Issue
ntp and multiwan
I have just converted my firewalls to ClearOS 7.x from 6.x
Was having very poor time sync with ntp. No sooner had the ntp sync been established and becoming stable, when the sync with the server would restart all over again, and again, and again. Never saw that problem with 6.x - what is going on?
A peep at the ntp log revealed all... an example
Yuck...
Since a syswatch restart tends to destroy any custom routes that existed, decided the best way was probably pop the custom host routes into /etc/clearos/firewall.d/local. Therefore any firewall or syswatch restart (which restarts the firewall) would ensure the custom routes would be added, if not already existing... Assigned one ntp server to each external interface for a test...
So far - looking good - no interface reassignments and time sync stable with no server sync restarts
Was having very poor time sync with ntp. No sooner had the ntp sync been established and becoming stable, when the sync with the server would restart all over again, and again, and again. Never saw that problem with 6.x - what is going on?
A peep at the ntp log revealed all... an example
... snipped
13 Mar 02:38:28 ntpd[2265]: 216.239.35.12 interface 192.168.0.16 -> 192.168.4.16
13 Mar 02:43:28 ntpd[2265]: 216.239.35.12 interface 192.168.4.16 -> 192.168.0.16
13 Mar 02:43:28 ntpd[2265]: 150.101.217.196 interface 192.168.0.16 -> 192.168.4.16
13 Mar 02:48:28 ntpd[2265]: 150.101.217.196 interface 192.168.4.16 -> 192.168.0.16
13 Mar 03:03:28 ntpd[2265]: 150.101.217.196 interface 192.168.0.16 -> 192.168.4.16
13 Mar 03:08:28 ntpd[2265]: 150.101.217.196 interface 192.168.4.16 -> 192.168.0.16
13 Mar 03:33:28 ntpd[2265]: 150.101.217.196 interface 192.168.0.16 -> 192.168.4.16
13 Mar 03:38:28 ntpd[2265]: 150.101.217.196 interface 192.168.4.16 -> 192.168.0.16
13 Mar 03:48:28 ntpd[2265]: 216.239.35.12 interface 192.168.0.16 -> 192.168.4.16
13 Mar 03:53:28 ntpd[2265]: 216.239.35.12 interface 192.168.4.16 -> 192.168.0.16
Yuck...
Since a syswatch restart tends to destroy any custom routes that existed, decided the best way was probably pop the custom host routes into /etc/clearos/firewall.d/local. Therefore any firewall or syswatch restart (which restarts the firewall) would ensure the custom routes would be added, if not already existing... Assigned one ntp server to each external interface for a test...
[root@emma network-scripts]# cat /etc/clearos/firewall.d/local
# This script is run after every firewall restart. Add custom rules here.
# Ensure you use $IPTABLES instead of calling iptables directly if you wish
# to avoid xtable locking problems.
route add -host 216.239.35.12 gw 192.168.0.1
route add -host 150.101.217.196 gw 192.168.4.1
So far - looking good - no interface reassignments and time sync stable with no server sync restarts
In Multiwan
Share this post:
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »