> Date: Sat, 09 Jan 2021 17:24:59 +0100 > From: "Filippo Valsorda" <fili...@ml.filippo.io> > > (Emailing the arm@ list because this is a common issue on arm platforms, > although not arm specific. Let me know if I should redirect.) > > I run a simple OpenBSD firewall on a RPi 4, which doesn't have a > real-time clock. When the power goes out, the firewall boots faster > than its upstream, so it doesn't have network connectivity in the first > seconds. > > This interacts poorly with ntpd's settime logic: ntpd will only use > settime in securelevel 0 (see auto_preconditions() in ntpd.c), and will > only try reaching the Internet twice, with a 1s pause, upon starting. > > The result is that the firewall boots, gives up on settime, and ends up > stuck forever with a clock weeks old, enough to break the system, and > too far for ntp to catch up. > > I'm not sure what the right solution is. I think I would want ntpd to > wait until it has network connectivity at boot, but I'm not sure if this > is something I should hack myself or maybe there's space for an ntpd CLI > option. > > Opinions?
Add an RTC to the Pi4. They can be bought for a few euros and can be enabled by adding the appropriate device tree overlay to the config.txt file on the firmware partition of your boot disk.