OpenNTPd not working in alpine Linux

In a Clean Alpine Linux install run

apk add openntpd
service openntpd start
rc-update add openntpd

Then modifiy the /etc/ntpd.conf to

# $OpenBSD: ntpd.conf,v 1.16 2019/11/06 19:04:12 deraadt Exp $
#
# See ntpd.conf(5) and /etc/examples/ntpd.conf

servers pool.ntp.org
server time.cloudflare.com
sensor *

constraint from "9.9.9.9"              # quad9 v4 without DNS
constraint from "2620:fe::fe"          # quad9 v6 without DNS
constraints from "www.google.com"      # intentionally not 8.8.8.8

listen on 0.0.0.0

And run

service openntpd restart

Run a port scan against the server from another machine with nmap that shows that is not listening to NTP requests ergo not working.

My logs when restarting the server, filtering the kernel logs, with older logs removed, also filtered the sshd login line

Feb  3 12:05:40 ns1 user.debug : Will stop /usr/sbin/ntpd
Feb  3 12:05:40 ns1 user.debug : Will stop PID 2480
Feb  3 12:05:40 ns1 user.debug : Sending signal 15 to PID 2480
Feb  3 12:05:59 ns1 daemon.info init: starting pid 2815, tty '': '/sbin/openrc shutdown'
Feb  3 12:05:59 ns1 user.debug : Will stop /usr/sbin/sshd
Feb  3 12:05:59 ns1 user.debug : Will stop PID 2526
Feb  3 12:05:59 ns1 user.debug : Sending signal 15 to PID 2526
Feb  3 12:05:59 ns1 auth.info sshd[2526]: Received signal 15; terminating.
Feb  3 12:05:59 ns1 auth.info sshd[2739]: Exiting on signal 15
Feb  3 12:05:59 ns1 user.debug : Will stop /usr/sbin/ntpd
Feb  3 12:05:59 ns1 user.debug : Will stop PID 2796
Feb  3 12:05:59 ns1 user.debug : Sending signal 15 to PID 2796
Feb  3 12:06:00 ns1 user.debug : Will stop PID 2451
Feb  3 12:06:00 ns1 user.debug : Sending signal 15 to PID 2451
Feb  3 12:06:00 ns1 user.debug : Will stop /usr/sbin/crond
Feb  3 12:06:00 ns1 user.debug : Will stop PID 2416
Feb  3 12:06:00 ns1 user.debug : Sending signal 15 to PID 2416
Feb  3 12:06:00 ns1 user.debug : Will stop /sbin/syslogd
Feb  3 12:06:00 ns1 user.debug : Will stop PID 2363
Feb  3 12:06:00 ns1 syslog.info syslogd exiting
Feb  3 12:06:18 ns1 syslog.info syslogd started: BusyBox v1.36.1
Feb  3 12:06:18 ns1 daemon.info init: starting pid 2343, tty '': '/sbin/openrc default'
Feb  3 12:06:18 ns1 cron.info crond[2389]: crond (busybox 1.36.1) started, log level 8
Feb  3 12:06:19 ns1 auth.info sshd[2501]: Server listening on 0.0.0.0 port 22.
Feb  3 12:06:19 ns1 auth.info sshd[2501]: Server listening on :: port 22.
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2502, tty '/dev/tty1': '/sbin/getty 38400 tty1'
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2503, tty '/dev/tty2': '/sbin/getty 38400 tty2'
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2507, tty '/dev/tty3': '/sbin/getty 38400 tty3'
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2511, tty '/dev/tty4': '/sbin/getty 38400 tty4'
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2514, tty '/dev/tty5': '/sbin/getty 38400 tty5'
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2518, tty '/dev/tty6': '/sbin/getty 38400 tty6'
Feb  3 12:06:19 ns1 daemon.info init: starting pid 2523, tty '/dev/ttyS0': '/sbin/getty -L 0 ttyS0 vt100'

Why no this configuration is making it a NTP server?

Asked By: Delfin

||

The NTP server is likely working, since the only source for the opposite claim was running nmap(1). As stated in https://superuser.com/a/1656244, nmap by default only tests TCP ports, while NTP is using UDP.

Still, if any firewall is used, for example ufw(8), NTP port should explicitly be configured to allow incoming connections. For example, using a command such as:

# ufw allow ntp

or similar.

Unfortunately, so far OpenNTPD doesn’t include a direct command with which to test if the server actually works, but other programs can be used for that. For example, ntpdate(8) (with ntpdate -q), ntpclient or a similar program can be used. Network peers using other operating systems, such as Windows, also can be set up to query NTP on your server from the "Date and Time" control panel, and should report if there are any errors in connectivity.

Answered By: Vilinkameni
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.