(Emailing the arm@ list because this is a common issue on arm platforms,
although not arm specific. Let me know if I should redirect.)

I run a simple OpenBSD firewall on a RPi 4, which doesn't have a
real-time clock. When the power goes out, the firewall boots faster
than its upstream, so it doesn't have network connectivity in the first

This interacts poorly with ntpd's settime logic: ntpd will only use
settime in securelevel 0 (see auto_preconditions() in ntpd.c), and will
only try reaching the Internet twice, with a 1s pause, upon starting.

The result is that the firewall boots, gives up on settime, and ends up
stuck forever with a clock weeks old, enough to break the system, and
too far for ntp to catch up.

I'm not sure what the right solution is. I think I would want ntpd to
wait until it has network connectivity at boot, but I'm not sure if this
is something I should hack myself or maybe there's space for an ntpd CLI


Reply via email to