# freebsd 13-rc3 ntpd dying



## larlap (Mar 27, 2021)

Installed 
	
	



```
FreeBSD bsd 13.0-RC3 FreeBSD 13.0-RC3
```

I wanted to force ntpd to sync, but the ntpd daemon was not running. `service ntpd start ; ntpq -c peer` returned


```
remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 0.freebsd.pool. .POOL.          16 p    -   64    0    0.000   +0.000   0.000
```

If I type `service ntpd status ; ntpq -c peer` 10 seconds later, it returns

```
ntpd is not running.
ntpq: read: Connection refused
```

`service ntpd status` returns 
	
	



```
ntpd is not running.
```

/etc/rc.conf contains the line 
	
	



```
ntpd_enable="YES"
```

What am I missing?


----------



## rootbert (Mar 27, 2021)

is there something in the logs ... e.g. like "kernel: pid XXX (ntpd), jid 0, uid 123: exited on signal 11"


----------



## _martin (Mar 28, 2021)

It seems like you don't have any ntp servers. You can always define custom pool and/or servers in /etc/ntp.conf. You can adjust time manually also by `ntpdate -u pool.ntp.org`. Preferably you choose something closer to your geographic location.
Try grepping ntp messages from syslog to see the reason why ntp is not running.


----------



## gpw928 (Mar 28, 2021)

Make sure that your Internet and and name services are running:
	
	



```
# This will test the Internet
$ dig @8.8.8.8 0.freebsd.pool.ntp.org
# This will test your configured name server
$ cat /etc/resolv.conf # note the IP address of the "nameserver"
$ dig @<nameserver> 0.freebsd.pool.ntp.org # substitute for <nameserver> the IP address of the "nameserver noted above"
```
Both dig commands should identify multiple A records for the pool, e.g.
	
	



```
;; ANSWER SECTION:
0.freebsd.pool.ntp.org.    150    IN    A    129.250.35.251
0.freebsd.pool.ntp.org.    150    IN    A    162.159.200.1
0.freebsd.pool.ntp.org.    150    IN    A    220.158.215.21
0.freebsd.pool.ntp.org.    150    IN    A    103.76.40.123
```
The specific IP addresses in the "ANSWER" response will vary from one inquiry to the next.
For additional assistance, post the contents /etc/resolv.conf, and /etc/ntp.conf


----------



## Kiiski (Mar 28, 2021)

gpw928 said:


> Make sure that your Internet and and name services are running:
> 
> 
> 
> ...


Just a side note most probably already know.
You could also use `drill` that is part of base system.
`drill freebsd.pool.ntp.org` will use nameserver in /etc/resolv.conf


----------



## larlap (Mar 28, 2021)

A search for ntpd in /var/log/messages contained no kernel or exit strings. The only references to ntpd are

