# ntpd: fail-safe config against boot-time failures?

## jeffk

I have an amd64 server running dovecot+postfix, rrdtool, etc.. For dovecot and rrdtool, it's very important to keep the clock updated by small increments, so I know I should be using ntpd.

Unfortunately, when I was deploying the server a few months ago, I had some thorny problems which (whatever the root cause) manifested as ntpd failures at boot services startup. I was onsite and moving fast in a limited time window, so I eventually just removed ntpd from rc-update levels, and haven't used it since. I don't have good notes on the incident, so I can't point to a specific cause. I think it had to do with the network interface not yet being up.

I'm not near the server these days, and I definitely don't want to cause any problems on bootup which would require console interaction.

Has anyone got anecdotal accounts of ntpd being suceptible to problems with dependent services at boot time? Apologies for the vagueness of the question.

----------

## mikegpitt

You are correct that ntpd will need a network interface up, or it won't start.  It *should* start automatically later on after one of the interfaces has received an ip address, but perhaps this was not the case in your setup.

One thing you might want to look at the RC_NET_STRICT_CHECKING var in your /etc/conf.d/rc.  You can set it to 'none', and the machine will always think an interface is up, which might help in your situation.

----------

## jeffk

Recent versions of ntpd give the following einfo:

```
 * The way ntp sets and maintains your system time has changed.

 * Now you can use /etc/init.d/ntp-client to set your time at

 * boot while you can use /etc/init.d/ntpd to maintain your time

 * while your machine runs
```

What does that mean in specific entries to rc-update?

As mentioned above, I'm looking only at configuration that can't interrupt the boot process for console input, even if the network is unavailable.

Thanks.

----------

## mikegpitt

 *jeffk wrote:*   

> Recent versions of ntpd give the following einfo:
> 
> ```
>  * The way ntp sets and maintains your system time has changed.
> 
> ...

 Neither should interrupt your boot process.  That message simple means that ntp-client will only set your time once, at boot.  Ntpd continuously updates your system clock.  Neither will run until a network card is activated (unless you specify differently using the RC_NET_STRICT_CHECKING).

I've never forced ntpd/ntp-client to start with no network card active, but I would assume it would not infinitely hang.  You can try it out on a test machine I suppose if you need to verify this.

----------

## jeffk

I'm not clear on how ntp-client should be run so it does it's thing just once. I probably should have been clearer about what I was asking:

What are the recommended runlevels for /etc/init.d/ntp-client and /etc/init.d/ntpd? i.e. What rc-update add/delete commands are suggested?

Thanks.

P.S. If I did want to simulate no-NIC boot durability, what's the best way to do it in software (without disturbing physical hardware)? Remove all /etc/init.d/net.* links temporarily and reboot? Maybe there's a udev rule that would ignore anything in the NIC category...

----------

## mikegpitt

 *jeffk wrote:*   

> I'm not clear on how ntp-client should be run so it does it's thing just once. I probably should have been clearer about what I was asking:
> 
> What are the recommended runlevels for /etc/init.d/ntp-client and /etc/init.d/ntpd? i.e. What rc-update add/delete commands are suggested?

 I would put both in the default runlevel, although I would only run with ntpd or ntp-client, since both aren't really necessary... in your case I would choose ntpd.

 *jeffk wrote:*   

> P.S. If I did want to simulate no-NIC boot durability, what's the best way to do it in software (without disturbing physical hardware)? Remove all /etc/init.d/net.* links temporarily and reboot? Maybe there's a udev rule that would ignore anything in the NIC category...

 If you want to simulate no network cards in the system, then I would blacklist your ethernet/wifi modules temporarily... with no driver there will be no device.  If I understood what you previously said, you are more concerned about the device not getting an IP address, not that the device doesn't exist at all.  If that is the case, I would just unplug your ethernet cable and change your wifi settings for your test.

----------

## Majed17

ihad both ntp-client and ntpd at runlevel default and i was having the problem that ntpd was not starting after boot. so i removed ntp-client from run level default but ntpd is still not starting by itself. 

what is needed to solve the problem?

----------

## Majed17

after restarting couple of times i noticed that ntpd started by itslef

----------

