 -14.61814 1.93852 =ntp-b2.nict.go. :: 1 128 7 0.37003 -14.67507 1.93871 > If that is case, your problem is that your NAT implementation is > broken or incomplete, or your NAT configuration also incorporates a > firewall blocking NTP. (Note also that if you connect through dial-up, > naturally you're not going through any firewall present on the LAN, so > a firewall could well be the problem.) Probably, but there is still divergence between 6.2-RELEASE and 6.3-STABLE. Thanks, Pongthep