NTPD on bond0:0 - NTP

This is a discussion on NTPD on bond0:0 - NTP ; We have recently setup our first Redhat NTP server with a bonded interface. We run NTPD on these servers on a virtual IP that used to show up as eth0:0. When it was eth0:0 the -L in the /etc/sysconfig/ntpd worked ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: NTPD on bond0:0

  1. NTPD on bond0:0

    We have recently setup our first Redhat NTP server with a bonded
    interface. We run NTPD on these servers on a virtual IP that used to
    show up as eth0:0. When it was eth0:0 the -L in the /etc/sysconfig/ntpd
    worked well and NTP would service clients on the virtual IP. Now on the
    bond0:0 the syslog does not show a listening on message for bond0:0 and a
    netstat does not show the port on the virtual IP. So of course it does
    not service clients on that interface.

    We are running version 4.2.2@1.1532-o. I have checked the change
    log of the newer versions and don't see any mention of a fix on the newer
    versions and google'ing bond0:0 and ntpd returns very little useful
    information. Does anybody else have this setup on a bond0:0 interface?


    David A. Evans
    Enterprise IP/DNS Management
    Network Infrastructure Tools and Services
    Evans_David_A@cat.com

  2. Re: NTPD on bond0:0

    David A. Evans wrote:
    > We have recently setup our first Redhat NTP server with a bonded
    > interface. We run NTPD on these servers on a virtual IP that used to
    > show up as eth0:0. When it was eth0:0 the -L in the /etc/sysconfig/ntpd
    > worked well and NTP would service clients on the virtual IP. Now on the
    > bond0:0 the syslog does not show a listening on message for bond0:0 and a
    > netstat does not show the port on the virtual IP. So of course it does
    > not service clients on that interface.


    Is there something special about bond0 or is it just another NIC? What
    are you expecting to do when you use -L?

    > We are running version 4.2.2@1.1532-o. I have checked the change
    > log of the newer versions and don't see any mention of a fix on the newer
    > versions and google'ing bond0:0 and ntpd returns very little useful
    > information. Does anybody else have this setup on a bond0:0 interface?
    >


    Please upgrade to 4.2.4 first. However can you check that you are
    actually binding to the interface? It should say that it's listening on
    the address you are looking for. NTPD should listen on every interface
    on port 123 so I'd be surprised if it weren't there.

    If necessary, build ntpd with debug mode and then add -D 2 -l stdout to
    the command line and it should spit out more information to stdout when
    you run it directly.

    Danny

    >
    > David A. Evans
    > Enterprise IP/DNS Management
    > Network Infrastructure Tools and Services
    > Evans_David_A@cat.com
    >
    > _______________________________________________
    > questions mailing list
    > questions@lists.ntp.org
    > https://lists.ntp.org/mailman/listinfo/questions
    >


  3. Re: NTPD on bond0:0 **Solved**

    Removing the -L solved the problem but here are the answers and
    what I found through my troubleshooting.

    I'm running Red Hat Enterprise Linux ES release 3 (Taroon Update
    5) on IBM X series servers.

    These servers have 2 physical NIC's to 2 switches.

    Old Config was 3 IP's. 2 "real" IPs on Eth0 and Eth1. Then a
    "virtual" IP on Eth0:0 or Eth1:0. We had some home grown scripts to fail
    the 'virtual' between the two NIC's. This configuration, and I have
    verified this several times on this version of Redhat, requires the -L
    switch to bond to all IP's. Removing the -L and NTP only bonds to the
    'real' IP's. This is backwards from most of the documentation that I
    have found. But that is the way it works.

    New Config still has multiple IP's as we have done some service
    consolidation and want to keep some old IP's to avoid client and firewall
    updates but now the drivers bond the two physical NIC's into one that
    shows up as Bond0. This has a single IP that the drivers monitor and
    switch between whichever physical card is up at the time. Now we still
    have virtual IP's on the machine that show up as bond0:X, however, with
    the -L NTP only bonds to the 'real' interfaces (as the majority of the
    docs show) and removing the -L causes it to bond to all the available
    IP's.

    It looks like our old config is really where the 'bug' is. My
    confusion started as all our internal documentation states that if you
    have virtual IP's, add the -L to make it work. So someone several years
    ago found this issue and just 'fixed' our internal docs. Once I stopped
    looking for documentation on bond interfaces and started looking for doc's
    on the -L switch the solution presented itself.


