Ubuntu
ntp package

trying to bind on all interfaces is a good default, but fails on ipv6 link local

Bug #1737998 reported by Christian Ehrhardt  on 2017-12-13

14

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	ntp (Ubuntu)	Expired	Undecided	Unassigned

Bug Description

The default is "grab all" which is great for convenience and can be configured to be differently by argument -I (interface) or interface commands in the config.

Currently it is "too" open on that.
I see it trying to bing link local addresses for each of the KVM guests I spawn.
They get virtual network devices and due to that ntp sees it tries to bind and fails.

   Dez 13 11:35:41 seidel ntpd[35826]: bind(31) AF_INET6 fe80::fc54:ff:fec3:3eb0%47#123 flags 0x11 failed: Cannot assign requested address
   Dez 13 11:35:41 seidel ntpd[35826]: unable to create socket on vnet0 (27) for fe80::fc54:ff:fec3:3eb0%47#123
   Dez 13 11:35:41 seidel ntpd[35826]: failed to init interface for address fe80::fc54:ff:fec3:3eb0%47

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2017-12-13:

#1

This looks promising https://www.eecis.udel.edu/~mills/ntp/html/miscopt.html#interface

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2017-12-13:

#2

Reading more into [1] and [2] I'm not 100% if ntp just has an issue or if in general we should mask this interface type like:

interface ignore fe80::/64

[1]: https://www.eecis.udel.edu/~mills/ntp/html/miscopt.html#interface
[2]: https://www.cisco.com/c/en/us/support/docs/ip/ip-version-6-ipv6/113328-ipv6-lla.html

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2017-12-13:

#3

Ok I debugged more and it seems that the situation where i was unable to bind is the special one.
I usually got this now:
Dec 13 15:24:31 bionic-test-kvm ntpd[6142]: Listen normally on 8 vnet0 [fe80::fc54:ff:fe46:80ed%10]:123
Dec 13 15:24:31 bionic-test-kvm ntpd[6142]: new interface(s) found: waking up resolver

If that is the usual case I'm fine and close this bug for now.
Please note that 1727202 needs to be fixed to actually see the message.

Changed in ntp (Ubuntu):
status:	New → Incomplete

Revision history for this message

Simon Déziel (sdeziel) wrote on 2017-12-13:

#4

On a hypervisor, binding on link local IPs is undesirable IMHO and that's why I always added a similar ignore to the one you proposed. That said, NTP works well over link local addresses so some folks are probably using it.

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2017-12-13:

#5

Thanks a lot Simon for your thoughts - this is exactly what I was looking for.

"On a hypervisor, binding on link local IPs is undesirable IMHO"
Thats what I thought as well

But - if there is valid use of link locals in general - as I was unsure of and you as well suggest there might be folks doing that; then we do not want to ignore them by default.
TL;DR we better have it working for all and have those "undesired" disabling it instead of not working by default in some environments.

If more people chime in we can make an overall summary and either reopen or keep as is.
For now this stays incomplete.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-02-12:

#6

[Expired for ntp (Ubuntu) because there has been no activity for 60 days.]

Changed in ntp (Ubuntu):
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.