resolution fails when the date of the server is more than 2 days late

Chriztoffer Hansen chriztoffer at
Mon Mar 2 11:17:25 UTC 2020

On Mon, 2 Mar 2020 at 07:59, dy1977--- via Unbound-users
<unbound-users at> wrote:
> I could do that by setting the ip address of somewhere, but if
> this ip address changes one day, the system will fail again, so I don't
> like it.

Have you considered this approach?

Resolve the DNS records on a regular interval, e.g. once a week or
once a month. And use the resolved IP addresses for hardcoding the NTP
upstream servers?

This will ensure you can always sync the NTP clock locally, even if
your recursive resolver fails due to time-drifting. And you will
always have consistent, working IP addresses stored for upstream NTP
synchronization refreshed on regular intervals.

Placing a script file in /etc/cron.weekly or /etc/cron.monthly can do
the task of updating your local ntpd.conf file and
reloading/restarting the ntp daemon.

$ dig A +answer +nocmd +nomultiline +nocomments | grep
-v '^;' | grep -E -o



More information about the Unbound-users mailing list