You are not logged in.

#1 2024-02-09 13:14:09

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

[SOLVED] [NTP] Timeout when using arch.pool.ntp.org

I enabled/started systemd-timesyncd with default config. timedatectl says clock is not synced. The status of the service shows timeouts for all the pools in arch.pool.ntp.org. I tried to use ntpd using arch's ntp servers but the issue was still the same even though I can ping those servers.

So I tried to use different servers, asia.pool.ntp.org, and my clock is in sync now.

$ tracepath -n 0.arch.pool.ntp.org
 1?: [LOCALHOST]                      pmtu 1500
 1:  192.168.2.1                                           0.549ms
 1:  192.168.2.1                                           0.348ms
 2:  10.20.11.1                                            1.940ms
 3:  xxx.xxx.xxx.xxx                                       1.037ms
 4:  100.64.0.141                                          4.357ms
 5:  100.64.0.1                                            3.378ms
 6:  203.177.160.157                                      70.405ms asymm 12
 7:  no reply
 8:  no reply
 9:  120.28.22.78                                         47.339ms asymm 15
10:  222.127.1.21                                         91.964ms reached
     Resume: pmtu 1500 hops 10 back 15

$ tracepath -n 0.asia.pool.ntp.org
 1?: [LOCALHOST]                      pmtu 1500
 1:  192.168.2.1                                           0.531ms
 1:  192.168.2.1                                           0.385ms
 2:  10.20.11.1                                            2.611ms
 3:  xxx.xxx.xxx.xxx                                       1.612ms
 4:  100.64.0.141                                          4.462ms
 5:  100.75.0.77                                          38.224ms asymm  7
 6:  no reply
 7:  no reply
 8:  no reply
 9:  no reply
10:  72.52.92.69                                         227.690ms asymm 12
11:  80.81.194.72                                        248.920ms asymm 13
12:  46.19.97.61                                         273.709ms asymm 14
13:  46.19.96.17                                         288.951ms asymm 17
14:  46.19.96.19                                         292.016ms reached
     Resume: pmtu 1500 hops 14 back 18

Note: I redacted the ip addresses at #3. It's my public ip address. Not sure if it's safe to make it public since I'm behind CGNAT.

Last edited by rEnr3n (2024-02-11 11:40:04)

Offline

#2 2024-02-09 14:45:50

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

ntpdate -d 0.arch.pool.ntp.org

Online

#3 2024-02-10 01:10:17

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

$ ntpdate -d 0.arch.pool.ntp.org
10 Feb 09:06:51 ntpdate[30374]: ntpdate 4.2.8p17@1.4004-o Tue Jun  6 14:05:47 UTC 2023 (1)
Looking for host 0.arch.pool.ntp.org and service ntp
host found : 222.127.1.24
transmit(222.127.1.24)
transmit(222.127.1.26)
transmit(222.127.1.18)
transmit(222.127.1.21)
transmit(222.127.1.24)
transmit(222.127.1.26)
transmit(222.127.1.18)
transmit(222.127.1.21)
transmit(222.127.1.24)
transmit(222.127.1.26)
transmit(222.127.1.18)
transmit(222.127.1.21)
transmit(222.127.1.24)
transmit(222.127.1.26)
transmit(222.127.1.18)
transmit(222.127.1.21)
222.127.1.24: Server dropped: no data
222.127.1.26: Server dropped: no data
222.127.1.18: Server dropped: no data
222.127.1.21: Server dropped: no data

10 Feb 09:07:01 ntpdate[30374]: no server suitable for synchronization found

Offline

#4 2024-02-10 09:38:50

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

222.127.1.24 belongs to globe.ph, they have "123/udp open|filtered ntp" and ntpdate doesn't get time from them for me either.
Is that your ISP? They might intercept your DNS or you've a bogus resolver configured.

dig 0.arch.pool.ntp.org
dig @8.8.8.8 0.arch.pool.ntp.org

Online

#5 2024-02-10 10:39:11

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

They're not my ISP but I think my ISP is connecting through them. Should I contact them about this?

$ dig 0.arch.pool.ntp.org

; <<>> DiG 9.18.21 <<>> 0.arch.pool.ntp.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5083
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;0.arch.pool.ntp.org.		IN	A

;; ANSWER SECTION:
0.arch.pool.ntp.org.	130	IN	A	222.127.1.19
0.arch.pool.ntp.org.	130	IN	A	222.127.1.22

;; Query time: 436 msec
;; SERVER: 192.168.2.20#53(192.168.2.20) (UDP)
;; WHEN: Sat Feb 10 18:33:57 PST 2024
;; MSG SIZE  rcvd: 80
$ dig @8.8.8.8 0.arch.pool.ntp.org

