resolution fails when the date of the server is more than 2 days late
chriztoffer at netravnen.de
Mon Mar 2 11:17:25 UTC 2020
On Mon, 2 Mar 2020 at 07:59, dy1977--- via Unbound-users
<unbound-users at lists.nlnetlabs.nl> wrote:
> I could do that by setting the ip address of ntp.org somewhere, but if
> this ip address changes one day, the system will fail again, so I don't
> like it.
Have you considered this approach?
Resolve the DNS records on a regular interval, e.g. once a week or
once a month. And use the resolved IP addresses for hardcoding the NTP
This will ensure you can always sync the NTP clock locally, even if
your recursive resolver fails due to time-drifting. And you will
always have consistent, working IP addresses stored for upstream NTP
synchronization refreshed on regular intervals.
Placing a script file in /etc/cron.weekly or /etc/cron.monthly can do
the task of updating your local ntpd.conf file and
reloading/restarting the ntp daemon.
$ dig A +answer +nocmd +nomultiline +nocomments 0.pool.ntp.org | grep
-v '^;' | grep -E -o
More information about the Unbound-users