Page MenuHomeVyOS Platform
Create Task
Maniphest T2944

NTP by default listen on any address/interface
Closed, ResolvedPublicBUG
Actions

Description

By default NTP port 123 listen on any ip address.
NTP should listen on configured addresses only.
If there is no configuration, by default only need to listen to 127.0.0.1 and :: 1

[email protected]:~$ sudo netstat -tulpn | grep 123
udp        0      0 192.168.255.100:123     0.0.0.0:*                           1435/ntpd           
udp        0      0 192.168.122.14:123      0.0.0.0:*                           1435/ntpd           
udp        0      0 127.0.0.1:123           0.0.0.0:*                           1435/ntpd           
udp        0      0 0.0.0.0:123             0.0.0.0:*                           1435/ntpd           
udp6       0      0 2001:db8::dead:123      :::*                                1435/ntpd           
udp6       0      0 fe80::5054:ff:febd::123 :::*                                1435/ntpd           
udp6       0      0 fe80::2cf1:c0ff:fea:123 :::*                                1435/ntpd           
udp6       0      0 fe80::5054:ff:fe52::123 :::*                                1435/ntpd           
udp6       0      0 fe80::5054:ff:fea0::123 :::*                                1435/ntpd           
udp6       0      0 ::1:123                 :::*                                1435/ntpd           
udp6       0      0 :::123                  :::*                                1435/ntpd           
[email protected]:~$

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.3-rolling-202009300117
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Viacheslav created this task.Oct 1 2020, 9:44 AM
Viacheslav claimed this task.Oct 1 2020, 9:51 AM
Viacheslav added a comment.Oct 1 2020, 10:05 AM

PR for Rolling https://github.com/vyos/vyos-1x/pull/559

[email protected]# sudo netstat -tulpn | grep 123
udp        0      0 127.0.0.1:123           0.0.0.0:*                           1387/ntpd           
udp6       0      0 ::1:123                 :::*                                1387/ntpd           
[edit]
[email protected]#
pasik added a subscriber: pasik.Oct 1 2020, 2:37 PM
Viacheslav changed the task status from Open to Needs testing.Oct 21 2020, 8:03 AM
Viacheslav added a comment.EditedJan 8 2021, 2:13 PM

NTP doesn't work when you configure listen-address 0.0.0.0.

Viacheslav added a comment.Jan 9 2021, 3:56 PM

PR https://github.com/vyos/vyos-1x/pull/674

Viacheslav closed this task as Resolved.Jan 17 2021, 6:33 PM

Fixed

[email protected]:~$ show ntp 
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*194.0.5.123     85.199.214.102   2 u    4   64    3   39.557   -2.748   2.504
+167.86.115.96   235.106.237.243  3 u   39   64    3   45.816    5.476   0.830
+195.128.100.150 131.188.3.222    2 u    4   64    3   43.219   -1.425   1.734
[email protected]:~$ 
[email protected]:~$ show version 

Version:          VyOS 1.3-beta-202101170442
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Nov 6 2021, 12:20 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 29 2022, 12:16 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.