; <<>> DiG 9.18.21 <<>> @8.8.8.8 0.arch.pool.ntp.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45934
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;0.arch.pool.ntp.org.		IN	A

;; ANSWER SECTION:
0.arch.pool.ntp.org.	130	IN	A	222.127.1.22
0.arch.pool.ntp.org.	130	IN	A	222.127.1.19

;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Sat Feb 10 18:34:18 PST 2024
;; MSG SIZE  rcvd: 80

Offline

#6 2024-02-10 11:26:47

just4arch
Member
Registered: 2023-01-07
Posts: 72

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

Could you add the output of

dig +https @8.8.8.8 0.arch.pool.ntp.org
dig +tls @8.8.8.8 0.arch.pool.ntp.org

Someone along the line seems to be messing with your DNS and I'm curios to what extend.
They could be doing this to the NTP packets as well.

Offline

#7 2024-02-10 11:30:15

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

$ dig +https @8.8.8.8 0.arch.pool.ntp.org

; <<>> DiG 9.18.21 <<>> +https @8.8.8.8 0.arch.pool.ntp.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28864
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;0.arch.pool.ntp.org.		IN	A

;; ANSWER SECTION:
0.arch.pool.ntp.org.	130	IN	A	222.127.1.27
0.arch.pool.ntp.org.	130	IN	A	222.127.1.21

;; Query time: 46 msec
;; SERVER: 8.8.8.8#443(8.8.8.8) (HTTPS)
;; WHEN: Sat Feb 10 19:28:47 PST 2024
;; MSG SIZE  rcvd: 80
$ dig +tls @8.8.8.8 0.arch.pool.ntp.org

; <<>> DiG 9.18.21 <<>> +tls @8.8.8.8 0.arch.pool.ntp.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61502
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;0.arch.pool.ntp.org.		IN	A

;; ANSWER SECTION:
0.arch.pool.ntp.org.	100	IN	A	222.127.1.27
0.arch.pool.ntp.org.	100	IN	A	222.127.1.21

;; Query time: 103 msec
;; SERVER: 8.8.8.8#853(8.8.8.8) (TLS)
;; WHEN: Sat Feb 10 19:29:16 PST 2024
;; MSG SIZE  rcvd: 80

Offline

#8 2024-02-10 15:16:11

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

Are you using some VPN?
You might just get dealt a bogus server from the pool.

Let's look at something dicktators would be much more inclined to mess around with than a timeserver…

dig cnn.com

Online

#9 2024-02-10 16:39:33

just4arch
Member
Registered: 2023-01-07
Posts: 72

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

Random observation, pool.ntp.org seems to be pretty good at delivering NTP servers in your area:

 host ph.pool.ntp.org
ph.pool.ntp.org has address 222.127.1.20
ph.pool.ntp.org has address 222.127.1.25
ph.pool.ntp.org has address 222.127.1.21
ph.pool.ntp.org has address 222.127.1.18

So my guess is, the pool servers are currently broken and you could just select another pool...

Offline

#10 2024-02-10 16:41:50

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

The OP wrote:

tried to use different servers, asia.pool.ntp.org, and my clock is in sync now

Online

#11 2024-02-10 17:53:19

just4arch
Member
Registered: 2023-01-07
Posts: 72

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

Just wanted to clarify this isn't a DNS issue and "works as designed".
As this thread isn't marked solved as of yet, I hope this ties up any loose ends.

Offline

#12 2024-02-11 01:33:50

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

seth wrote:

Are you using some VPN?
You might just get dealt a bogus server from the pool.

I'm not using VPN but I use my own DNS resolver. I briefly tried to use 8.8.8.8 as my resolver but that didn't fix the issue.

seth wrote:

Let's look at something dicktators would be much more inclined to mess around with than a timeserver…

dig cnn.com
$ dig cnn.com

; <<>> DiG 9.18.21 <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41579
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;cnn.com.			IN	A

;; ANSWER SECTION:
cnn.com.		60	IN	A	151.101.195.5
cnn.com.		60	IN	A	151.101.3.5
cnn.com.		60	IN	A	151.101.67.5
cnn.com.		60	IN	A	151.101.131.5

;; Query time: 323 msec
;; SERVER: 192.168.2.20#53(192.168.2.20) (UDP)
;; WHEN: Sun Feb 11 09:24:25 PST 2024
;; MSG SIZE  rcvd: 100
just4arch wrote:

Just wanted to clarify this isn't a DNS issue and "works as designed".
As this thread isn't marked solved as of yet, I hope this ties up any loose ends.

I'm getting ip addresses for the hosts but they are not working as expected, NTP-wise. This stops me from using the official vagrant box since it's contacting arch's ntp servers and sshd won't start because of it.

