Re: Using NTP

To: tgruhn2%gmail.com@localhost
Subject: Re: Using NTP
From: Havard Eidnes <he%NetBSD.org@localhost>
Date: Sat, 23 Nov 2024 10:55:35 +0100 (CET)

> From /var/run/rc.log:
>
> [running /etc/rc.d/ntpdate]
> Setting date via ntp.
> Exiting, name server cannot be used: Temporary failure in name
> resolution (2)/etc/rc.d/ntpdate exited with code 1
> 
> From /etc/rc.conf:
> 
> ntpd=YES             ## 'ntp' == Network TIME Protocal
> ntpdate=YES      ntpdate_hosts="2.netbsd.pool.ntp.org"
>
> What is wrong with these lines in rc.conf ??

They create a circular dependency.

DNS name resolution these days in many cases rely on DNSSEC.
xDNSSEC depends on a semi-accurate local clock on your DNS
recursive server, and if that is "yourself", something you don't
have if your battery cell for your real-time clock chip is toast.
If you don't have semi-accurate time already, you will get DNS
name lookup errors (SERVFAIL, typically), and ntpdate ends up not
being able to set the clock to fix the underlying issue for the
DNS lookups.

In many cases I use IP addresses in ntp.conf but obviously you
can just supply a list of IP addresses in ntpdata_hosts as well
if you prefer to break the circular dependency.

Regards,

- Håvard

Follow-Ups:
- Re: Using NTP
  - From: Steve Rikli

References:
- Using NTP
  - From: Todd Gruhn

Prev by Date: Re: Postfix and local mail redirection
Next by Date: Re: Postfix and local mail redirection
Previous by Thread: Re: Using NTP
Next by Thread: Re: Using NTP
Indexes:

Home | Main Index | Thread Index | Old Index