Page MenuHomeVyOS Platform
Create Task
Maniphest T5399

"show ntp" fails when vrf is being configured
Closed, ResolvedPublicBUG
Actions

Description

Utilizing vrf I wish to synchronize towards a ntp-server available on internet (normally one would most likely use something available on your mgmt-network instead).

By using this configuration:

ntp {
    interface eth1
    server 194.58.200.20 {
        prefer
    }
    vrf INTERNET
}

the output of "show ntp" fails with following error:

506 Cannot talk to daemon

Workaround is to switch context to vrf INTERNET and rerun the command, like so:

force vrf INTERNET
show ntp
exit

IMHO this shouldnt be needed.

"show ntp" should be able to be runned from regular vyos op-mode and if needed the output should inform which vrf the ntp service operates under.

Something like this:

vyos@vyos:~$ show ntp
                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
ntp.netnod.se               9   4   330     +0.002      0.441    +84ns    24us
==============================================================================
VRF: INTERNET
==============================================================================
vyos@vyos:~$

If no vrf is configured for "set service ntp" then the above output should read "VRF: Default".

Details

Version
VyOS 1.4-rolling-202307250317
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

Apachez created this task.Jul 25 2023, 3:34 PM
n.fort subscribed.Jul 25 2023, 5:07 PM

Can you check changing

VRF_NAME=$(ip vrf identify )

to

VRF_NAME=$(ip vrf identify ${PID})

In file /usr/libexec/vyos/op_mode/show_ntp.sh, line 21

If possible, please check output when vrf configured in ntp, and also when not configured.

pasik subscribed.Jul 25 2023, 7:22 PM
Apachez added a comment.Jul 25 2023, 11:29 PM

I can confirm that altering line 21 as suggested fixes this issue.

With "set service ntp vrf INTERNET" configured the output now becomes:

vyos@vyos:~$ show ntp
                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
ntp.netnod.se               4   3     6     +2.071    292.260    +50us    44us

The above also works if I first do "force vrf INTERNET" to change context into vrf INTERNET before running "show ntp".

And with "delete service ntp vrf" (followed by commit and save) the output becomes (since I dont have any static route configured for vrf Default and all interfaces are either part of vrf MGMT or vrf INTERNET both the dns-lookup and ntp synchronization will fail):

vyos@vyos:~$ show ntp
                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
194.58.200.20               0   0     0     +0.000   2000.000     +0ns  4000ms
Viacheslav subscribed.Jul 26 2023, 7:56 AM

There is this line in the code https://github.com/vyos/vyos-1x/blob/688755a988e233e221bf920e391e35d5ddc9cb56/src/op_mode/show_ntp.sh#L21

Apachez added a comment.Jul 26 2023, 9:51 AM

Pull request created: https://github.com/vyos/vyos-1x/pull/2112

Restricted Repository Identity mentioned this in rVYOSONEX6a1a687f8b8f: Merge pull request #2112 from Apachez-/T5399.Jul 26 2023, 11:48 AM
Apachez mentioned this in rVYOSONEXb3eaa3c11a37: T5399: VRF-support for show ntp.Jul 26 2023, 11:48 AM
Viacheslav changed the task status from Open to Needs testing.Jul 26 2023, 12:01 PM
Viacheslav assigned this task to Apachez.
n.fort added a comment.Jul 26 2023, 1:37 PM

Thanks for testing and submitting PR

Apachez added a comment.Jul 26 2023, 5:55 PM

Tested and verified as described in the pull request:

  1. Using VyOS 1.4-rolling-202307250317.
  1. Modifying line 21 in /usr/libexec/vyos/op_mode/show_ntp.sh.
  1. Ran "show ntp" in op-mode and got the expected result:

Before fix:

vyos@vyos:~$ show ntp
506 Cannot talk to daemon

After fix:

vyos@vyos:~$ show ntp
                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
ntp.netnod.se               4   3     6     +2.071    292.260    +50us    44us
Viacheslav added a comment.Aug 1 2023, 8:56 AM

Could you close the task if the issue is solved?

Apachez closed this task as Resolved.Aug 1 2023, 8:22 PM

Done!

Viacheslav moved this task from Open to Finished on the VyOS 1.4 Sagitta board.Aug 2 2023, 7:08 AM