Offline

#13 2024-02-11 08:21:00

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

cnn resolution works, it's simply the bogus NTP server in your area (what at this point was expectable)

You'll have to
- configure a different NTP server
- resolve a different NTP IP in your local DNS
- move to another country
- wait until the bogus IP gets kicked from the pool
There's no way around that.

https://community.ntppool.org/t/problem … p-org/3103
https://www.ntppool.org/zone/ph

Online

#14 2024-02-11 11:21:43

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

seth wrote:

it's simply the bogus NTP server in your area

I'm confused. I thought arch.pool.ntp.org is owned/maintained by the guys from archlinux. Is this a problem on arch admins end or are there other people involved here?

seth wrote:

222.127.1.24 belongs to globe.ph

I forgot about this. I'll contact my ISP if they can help with this. Meanwhile, I've opted for this as a workaround:

seth wrote:

- resolve a different NTP IP in your local DNS

Last edited by rEnr3n (2024-02-11 11:39:28)

Offline

#15 2024-02-11 14:41:21

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

You could check whether the problem still exists - ph.pool.ntp.org now resolves 45.249.226.5 for me and that server (belonging to Archon Data Solutions) does reply.
Meanwhile the remaining 222.127.1.0/24 servers in the pool seem all dead.

Online

#16 2024-02-11 17:38:12

progandy
Member
Registered: 2012-05-17
Posts: 5,170

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

seth wrote:

You could check whether the problem still exists - ph.pool.ntp.org now resolves 45.249.226.5 for me and that server (belonging to Archon Data Solutions) does reply.
Meanwhile the remaining 222.127.1.0/24 servers in the pool seem all dead.

The interesting thing is that https://servertest.online/ntp seems to be able to connect. Maybe they are filtering residential ips due to some DDoS.


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Online

#17 2024-02-12 05:33:20

rEnr3n
Member
Registered: 2012-07-25
Posts: 39

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

seth wrote:

You could check whether the problem still exists - ph.pool.ntp.org now resolves 45.249.226.5 for me and that server (belonging to Archon Data Solutions) does reply.

I ran this command yesterday and it was successful. Running it again today now fails. I think I got a different IP address yesterday.

$ ntpdate -d ph.pool.ntp.org
12 Feb 13:29:16 ntpdate[128483]: ntpdate 4.2.8p17@1.4004-o Tue Jun  6 14:05:47 UTC 2023 (1)
Looking for host ph.pool.ntp.org and service ntp
host found : 222.127.1.18
transmit(222.127.1.18)
transmit(222.127.1.20)
transmit(222.127.1.21)
transmit(222.127.1.23)
transmit(222.127.1.18)
transmit(222.127.1.20)
transmit(222.127.1.21)
transmit(222.127.1.23)
transmit(222.127.1.18)
transmit(222.127.1.20)
transmit(222.127.1.21)
transmit(222.127.1.23)
transmit(222.127.1.18)
transmit(222.127.1.20)
transmit(222.127.1.21)
transmit(222.127.1.23)
222.127.1.18: Server dropped: no data
222.127.1.20: Server dropped: no data
222.127.1.21: Server dropped: no data
222.127.1.23: Server dropped: no data

12 Feb 13:29:25 ntpdate[128483]: no server suitable for synchronization found
$ ntpdate -d pool.ntp.org
12 Feb 13:30:14 ntpdate[128997]: ntpdate 4.2.8p17@1.4004-o Tue Jun  6 14:05:47 UTC 2023 (1)
Looking for host pool.ntp.org and service ntp
host found : 222.127.1.18
transmit(222.127.1.18)
transmit(222.127.1.24)
transmit(222.127.1.25)
transmit(222.127.1.27)
transmit(222.127.1.18)
transmit(222.127.1.24)
transmit(222.127.1.25)
transmit(222.127.1.27)
transmit(222.127.1.18)
transmit(222.127.1.24)
transmit(222.127.1.25)
transmit(222.127.1.27)
transmit(222.127.1.18)
transmit(222.127.1.24)
transmit(222.127.1.25)
transmit(222.127.1.27)
222.127.1.18: Server dropped: no data
222.127.1.24: Server dropped: no data
222.127.1.25: Server dropped: no data
222.127.1.27: Server dropped: no data

12 Feb 13:30:22 ntpdate[128997]: no server suitable for synchronization found

Who do I talk to to have these servers kicked out of the pool?

Offline

#18 2024-02-12 08:52:51

seth
Member
Registered: 2012-09-03
Posts: 48,786

Re: [SOLVED] [NTP] Timeout when using arch.pool.ntp.org

Start at https://community.ntppool.org/
If the server filters residual IPs this won't be detected automatically - ultimately it's globe.ph's fault and actually their duty to withdraw their servers from the pool.

Online

Board footer

Powered by FluxBB