[pkg-ntp-maintainers] Bug#683061: Bug#683061: ntp: diff for NMU version 1:4.2.6.p5+dfsg-2.1

Helmut Grohne helmut at subdivi.de
Wed Aug 29 08:11:00 UTC 2012 

Control: tags 683061 + moreinfo

Hi Kurt,

On Tue, Aug 28, 2012 at 06:37:41PM +0200, Kurt Roeckx wrote:
> I'm using bind9 with resolvconf on my laptop without issues. so I
> don't think it's related to resolvconf.

There is one noticeable difference between bind9 and unbound. The
alphabetical ordering with respect to "ntp". So by default bind9, ntp
and unbound are on the same "number" with respect to insserv. As such
the order of invocation relies on the names. Maybe you could try moving
bind9 artificially late to verify this?

> You should be able to find which dhcp server you got somewhere in
> /var/lib/dhcp/.  Placing that in resolv.conf manually and
> restarting ntp should then have the same effect.

I cannot reproduce the same effect this way. I.e. ntp just works fine in
this setup.

> But I'm not conviced this is caused by an external nameserver.

You seem right about this.

> Your iptables rule only blocked udp over localhost.  Or this
> wasn't during the boot process?

The idea was to simulate an unreachable name server. Since my
resolv.conf only contains 127.0.0.1, that essentially means that all DNS
traffic originating from ntp is dropped. So to answer your second
question: No, I did not reboot the machine yet.

> > So arguably this issue stems from different assumptions on
> > /etc/resolv.conf (by resolvconf and ntp). You could say that resolvconf
> > is broken by design. I am not sure on how to proceed here.
> [...]
> > As far as I can see you need:
> > 
> > 1) A name server that is started after ntp.
> > 2) resolvconf
> > 3) Maybe also a broken upstream name server.
> 
> I don't really agree to that.  What I see is that there is a time
> window where _something_ is broken, and by changing the
> Required-Start you move that time window around and it's not
> causing problems for you (and ntp) anymore.

By now we discovered that said time window is dependent on the order of
starting ntp and your name server.

> I still want to find the root cause of this.

Thanks for bearing with me.

> The biggest difference I see between your setup and mine
> is that I use bind9 and you use unbound.  So my first
> reaction is to blame unbound here.
> 
> Would it be possible to log the dns traffic over
> localhost during boot?

With careful planning this should be possible. I will probably not
manage to do it this week. Thus I tag this bug moreinfo and add it to my
machine's TODO list.

I also suggest to remove Gregor Herrmann and Ivo De Decker from CC,
since they are probably only interested in RC bugs. Unless I hear
complaints from one of them I will drop them in my next mail.

Helmut

More information about the pkg-ntp-maintainers mailing list