From nobody Sun Jul 07 19:49:31 2024
X-Original-To: freebsd-arm@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WHHsC3l7dz5QNX0
	for <freebsd-arm@mlmmj.nyi.freebsd.org>; Sun, 07 Jul 2024 19:49:51 +0000 (UTC)
	(envelope-from pmh@hausen.com)
Received: from mail2.pluspunkthosting.de (mail2.pluspunkthosting.de [217.29.33.228])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WHHsC0NS0z4DJr
	for <freebsd-arm@freebsd.org>; Sun,  7 Jul 2024 19:49:51 +0000 (UTC)
	(envelope-from pmh@hausen.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: from smtpclient.apple (87.138.185.145)
 by mail2.pluspunkthosting.de (Axigen)
 with (ECDHE-RSA-AES256-GCM-SHA384 encrypted) ESMTPSA id 3AFD3D;
 Sun, 7 Jul 2024 21:49:42 +0200
Content-Type: text/plain;	charset=us-ascii
List-Id: Porting FreeBSD to ARM processors <freebsd-arm.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-arm
List-Help: <mailto:freebsd-arm+help@freebsd.org>
List-Post: <mailto:freebsd-arm@freebsd.org>
List-Subscribe: <mailto:freebsd-arm+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-arm+unsubscribe@freebsd.org>
Sender: owner-freebsd-arm@FreeBSD.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\))
Subject: Re: ntpd vs ntpdate with no hardware clock
From: "Patrick M. Hausen" <pmh@hausen.com>
In-Reply-To: <1643prpr-11o6-9s9p-0r34-ns09136o5sqr@fncre.vasb>
Date: Sun, 7 Jul 2024 21:49:31 +0200
Cc: Ronald Klop <ronald-lists@klop.ws>, bob prohaska <fbsd@www.zefox.net>,
 freebsd-arm@freebsd.org
Content-Transfer-Encoding: 7bit
Message-Id: <3850C952-C54E-4D42-868B-F675EFD00486@hausen.com>
References: <454282477.15929.1720372600841@localhost>
 <1643prpr-11o6-9s9p-0r34-ns09136o5sqr@fncre.vasb>
To: Marcin Cieslak <saper@saper.info>
X-Mailer: Apple Mail (2.3774.600.62)
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:16188, ipnet:217.29.32.0/20, country:DE]
X-Rspamd-Queue-Id: 4WHHsC0NS0z4DJr

Hi all,

> Am 07.07.2024 um 21:07 schrieb Marcin Cieslak <saper@saper.info>:
> Rrecently I have removed an RTC battery
> from my amd64 system and it turned out
> that ntpd couldn't do anything to set the time
> because the local DNS resolver failed
> (I presume it was dnssec failure).
> 
> What is the most elegant solution to
> cope with such a race condition?
> (DNS needs time, setting time needs DNS)

Have at least one dedicated NTP server in your infrastructure,
itself pulling from stratum 1 servers like e.g. ptbtimeX.ptb.de for
Germany and use that one with an IP address or a static
/etc/hosts entry instead of relying on DNS.

I don't know if that is the most elegant one, but it's what we
do. Official german time source Physikalisch-Technische
Bundesanstalt officially encourages everyone to use their
servers but asks to appoint dedicated systems (in case of a
small setup e.g. just a single system, the firewall) to poll
these and point all clients at your local NTP server(s).

That way everybody gets stratum 2 servers for free.

HTH,
Patrick