Menu
What's new
By:
Filters Better Search

ntpMerlin ntpMerlin - NTP Daemon for AsusWRT Merlin

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I didnt see this in the OP.

On the Administration -> System under Basic Config :
What should the NTP Server option be set to if enabled at all???
 
What I do not know but suspect is that the firmware BusyBox NTP client is used until the boot process is far enough along to allow ntpMerlin Entware NTP server to start.

If this is true, then
  • Enable local NTP server set to No
  • Time Zone and Daylight Saving information correctly entered
  • NTP primary and secondary servers typed in
 
EmeraldDeer said:
What I do not know but suspect is that the firmware BusyBox NTP client is used until the boot process is far enough along to allow ntpMerlin Entware NTP server to start.

If this is true, then
  • Enable local NTP server set to No
  • Time Zone and Daylight Saving information correctly entered
  • NTP primary and secondary servers typed in
Click to expand...
There is much logic in that
 
v2.4.0 is now available!
Changelog:
Code: 
NEW: Change in minimum version requirement, see README!
NEW: Support for John's Fork of AsusWRT-Merlin (currently requires dev build, full support with next public release)
NEW: Option to toggle data output mode for weekly/monthly charts
NEW: Button to export/download CSVs used for charts
CHANGE: Raw data output is now the default
CHANGE: Migrated from datasource plugin for ChartJS to D3js library
REMOVED: Legacy WebUI code that would override unused ASP pages
 
Yesterday I tried v2.4.0 on RT-AC86U on 384.16 and i had to remove it as my internet stopped working since it used May 5th as a date instead of April 13th.

I tried updating it but that didn't work due to below error.

Code: 
ntpMerlin: Downloading latest version () of ntpMerlin

ntpMerlin: New version of S77ntpd downloaded

/jffs/scripts/ntpmerlin: line 1085: /opt/etc/init.d/S77ntpd: not found

FYI - local NTP server is disabled, DST is set correctly and servers to pool.ntp.org and time.nist.gov

UPDATED:
Just read May 5th date appears during a router reboot, perhaps that's what happened.

I have it installed and I think it's working as the correct date is showing in the logs now and under System Log > General Log.
Would this be the best way to confirm?
 
Last edited:
markusd1984 said:
Yesterday I tried v2.4.0 on RT-AC86U on 384.16 and i had to remove it as my internet stopped working since it used May 5th as a date instead of April 13th.

I tried updating it but that didn't work due to below error.

Code: 
ntpMerlin: Downloading latest version () of ntpMerlin

ntpMerlin: New version of S77ntpd downloaded

/jffs/scripts/ntpmerlin: line 1085: /opt/etc/init.d/S77ntpd: not found

FYI - local NTP server is disabled, DST is set correctly and servers to pool.ntp.org and time.nist.gov

UPDATED:
Just read May 5th date appears during a router reboot, perhaps that's what happened.

I have it installed and I think it's working as the correct date is showing in the logs now and under System Log > General Log.
Would this be the best way to confirm?
Click to expand...
Code: 
cat /opt/var/spool/ntp/ntp.log
cat /jffs/addons/ntpmerlin.d/ntp.conf
ntpq -p
 
Hello. After recent upgrades (v2.4.0 - 2.4.1) ntpMerlin has stopped to intercept and answer to local LAN device requests on NTP.
When i try to sync time on my Windows PC either directly to router's IP or let's say ntp.pool.org i get error.
Wireshark shows that PC issues NTP packet towards router and does not receive anything. Router itself can communicate with NTP servers and get time.
Only when "redirect all NTP traffic to router" is enabled in ntpMerlin settings it does not work. If i disable that LAN devices can get time via NTP.
Log has nothing about this.
 
pirx73 said:
Hello. After recent upgrades (v2.4.0 - 2.4.1) ntpMerlin has stopped to intercept and answer to local LAN device requests on NTP.
When i try to sync time on my Windows PC either directly to router's IP or let's say ntp.pool.org i get error.
Wireshark shows that PC issues NTP packet towards router and does not receive anything. Router itself can communicate with NTP servers and get time.
Only when "redirect all NTP traffic to router" is enabled in ntpMerlin settings it does not work. If i disable that LAN devices can get time via NTP.
Log has nothing about this.
Click to expand...
Router settings should be disabled. Can you share the output of
Code: 
iptables -t nat -S PREROUTING
please?
 
pirx73 said:
Hello. After recent upgrades (v2.4.0 - 2.4.1) ntpMerlin has stopped to intercept and answer to local LAN device requests on NTP.
When i try to sync time on my Windows PC either directly to router's IP or let's say ntp.pool.org i get error.
Wireshark shows that PC issues NTP packet towards router and does not receive anything. Router itself can communicate with NTP servers and get time.
Only when "redirect all NTP traffic to router" is enabled in ntpMerlin settings it does not work. If i disable that LAN devices can get time via NTP.
Log has nothing about this.
Click to expand...
yea if these two rules are listed, then your ntp traffic is probably preferring to travel ipv6 vs ipv4 like ntpmerlin uses.

upload_2020-4-16_3-43-16.png
 
pirx73 said:
Hello. After recent upgrades (v2.4.0 - 2.4.1) ntpMerlin has stopped to intercept and answer to local LAN device requests on NTP.
When i try to sync time on my Windows PC either directly to router's IP or let's say ntp.pool.org i get error.
Wireshark shows that PC issues NTP packet towards router and does not receive anything. Router itself can communicate with NTP servers and get time.
Only when "redirect all NTP traffic to router" is enabled in ntpMerlin settings it does not work. If i disable that LAN devices can get time via NTP.
Log has nothing about this.
Click to expand...
upload_2020-4-16_3-51-54.png


Here is what a successful connection to router ntp server looks like,

upload_2020-4-16_3-51-16.png


it shows the router intercepting the connection from the device and pointing it at router for the answer.
 
