rc.ntpd contains the following lines:
# restrict NTP to management interface only ETH=eth0 [[ -e /sys/class/net/bond0 ]] && ETH=bond0 [[ -e /sys/class/net/br0 ]] && ETH=br0 echo "interface ignore wildcard" >>/etc/ntp.conf echo "interface listen $ETH" >>/etc/ntp.conf
When a Wireguard tunnel interface is configured all traffic, including ntp traffic, is sent over wg0. This causes ntp to fail to hear responses from any external ntp servers. The symptom is that ntpq -p shows external ntp servers in the .INIT. state and server time may gradually drift out-of-sync depending on the accuracy of the local clock. E.g.
:~# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== LOCAL(0) .LOCL. 10 l 6 64 1 0.000 +0.000 0.000 pscolka.of.pl .INIT. 16 u - 64 0 0.000 +0.000 0.000 laika.paina.net .INIT. 16 u - 64 0 0.000 +0.000 0.000 138.68.201.49 ( .INIT. 16 u - 64 0 0.000 +0.000 0.000 198.255.68.106 .INIT. 16 u - 64 0 0.000 +0.000 0.000
Adding the following line to rc.ntpd after ETH=br0 resolved the issue for me:
[[ -e /sys/class/net/wg0 ]] && ETH=wg0
Recommended Comments
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.