- Minor
rc.ntpd contains the following lines:
# restrict NTP to management interface only ETH=eth0 [[ -e /sys/class/net/bond0 ]] && ETH=bond0 [[ -e /sys/class/net/br0 ]] && ETH=br0 echo "interface ignore wildcard" >>/etc/ntp.conf echo "interface listen $ETH" >>/etc/ntp.conf
When a Wireguard tunnel interface is configured all traffic, including ntp traffic, is sent over wg0. This causes ntp to fail to hear responses from any external ntp servers. The symptom is that ntpq -p shows external ntp servers in the .INIT. state and server time may gradually drift out-of-sync depending on the accuracy of the local clock. E.g.
:~# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
LOCAL(0) .LOCL. 10 l 6 64 1 0.000 +0.000 0.000
pscolka.of.pl .INIT. 16 u - 64 0 0.000 +0.000 0.000
laika.paina.net .INIT. 16 u - 64 0 0.000 +0.000 0.000
138.68.201.49 ( .INIT. 16 u - 64 0 0.000 +0.000 0.000
198.255.68.106 .INIT. 16 u - 64 0 0.000 +0.000 0.000
Adding the following line to rc.ntpd after ETH=br0 resolved the issue for me:
[[ -e /sys/class/net/wg0 ]] && ETH=wg0