`root@bsd:/var/log # grep ntp messages`

```
Mar 27 15:16:47 bsd ntpd[983]: ntpd 4.2.8p15-a (1): Starting
Mar 27 15:16:47 bsd kernel: Security policy loaded: MAC/ntpd (mac_ntpd)
Mar 27 15:16:47 bsd ntpd[983]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
Mar 27 15:16:47 bsd ntpd[983]: ----------------------------------------------------
Mar 27 15:16:47 bsd ntpd[983]: ntp-4 is maintained by Network Time Foundation,
Mar 27 15:16:47 bsd ntpd[983]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 27 15:16:47 bsd ntpd[983]: corporation.  Support and training for ntp-4 are
Mar 27 15:16:47 bsd ntpd[983]: available at https://www.nwtime.org/support
Mar 27 15:16:47 bsd ntpd[983]: ----------------------------------------------------
Mar 27 15:16:47 bsd ntpd[984]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
Mar 27 15:16:47 bsd ntpd[984]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
Mar 27 15:29:56 bsd ntpd[1163]: ntpd 4.2.8p15-a (1): Starting
Mar 27 15:29:56 bsd ntpd[1163]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
Mar 27 15:29:56 bsd ntpd[1163]: ----------------------------------------------------
Mar 27 15:29:56 bsd ntpd[1163]: ntp-4 is maintained by Network Time Foundation,
Mar 27 15:29:56 bsd ntpd[1163]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 27 15:29:56 bsd ntpd[1163]: corporation.  Support and training for ntp-4 are
Mar 27 15:29:56 bsd ntpd[1163]: available at https://www.nwtime.org/support
Mar 27 15:29:56 bsd ntpd[1163]: ----------------------------------------------------
Mar 27 15:29:56 bsd ntpd[1164]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
Mar 27 15:29:56 bsd ntpd[1164]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
Mar 27 15:30:54 bsd ntpd[1204]: ntpd 4.2.8p15-a (1): Starting
Mar 27 15:30:54 bsd ntpd[1204]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
Mar 27 15:30:54 bsd ntpd[1204]: ----------------------------------------------------
Mar 27 15:30:54 bsd ntpd[1204]: ntp-4 is maintained by Network Time Foundation,
Mar 27 15:30:54 bsd ntpd[1204]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 27 15:30:54 bsd ntpd[1204]: corporation.  Support and training for ntp-4 are
Mar 27 15:30:54 bsd ntpd[1204]: available at https://www.nwtime.org/support
Mar 27 15:30:54 bsd ntpd[1204]: ----------------------------------------------------
Mar 27 15:30:54 bsd ntpd[1205]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
Mar 27 15:30:54 bsd ntpd[1205]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
Mar 27 16:37:24 bsd ntpd[1351]: ntpd 4.2.8p15-a (1): Starting
Mar 27 16:37:24 bsd ntpd[1351]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
Mar 27 16:37:24 bsd ntpd[1351]: ----------------------------------------------------
Mar 27 16:37:24 bsd ntpd[1351]: ntp-4 is maintained by Network Time Foundation,
Mar 27 16:37:24 bsd ntpd[1351]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 27 16:37:24 bsd ntpd[1351]: corporation.  Support and training for ntp-4 are
Mar 27 16:37:24 bsd ntpd[1351]: available at https://www.nwtime.org/support
Mar 27 16:37:24 bsd ntpd[1351]: ----------------------------------------------------
Mar 27 16:37:24 bsd ntpd[1352]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
Mar 27 16:37:24 bsd ntpd[1352]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
Mar 27 16:40:34 bsd ntpd[1391]: ntpd 4.2.8p15-a (1): Starting
Mar 27 16:40:34 bsd ntpd[1391]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
Mar 27 16:40:34 bsd ntpd[1391]: ----------------------------------------------------
Mar 27 16:40:34 bsd ntpd[1391]: ntp-4 is maintained by Network Time Foundation,
Mar 27 16:40:34 bsd ntpd[1391]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 27 16:40:34 bsd ntpd[1391]: corporation.  Support and training for ntp-4 are
Mar 27 16:40:34 bsd ntpd[1391]: available at https://www.nwtime.org/support
Mar 27 16:40:34 bsd ntpd[1391]: ----------------------------------------------------
Mar 27 16:40:34 bsd ntpd[1392]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
Mar 27 16:40:34 bsd ntpd[1392]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
Mar 28 12:30:51 bsd ntpd[985]: ntpd 4.2.8p15-a (1): Starting
Mar 28 12:30:51 bsd kernel: Security policy loaded: MAC/ntpd (mac_ntpd)
Mar 28 12:30:51 bsd ntpd[985]: Command line: /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
Mar 28 12:30:51 bsd ntpd[985]: ----------------------------------------------------
Mar 28 12:30:51 bsd ntpd[985]: ntp-4 is maintained by Network Time Foundation,
Mar 28 12:30:51 bsd ntpd[985]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 28 12:30:51 bsd ntpd[985]: corporation.  Support and training for ntp-4 are
Mar 28 12:30:51 bsd ntpd[985]: available at https://www.nwtime.org/support
Mar 28 12:30:51 bsd ntpd[985]: ----------------------------------------------------
Mar 28 12:30:51 bsd ntpd[986]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
Mar 28 12:30:51 bsd ntpd[986]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
```

