System Administration & Network Administration
ipv6 ntp
Updated Fri, 15 Jul 2022 08:35:48 GMT

NTP and NTPDATE over IPv6 Does Not Work


I have been working with setting up an NTP server for testing IPv6 syncing. I am unable to find any help with getting the configuration to work.

If ntp 4.2.6 and ntpdate 4.2.6 say they support IPv6, why is there no documentation explaining what needs to be done to get it working.

My config:

fe80:1000:2000:3000::1/64. = NTP server

NTP servers interface:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:92:18:07 brd ff:ff:ff:ff:ff:ff
inet 10.30.15.1/16 brd 10.30.255.255 scope global noprefixroute eth0
   valid_lft forever preferred_lft forever
inet6 fe80:1000:2000:3000::1/64 scope link noprefixroute
   valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe92:1807/64 scope link noprefixroute
   valid_lft forever preferred_lft forever

ntp.conf without comments =

  driftfile /var/lib/ntp/drift
  restrict default nomodify notrap nopeer noquery
  restrict -6 default nomodify notrap nopeer noquery
  restrict 127.0.0.1
  restrict ::1
  server 0.centos.pool.ntp.org iburst
  server 1.centos.pool.ntp.org iburst
  server 2.centos.pool.ntp.org iburst
  server 3.centos.pool.ntp.org iburst
  includefile /etc/ntp/crypto/pw
  keys /etc/ntp/keys
  disable monitor

fe80:1000:2000:3000::2 = Client ntp.conf without comments =

driftfile /var/lib/ntp/drift
restrict 127.0.0.1
restrict ::1
server -6 fe80:1000:2000:3000::1
server -6 DNS-NTP.example.com
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor

I know we can resolve the IP -> Hostname and Hostname -> IP

[root@ClientIPv6 ~]# nslookup -query=aaaa = DNS-NTP.example.com
Server:     fe80:1000:2000:3000::1
Address:    fe80:1000:2000:3000::1#53
DNS-NTP.example.com has AAAA address fe80:1000:2000:3000::1
[root@ClientIPv6 ~]# nslookup -query=aaaa fe80:1000:2000:3000::1
Server:     fe80:1000:2000:3000::1
Address:    fe80:1000:2000:3000::1#53
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.2.0.0.0.1.0.8.e.f.ip6.arpa    name = DNS-NTP.example.com.

ntpdate and ntpq -pn dont show time being synced.

[root@ClientIPv6 ~]# ntpdate -6 -q DNS-NTP.example.com
Error resolving DNS-NTP.example.com: Name or service not known (-2)
31 Jan 13:23:14 ntpdate[25967]: Can't find host DNS-NTP.example.com: Name or service not known (-2)
31 Jan 13:23:14 ntpdate[25967]: no servers can be used, exiting
[root@ClientIPv6 ~]# ntpdate -6 -q fe80:1000:2000:3000::1
31 Jan 13:23:23 ntpdate[25971]: no servers can be used, exiting

This shows the IPv4 address working but the IPv6 does not. (10.30.15.1 is the DNS-NTP.example.com address on the same interface as the IPv6 one...)

[root@ClientIPv6 ~]# ntpq -pn
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 10.30.15.1      200.160.0.8      3 u    -   64    1    0.122  -42.146   0.000
 fe80:1000:2000: .INIT.          16 -    -   64    0    0.000    0.000   0.000

There is no firewall on either server to stop the traffic.

My guess is there is some special way to config ntp.conf but i cant find it online at all.

Can someone please help? Let me know if there is any other info that will help.




Solution

For those of you following along, i needed to change the address as pointed out by Ron Maupin.

I changed all the IPs to be in the fddb:abe7:8164:14eb::/64 space and all is working with the above config.