[LEDE-DEV] [PATCH v1] dnsmasq: use SIGUSR2 for dnssec time valid
Kevin Darbyshire-Bryant
kevin at darbyshire-bryant.me.uk
Fri Jan 5 01:30:47 PST 2018
> On 5 Jan 2018, at 08:22, e9hack <e9hack at gmail.com> wrote:
>
> Am 02.01.2018 um 16:29 schrieb Kevin Darbyshire-Bryant:
>> Move 'check dnssec timestamp enable' from SIGHUP handler to SIGUSR2.
>
> Hi,
>
> your patch fixes the DNS problem for me.
Good, as I suspected it would.
>
> Now I get another ugly behaviour which is more related to ntpd from busybox. Ntpd answers to ntp request before it did
> update the time of the router. I've connected a voip phone to the router, which uses the router as time server. In the
> past, I did never see a wrong date/time on the phone. Now after a reboot/update of the router, the phone uses a wrong
> time for around 6 hours. I add a few firewall logging rules to monitor ntp and dns traffic. After the reboot of the
> router, the phone sends first dns request and a few seconds later the first ntp request. This first ntp request is send
> a few seconds before ntpd sends ntp requests over the wan interface and does update the time of the router.
I don’t have a magic patch for this problem. It seems to me that ideally busybox ntpd shouldn’t serve time until it has sync’d. A horrible hack idea: firewall rule to drop incoming ntp requests from clients… have an ntpd hotplug script that captures the stratum change event and removes the firewall rules. And/or ntpd has a new command line switch implemented that does the same thing ie. ignore ntp requests until sync’d.
Failing that, maybe you really can’t have DNS and time at the same time ;-) Now where did I put that chicken…...
Cheers,
Kevin D-B
012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
More information about the Lede-dev
mailing list