Jack Yaz said:
Router settings should be disabled. Can you share the output of
Code: 
iptables -t nat -S PREROUTING
please?
Click to expand...
Code: 
iptables -t nat -D PREROUTING -p udp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)" 2>/dev/null
iptables -t nat -D PREROUTING -p tcp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)" 2>/dev/null
iptables -t nat -A PREROUTING -p udp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)"
iptables -t nat -A PREROUTING -p tcp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)"
is an interesting adaptation of your ipv4 rule, it redirects all traffic from ipv4 to and from 192.168.1.1 except traffic originating from 192.168.1.1
I am testing it atm.

Code: 
/tmp/home/root# iptables -t nat -S PREROUTING
Code: 
-A PREROUTING ! -s 192.168.1.1/32 ! -d 192.168.1.1/32 -p udp -m udp --dport 123 -j DNAT --to-destination 192.168.1.1
-A PREROUTING ! -s 192.168.1.1/32 ! -d 192.168.1.1/32 -p tcp -m tcp --dport 123 -j DNAT --to-destination 192.168.1.1
 
SomeWhereOverTheRainBow said:
Code: 
iptables -t nat -D PREROUTING -p udp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)" 2>/dev/null
iptables -t nat -D PREROUTING -p tcp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)" 2>/dev/null
iptables -t nat -A PREROUTING -p udp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)"
iptables -t nat -A PREROUTING -p tcp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)"
is an interesting adaptation of your ipv4 rule, it redirects all traffic from ipv4 to and from 192.168.1.1 except traffic originating from 192.168.1.1
I am testing it atm.

Code: 
/tmp/home/root# iptables -t nat -S PREROUTING
Code: 
-A PREROUTING ! -s 192.168.1.1/32 ! -d 192.168.1.1/32 -p udp -m udp --dport 123 -j DNAT --to-destination 192.168.1.1
-A PREROUTING ! -s 192.168.1.1/32 ! -d 192.168.1.1/32 -p tcp -m tcp --dport 123 -j DNAT --to-destination 192.168.1.1
Click to expand...
i get
upload_2020-4-16_4-8-41.png

with it and a successful ntp update every single attempt. no failures
 
SomeWhereOverTheRainBow said:
Code: 
iptables -t nat -D PREROUTING -p udp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)" 2>/dev/null
iptables -t nat -D PREROUTING -p tcp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)" 2>/dev/null
iptables -t nat -A PREROUTING -p udp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)"
iptables -t nat -A PREROUTING -p tcp ! --source "$(nvram get lan_ipaddr)" ! --destination "$(nvram get lan_ipaddr)" --dport 123 -j DNAT --to "$(nvram get lan_ipaddr)"
is an interesting adaptation of your ipv4 rule, it redirects all traffic from ipv4 to and from 192.168.1.1 except traffic originating from 192.168.1.1
I am testing it atm.

Code: 
/tmp/home/root# iptables -t nat -S PREROUTING
Code: 
-A PREROUTING ! -s 192.168.1.1/32 ! -d 192.168.1.1/32 -p udp -m udp --dport 123 -j DNAT --to-destination 192.168.1.1
-A PREROUTING ! -s 192.168.1.1/32 ! -d 192.168.1.1/32 -p tcp -m tcp --dport 123 -j DNAT --to-destination 192.168.1.1
Click to expand...
You shouldn't need to filter out traffic from the router itself, as the router won't be routing it's own traffic through the NAT table. I don't think it will, anyway
 
Jack Yaz said:
You shouldn't need to filter out traffic from the router itself, as the router won't be routing it's own traffic through the NAT table. I don't think it will, anyway
Click to expand...
I think it helps, as i am getting more successful NTP updates. might be a fluke, but it doesn't hurt to test to see if NTP interception improves.
 
You must log in or register to reply here.

Similar threads

morphine
ntpmerlin / chrony with GPS
Replies
12
Views
2K
heysoundude
heysoundude
thelonelycoder
amtm amtm 5.0 - the Asuswrt-Merlin Terminal Menu, November 17, 2024
2 3
Replies
59
Views
6K
thelonelycoder
thelonelycoder
Jack Yaz
YazFi YazFi v4.x - continued
6 7 8
Replies
147
Views
24K
fotingo
F
M
ntpMerlin Chrony clients fail to syncronize
Replies
3
Views
2K
JGrana
JGrana
JGrana
uKasa uKasa - A utility script that manages Kasa smart outlets and switches with Asuswrt-Merlin routers
2
Replies
29
Views
4K
L&LD
L&LD
Similar threads
Thread starter Title Forum Replies Date
W ntpMerlin ntpMerlin and timeserverd ntp_ready tests Asuswrt-Merlin AddOns 1
D NTPmerlin config log not found Asuswrt-Merlin AddOns 2
A ntpMerlin Problems with ntpMerlin Asuswrt-Merlin AddOns 9

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 752 (members: 34, guests: 718)
Top