    David A. Evans
    Enterprise IP/DNS Management
    Network Infrastructure Tools and Services
    Evans_David_A@cat.com




    Danny Mayer
    02/22/2008 09:15 PM
    Please respond to
    mayer@ntp.isc.org


    To
    "David A. Evans"
    cc
    questions@lists.ntp.org
    Subject
    Re: [ntp:questions] NTPD on bond0:0




    Caterpillar: Confidential Green Retain Until: 03/23/2008



    David A. Evans wrote:
    > We have recently setup our first Redhat NTP server with a bonded


    > interface. We run NTPD on these servers on a virtual IP that used to
    > show up as eth0:0. When it was eth0:0 the -L in the

    /etc/sysconfig/ntpd
    > worked well and NTP would service clients on the virtual IP. Now on the


    > bond0:0 the syslog does not show a listening on message for bond0:0 and

    a
    > netstat does not show the port on the virtual IP. So of course it does


    > not service clients on that interface.


    Is there something special about bond0 or is it just another NIC? What
    are you expecting to do when you use -L?

    > We are running version 4.2.2@1.1532-o. I have checked the

    change
    > log of the newer versions and don't see any mention of a fix on the

    newer
    > versions and google'ing bond0:0 and ntpd returns very little useful
    > information. Does anybody else have this setup on a bond0:0

    interface?
    >


    Please upgrade to 4.2.4 first. However can you check that you are
    actually binding to the interface? It should say that it's listening on
    the address you are looking for. NTPD should listen on every interface
    on port 123 so I'd be surprised if it weren't there.

    If necessary, build ntpd with debug mode and then add -D 2 -l stdout to
    the command line and it should spit out more information to stdout when
    you run it directly.

    Danny

    >
    > David A. Evans
    > Enterprise IP/DNS Management
    > Network Infrastructure Tools and Services
    > Evans_David_A@cat.com
    >
    > _______________________________________________
    > questions mailing list
    > questions@lists.ntp.org
    > https://lists.ntp.org/mailman/listinfo/questions
    >


  4. Re: NTPD on bond0:0 **Solved**

    Evans_David_A@cat.com (David A. Evans) wrote:

    > It looks like our old config is really where the 'bug' is. My
    > confusion started as all our internal documentation states that if you
    > have virtual IP's, add the -L to make it work. So someone several years
    > ago found this issue and just 'fixed' our internal docs. Once I stopped
    > looking for documentation on bond interfaces and started looking for doc's
    > on the -L switch the solution presented itself.


    The sense of -L was reversed in ntpd 4.2.0: before that version, it meant
    listen to virtual IPs, after that version, it means do not listen to them.

    --
    Ronan Flood

  5. Re: NTPD on bond0:0 **Solved**

    Ronan Flood wrote:
    > Evans_David_A@cat.com (David A. Evans) wrote:
    >
    >
    >> It looks like our old config is really where the 'bug' is. My
    >>confusion started as all our internal documentation states that if you
    >>have virtual IP's, add the -L to make it work. So someone several years
    >>ago found this issue and just 'fixed' our internal docs. Once I stopped
    >>looking for documentation on bond interfaces and started looking for doc's
    >>on the -L switch the solution presented itself.

    >
    >
    > The sense of -L was reversed in ntpd 4.2.0: before that version, it meant
    > listen to virtual IPs, after that version, it means do not listen to them.
    >


    I have to wonder if the change had any benefits that would outweigh the
    inevitable confusion!


  6. Re: NTPD on bond0:0

    Danny Mayer wrote:
    > Is there something special about bond0 or is it just another NIC? What
    > are you expecting to do when you use -L?


    Just for the archives - a "bond" interface in Linux is one or more
    physical interfaces configured into a "bond" by the bonding driver.
    On other platforms that might be called "trunking" or port aggregation
    etc. The "transport" (IP and above) sees just the one interface (eg
    bond0) which then handles all the nitty gritty details of
    link-failover and/or load balancing among the physical interfaces in
    the bond.

    rick jones
    --
    The computing industry isn't as much a game of "Follow The Leader" as
    it is one of "Ring Around the Rosy" or perhaps "Duck Duck Goose."
    - Rick Jones
    these opinions are mine, all mine; HP might not want them anyway...
    feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

  7. Re: NTPD on bond0:0 **Solved**

    Ronan Flood wrote:
    > Evans_David_A@cat.com (David A. Evans) wrote:
    >
    >> It looks like our old config is really where the 'bug' is. My
    >> confusion started as all our internal documentation states that if you
    >> have virtual IP's, add the -L to make it work. So someone several years
    >> ago found this issue and just 'fixed' our internal docs. Once I stopped
    >> looking for documentation on bond interfaces and started looking for doc's
    >> on the -L switch the solution presented itself.

    >
    > The sense of -L was reversed in ntpd 4.2.0: before that version, it meant
    > listen to virtual IPs, after that version, it means do not listen to them.
    >


    These days you are better off using -I and specifying the addresses/
    interfaces you need. (only in ntp-dev right now).

    Danny

+ Reply to Thread