[ntp:questions] Leap-second flag not forwarded to NTP clients

Santi Saez santi at woop.es
Tue Aug 14 10:34:10 UTC 2012


Hello,

I'm making some tests with "leapfile" feature on ntpd to send fake 
leap-seconds and ensure our Linux platform is resilient to the bug :)

Lab is quite simple: a "master" server with local clock running ntpd 
with leapfile feature, and a "client" system also running ntpd that 
connects to the "master".

I have just found that leap-second flag is forwarded from the "master" 
to the "client" without problems on CentOS-6 boxes (running 4.2.4p8-2), 
but with the same configuration it doesn't work on Debian Squeeze 
(4.2.6.p2+dfsg-1+b1). If I query ntpd it returns "leap_add_sec" and 
"leap=01" flags, and running a tcpdump I also see those flags, but the 
"client" system seems that it's ignoring the flags, as I say: this only 
happens on Debian running 4.2.6.p2 from upstream.

This is the config on CentOS systems = works OK

    * master

       driftfile /var/lib/ntp/drift
       restrict default kod nomodify notrap nopeer noquery
       restrict -6 default kod nomodify notrap nopeer noquery
       restrict 127.0.0.1
       restrict -6 ::1
       server 127.127.1.0 iburst
       fudge 127.127.1.0 stratum 10
       includefile /etc/ntp/crypto/pw
       keys /etc/ntp/keys
       keysdir /etc/ntp
       crypto pw password

    * client

       driftfile /var/lib/ntp/drift
       restrict default kod nomodify notrap nopeer noquery
       restrict -6 default kod nomodify notrap nopeer noquery
       restrict 127.0.0.1
       restrict -6 ::1
       server 172.16.2.1 iburst
       includefile /etc/ntp/crypto/pw
       keys /etc/ntp/keys

This is the config on Debian systems = leap-second not forwarded from 
"master" to the "client"

    * master

       leapfile "/etc/leap-seconds.list"
       driftfile /var/lib/ntp/drift
       restrict default kod nomodify notrap nopeer noquery
       restrict -6 default kod nomodify notrap nopeer noquery
       restrict 127.0.0.1
       restrict -6 ::1
       server 127.127.1.1 iburst
       fudge 127.127.1.1 stratum 10
       includefile /etc/ntp/crypto/pw
       keys /etc/ntp/keys

    * client

       driftfile /var/lib/ntp/drift
       restrict default kod nomodify notrap nopeer noquery
       restrict -6 default kod nomodify notrap nopeer noquery
       restrict 127.0.0.1
       restrict -6 ::1
       server 10.204.3.2 iburst
       includefile /etc/ntp/crypto/pw
       keys /etc/ntp/keys

The unique difference is the way leap-second is configured, it depends 
on ntpd version [1], the remaining conf is the same on both master and 
client servers.

What can be the reason that blocks leap-second being forwarded on 
Debian/4.2.6.p2 systems? Thanks!

[1] http://support.ntp.org/bin/view/Support/ConfiguringNTP#Section_6.14.1.

Santi Saez


More information about the questions mailing list