Given two firewall servers, A (primary) and B (failover) both running ntpd service available to clients on the LAN. pfSense 2.2.1/amd64 on pfSense branded C2758.
The following procedure more or less causes ntpd on B to become unstable: 1) on A, set CARP maintenance mode to make B answer all CARP interfaces. 2) reboot A. 3) clear CARP maintenance mode on A to return all shared IPs to A. Monitor ntp on both firewalls. After a while, A is still pretty stable and has normal status. On B, however, the "reach" value for the upstream ntp servers drops down to near 1, sometimes 0, and the offset gets into the hundreds of ms, very close to 1 second and the jitter is very high. It does eventually recover and then flip back and forth between accurate and barely accurate time keeping. It also appears that the process dies frequently, but the watchguard package restarts it for me. Perhaps that restart does temporarily fix the time keeping. The only solution I've found to get it back to keeping good time is to reboot the server. Simply restarting ntpd is insufficient. Can anyone else reproduce this or has seen it?
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
