Solved VPN Server will not start anymore because NTP does not work suddenly !

GSpock

Senior Member
Hi all,
My config looks like this: one main AX86U router (merlin 386.5_2). A secondary AX56U (merlin 386.5_2) router is connected via its WAN port to a LAN port of main router.

This second router, is turned on and off on request, and runs a VPN Server. So far so good, this has been running OK for quite some time.
Today, for whatever reason, the AX56U does not sync its date/time anymore, and the consequences is that the VPN Server cannot start.

On SSH session, the date is indeed not updated anymore. ntp process is running, as I can see by ps -w |grep ntp that giving this result:

2512 xxxadmin 3776 S /usr/sbin/ntp -t -S /sbin/ntpd_synced -p pool.ntp.org -p time.nist.gov -l -I br0

Any ideas, I am really wondering why this is happening now.
Thanks,
GS
 

Attachments

  • Capture d’écran 2022-04-13 151915.png
    Capture d’écran 2022-04-13 151915.png
    134.6 KB · Views: 47

ColinTaylor

Part of the Furniture
How long has the router been on for? I've noticed that if it can't sync immediately it can sometimes take up to 15 minutes.

I suggest you don't use pool.ntp.org as I have found that to be unreliable because of the way the router's ntp process works. Instead try using time.google.com as primary and time.windows.com as secondary.
 
Last edited:

GSpock

Senior Member
How long has the router been on for? I've noticed that if it can't sync immediately it can sometimes take up to 15 minutes.

I suggest you don't use pool.ntp.org as I have found that to be unreliable because of the way the router's ntp process works. Instead try using time.google.com as primary and time.windows.com as secondary.
Many thanks for your quick reply.
Even after 1 hour it does not sync.

I am now going to test with your suggestion with regards to pool.ntp.org .... more to come ...
 

GSpock

Senior Member
... no luck with suggested replacement of ntp.pool.org, same issue after another 30 min .... :(
 

ColinTaylor

Part of the Furniture
That's very strange. Can you SSH into the AX56U and nslookup time.google.com or ping www.google.com ? In other words, does it have internet access?
 

GSpock

Senior Member
That's very strange. Can you SSH into the AX56U and nslookup time.google.com or ping www.google.com ? In other words, does it have internet access?
Yes, I can SSH:
Code:
nslookup time.google.com
Server:    192.168.1.1
Address 1: 192.168.1.1 RT-AX86U.WORKGROUP

Name:      time.google.com
Address 1: 216.239.35.8 time3.google.com
Address 2: 216.239.35.4 time2.google.com
Address 3: 216.239.35.12 time4.google.com
Address 4: 216.239.35.0 time1.google.com
Address 5: 2001:4860:4806:c:: time4.google.com
Address 6: 2001:4860:4806:: time1.google.com
Address 7: 2001:4860:4806:8:: time3.google.com
Address 8: 2001:4860:4806:4:: time2.google.com

and
Code:
ping www.google.com
PING www.google.com (142.250.178.4): 56 data bytes
64 bytes from 142.250.178.4: seq=0 ttl=116 time=24.806 ms
64 bytes from 142.250.178.4: seq=1 ttl=116 time=24.953 ms
64 bytes from 142.250.178.4: seq=2 ttl=116 time=25.220 ms
64 bytes from 142.250.178.4: seq=3 ttl=116 time=24.884 ms
64 bytes from 142.250.178.4: seq=4 ttl=116 time=24.991 ms
64 bytes from 142.250.178.4: seq=5 ttl=116 time=25.333 ms
64 bytes from 142.250.178.4: seq=6 ttl=116 time=25.028 ms
64 bytes from 142.250.178.4: seq=7 ttl=116 time=24.822 ms
64 bytes from 142.250.178.4: seq=8 ttl=116 time=25.075 ms
^C

... I agree, this is very strange since it used to work very well so far ....
 

ColinTaylor

Part of the Furniture
Try this:
Code:
service stop_ntpd

/usr/sbin/ntp -t -S /sbin/ntpd_synced -p time.google.com -d -n -q
 

GSpock

Senior Member
Try this:
Code:
service stop_ntpd

/usr/sbin/ntp -t -S /sbin/ntpd_synced -p time.google.com -d -n -q
/jffs/scripts# service stop_ntpd

Done.
[email protected]:/jffs/scripts# /usr/sbin/ntp -t -S /sbin/ntpd_synced -p time.google.com -d -n -q
ntp: 'time.google.com' is 216.239.35.12
ntp: sending query to 216.239.35.12
Alarm clock

and then date gives ...
Sat May 5 07:22:14 CEST 2018

o_O
 

ColinTaylor

Part of the Furniture
The plot thickens. You should see something like this:
Code:
# /usr/sbin/ntp -t -S /sbin/ntpd_synced -p time.google.com -d -n -q
ntp: 'time.google.com' is 216.239.35.12
ntp: sending query to 216.239.35.12
ntp: reply from 216.239.35.12: offset:-0.002602 delay:0.102284 status:0x24 strat:1 refid:0x474f4f47 rootdelay:0.000000 reach:0x01
ntp: sending query to 216.239.35.12
ntp: reply from 216.239.35.12: offset:-0.000691 delay:0.099314 status:0x24 strat:1 refid:0x474f4f47 rootdelay:0.000000 reach:0x03

On your AX86U do you have the local NTP server enabled? Do you also have Intercept NTP client requests enabled? If so try turning that off.
 

GSpock

Senior Member
The plot thickens. You should see something like this:
Code:
# /usr/sbin/ntp -t -S /sbin/ntpd_synced -p time.google.com -d -n -q
ntp: 'time.google.com' is 216.239.35.12
ntp: sending query to 216.239.35.12
ntp: reply from 216.239.35.12: offset:-0.002602 delay:0.102284 status:0x24 strat:1 refid:0x474f4f47 rootdelay:0.000000 reach:0x01
ntp: sending query to 216.239.35.12
ntp: reply from 216.239.35.12: offset:-0.000691 delay:0.099314 status:0x24 strat:1 refid:0x474f4f47 rootdelay:0.000000 reach:0x03

On your AX86U do you have the local NTP server enabled? Do you also have Intercept NTP client requests enabled? If so try turning that off.
Yes, NTP server enabled on AX86U as well as intercept NTP client request.

After changing intercept NTP client request to No, it works OK .... I still do not get why it used to work before, but in anycase I say a big thank you to you for your time and help.

GS
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top