The command `ntpdate -u pool.ntp.org` adjusted the date correctly

`root@bsd:/var/log # drill 8.8.4.4 0.freebsd.pool.ntp.org`

```
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 12096
;; flags: qr rd ra ; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 0.freebsd.pool.ntp.org.    IN    A

;; ANSWER SECTION:
0.freebsd.pool.ntp.org.    149    IN    A    122.252.188.99
0.freebsd.pool.ntp.org.    149    IN    A    62.236.120.71
0.freebsd.pool.ntp.org.    149    IN    A    85.21.78.8
0.freebsd.pool.ntp.org.    149    IN    A    51.75.67.47

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 211 msec
;; SERVER: 8.8.4.4
;; WHEN: Sun Mar 28 05:52:54 2021
;; MSG SIZE  rcvd: 104
```

/etc/ntp.conf contains the line 
	
	



```
pool 0.freebsd.pool.ntp.org iburst
```


----------



## larlap (Mar 28, 2021)

It's working now, magically. I added a single config command to start the sync at system start.

`# ntpd -gq`


```
28 Mar 07:08:39 ntpd[1242]: ntpd 4.2.8p15-a (1): Starting
28 Mar 07:08:39 ntpd[1242]: Command line: ntpd -gq
28 Mar 07:08:39 ntpd[1242]: ----------------------------------------------------
28 Mar 07:08:39 ntpd[1242]: ntp-4 is maintained by Network Time Foundation,
28 Mar 07:08:39 ntpd[1242]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
28 Mar 07:08:39 ntpd[1242]: corporation.  Support and training for ntp-4 are
28 Mar 07:08:39 ntpd[1242]: available at https://www.nwtime.org/support
28 Mar 07:08:39 ntpd[1242]: ----------------------------------------------------
28 Mar 07:08:39 ntpd[1242]: proto: precision = 0.059 usec (-24)
28 Mar 07:08:39 ntpd[1242]: basedate set to 2018-08-07
28 Mar 07:08:39 ntpd[1242]: gps base set to 2018-08-12 (week 2014)
28 Mar 07:08:39 ntpd[1242]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
28 Mar 07:08:39 ntpd[1242]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2021-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
28 Mar 07:08:39 ntpd[1242]: Listen and drop on 0 v6wildcard [::]:123
28 Mar 07:08:39 ntpd[1242]: Listen and drop on 1 v4wildcard 0.0.0.0:123
28 Mar 07:08:39 ntpd[1242]: Listen normally on 2 igb0 192.168.10.19:123
28 Mar 07:08:39 ntpd[1242]: Listen normally on 3 lo0 [::1]:123
28 Mar 07:08:39 ntpd[1242]: Listen normally on 4 lo0 [fe80::1%3]:123
28 Mar 07:08:39 ntpd[1242]: Listen normally on 5 lo0 127.0.0.1:123
28 Mar 07:08:39 ntpd[1242]: Listening on routing socket on fd #26 for interface updates
28 Mar 07:08:40 ntpd[1242]: Soliciting pool server 72.30.35.89
28 Mar 07:08:41 ntpd[1242]: Soliciting pool server 74.6.168.72
28 Mar 07:08:42 ntpd[1242]: Soliciting pool server 64.225.34.103
28 Mar 07:08:43 ntpd[1242]: Soliciting pool server 172.98.193.44
28 Mar 07:08:50 ntpd[1242]: ntpd: time slew +0.038603 s
ntpd: time slew +0.038603s
```

`# service ntpd status`

```
ntpd is not running.
```

`# sysrc ntpd_enable="YES"`

```
ntpd_enable: YES -> YES
```

`# sysrc ntpd_sync_on_start="YES"`

```
ntpd_sync_on_start: NO -> YES
```

`# service ntpd start`

```
Starting ntpd.
```

`# service ntpd status`

```
ntpd is running as pid 1342.
```

It's been running for a few hours, and also after a reboot, so all is well, but I'm confused.


