Hi,
I have an IPv6 only host arrowhead.ip6.centroid.eu, that has very noisy:
Oct 29 09:12:48 arrowhead ntpd[18744]: DNS lookup tempfail
Oct 29 09:21:45 arrowhead last message repeated 2 times
in fact:
arrowhead# grep 'DNS lookup tempfail' /var/log/daemon | wc -l
1354
This is because the pool.ntp.org servers as configured don't give back AAAA
answers. I'm trying to streamline this a little and only ask for AAAA queries
if there is no v4 connectivity. With change of the 'stdio dns' pledge to
'stdio inet dns' this is possible, when using another constraint from google.
There is no network traffic, just a route lookup if IPv4 is possible at all.
Here is my patch, under my sig.
-peter
Index: config.c
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/config.c,v
retrieving revision 1.32
diff -u -p -u -r1.32 config.c
--- config.c 7 Jul 2019 07:14:57 -0000 1.32
+++ config.c 6 Nov 2019 07:36:07 -0000
@@ -30,8 +30,9 @@
#include "ntpd.h"
-struct ntp_addr *host_ip(const char *);
-int host_dns1(const char *, struct ntp_addr **, int);
+struct ntp_addr *host_ip(const char *);
+int host_dns1(const char *, struct ntp_addr **, int);
+static int test_v4_gw(void);
static u_int32_t maxid = 0;
static u_int32_t constraint_maxid = 0;
@@ -59,7 +60,7 @@ host_ip(const char *s)
struct ntp_addr *h = NULL;
memset(&hints, 0, sizeof(hints));
- hints.ai_family = AF_UNSPEC;
+ hints.ai_family = (test_v4_gw() == 0) ? AF_UNSPEC : AF_INET6;
hints.ai_socktype = SOCK_DGRAM; /*dummy*/
hints.ai_flags = AI_NUMERICHOST;
if (getaddrinfo(s, "0", &hints, &res) == 0) {
@@ -94,7 +95,7 @@ host_dns1(const char *s, struct ntp_addr
struct ntp_addr *h, *hh = NULL;
memset(&hints, 0, sizeof(hints));
- hints.ai_family = AF_UNSPEC;
+ hints.ai_family = (test_v4_gw() == 0) ? AF_UNSPEC : AF_INET6;
hints.ai_socktype = SOCK_DGRAM; /* DUMMY */
hints.ai_flags = AI_ADDRCONFIG;
error = getaddrinfo(s, NULL, &hints, &res0);
@@ -181,3 +182,28 @@ new_constraint(void)
return (p);
}
+static int
+test_v4_gw(void)
+{
+ struct sockaddr_in sin;
+ socklen_t st = sizeof(struct sockaddr_in);
+ int so;
+
+ so = socket(AF_INET, SOCK_DGRAM, 0);
+ if (so < 0) {
+ return 0;
+ }
+
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+ sin.sin_addr.s_addr = inet_addr(CONN_CONSTRAINT);
+ sin.sin_port = htons(53);
+
+ if (connect(so, (struct sockaddr *)&sin, st) < 0) {
+ close(so);
+ return 0;
+ }
+
+ close(so);
+ return 1;
+}
Index: ntp_dns.c
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/ntp_dns.c,v
retrieving revision 1.24
diff -u -p -u -r1.24 ntp_dns.c
--- ntp_dns.c 27 Jun 2019 15:18:42 -0000 1.24
+++ ntp_dns.c 6 Nov 2019 07:36:07 -0000
@@ -98,7 +98,7 @@ ntp_dns(struct ntpd_conf *nconf, struct
fatal(NULL);
imsg_init(ibuf_dns, PARENT_SOCK_FILENO);
- if (pledge("stdio dns", NULL) == -1)
+ if (pledge("stdio inet dns", NULL) == -1)
err(1, "pledge");
probe_root();
@@ -170,7 +170,7 @@ dns_dispatch_imsg(struct ntpd_conf *ncon
strlen(name) != len)
fatalx("invalid %s received", str);
if ((cnt = host_dns(name, nconf->status.synced,
- &hn)) == -1)
+ &hn)) <= 0)
break;
buf = imsg_create(ibuf_dns, imsg.hdr.type,
imsg.hdr.peerid, 0,
Index: ntpd.h
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/ntpd.h,v
retrieving revision 1.146
diff -u -p -u -r1.146 ntpd.h
--- ntpd.h 16 Jul 2019 14:15:40 -0000 1.146
+++ ntpd.h 6 Nov 2019 07:36:07 -0000
@@ -40,6 +40,7 @@
#define CONFFILE "/etc/ntpd.conf"
#define DRIFTFILE "/var/db/ntpd.drift"
#define CTLSOCKET "/var/run/ntpd.sock"
+#define CONN_CONSTRAINT "8.8.8.8" /* to test connectivity */
#define INTERVAL_QUERY_NORMAL 30 /* sync to peers every
n secs */
#define INTERVAL_QUERY_PATHETIC 60