----------



## gpw928 (Mar 28, 2021)

Nothing is obviously wrong.  The absence of anything in the logs is worrying.
If you run these commands, as root, `ntpd` should start:
	
	



```
date
service ntpd stop
ntpdate 216.239.35.0
service ntpd start
ntpq -pn
sleep 64
ntpq -pn
date
```
If it runs after this, then add to /etc/rc.conf

```
ntpd_sync_on_start="YES"
```
If it's not running then maybe we have something esoteric in RC3.  Random thoughts:

Check the ntpd UID/GID is 123/123.
Poke around mac_ntpd(4).


----------



## _martin (Mar 28, 2021)

Start the ntpd and verify with `ps ax|grep ntp` that it's running right away and do the `ntpq -p`. What does the output say?
Also try to remove the default pool from the /etc/ntp.conf and try some ntp server.

I don't see anything obviously wrong with the setup. My initial thought was your server is not able to reach any ntp servers in pool and gives up.


----------



## larlap (Mar 29, 2021)

Thanks, gpw928, but it was working from my last post.

`% ntpq -p`

```
remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 0.freebsd.pool. .POOL.          16 p    -   64    0    0.000   +0.000   0.000
#4.53.160.75 (ns 75.76.123.222    3 u    3   64    3   66.177   +0.899   1.426
#ntp2.unix-solut 244.220.219.218  2 u   25   64    7  153.483   -0.961 183.197
#ntp.ihost.md    216.239.35.12    2 u   28   64    7  196.392   -4.027   1.236
#ntp02.lagoon.nc 8.145.32.135     2 u   30   64    7  186.763   +6.280   3.816
-li1210-167.memb 127.67.113.92    2 u   29   64    7   25.810   -0.263  21.565
+four10.gac.edu  169.117.81.12    2 u   30   64    7   67.949   +1.858   1.427
+time.cloudflare 10.12.2.186      3 u   31   64    7   17.000   +1.227   3.773
+time.lshiy.com  35.73.197.144    2 u   28   64    7   26.601   +0.268   2.139
*85.199.214.98   .GPS.            1 u   31   64    7  152.179   -0.101   3.557
#43.252.70.34 (u 37.15.221.189    2 u   31   64    7  142.010  +13.320   3.524
#cloud.zazezi.ne .DCFa.           1 u   25   64    7  184.585   +0.625   4.617
-ntpool0.603.new 132.163.97.1     2 u   28   64    7   65.687   -2.977   2.560
```


----------



## _martin (Mar 29, 2021)

Ok, so you got handful of usable servers. Is your ntpd still running or did it quit already ? It's a long shot but try to remove the drift file if it exists (it will get created in a day or so automatically).


----------



## larlap (Mar 29, 2021)

No, _martin, it's working perfectly and has been for a couple of days, across multiple boots. It hasn't quit since I typed `sysrc ntpd_sync_on_start="YES"`, apparently.


----------



## _martin (Mar 29, 2021)

Ok then.  Maybe your time was too much off and ntp quit.  But that's just my guess.


----------



## mickey (Mar 29, 2021)

_martin said:


> Ok then.  Maybe your time was too much off and ntp quit.  But that's just my guess.


Although the wording is quite misleading, that's exactly what _ntpd_sync_on_start_ prevents:

```
# Set command_args based on the various config vars.
        command_args="-p ${pidfile} -c ${ntpd_config} ${driftopt}"
        if checkyesno ntpd_sync_on_start; then
                command_args="${command_args} -g"
        fi
```
It adds the -g flag to the command's arguments, which according to ntpd(8) does the following:

```
-g, --panicgate
             Allow the first adjustment to be Big.  This option may appear an
             unlimited number of times.

             Normally, ntpd exits with a message to the system log if the
             offset exceeds the panic threshold, which is 1000 s by default.
             This option allows the time to be set to any value without
             restriction; however, this can happen only once. If the threshold
             is exceeded after that, ntpd will exit with a message to the
             system log. This option can be used with the -q and -x options.
             See the tinker configuration file directive for other options.
```
It is still strange that apparently there was no such message in the logs.


----------



## gpw928 (Mar 29, 2021)

If this is a virtual machine, then adding "tinker panic 0" to /etc/ntp.conf may help recovery if the machine hibernates for any reason.


----------

