No AAAA records on pool.ntp.org

So i am using au[.]pool[.]ntp[.]org for my ATA, and i noticed the time is wrong. The ATA is IPv6 only. I notice ntp[.]org advertises it has IPv4 and IPv4, but no IPv6 address is returned when resolving pool[.]ntp[.]org ?

1 Like

Welcome @Garbage!
You may want to use 2.pool.ntp.org that one has AAAA record to get the time through IPv6.

1 Like

But not 2.au.pool.ntp.org

blocked.gif

There are AAAA records as well for the 2.au.pool.ntp.org domain. However, you may not want to use this explicitly. You should rather allow the geoip service to take care of assigning the NTP servers appropriate for the location of the NTP client. To use 2.au.pool.ntp.org makes sense only if the client is not located in Australia (for example in Europe or America) and you still want to synchronize to Australian NTP servers.

Well I am afraid that the GeoIP might be somewhat broken in [012].pool.ntp.org zones… My test against 1.pool.ntp.org returned IPs far away:

alica@atelier:~$ dig @dns.hinet.net 1.pool.ntp.org

; <<>> DiG 9.11.20 <<>> @dns.hinet.net 1.pool.ntp.org
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26018
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: c1712a893e1bbbbafda39d335eef3b72099ffa8a8be84090 (good)
;; QUESTION SECTION:
;1.pool.ntp.org.                        IN      A

;; ANSWER SECTION:
1.pool.ntp.org.         150     IN      A       94.228.220.14
1.pool.ntp.org.         150     IN      A       129.70.132.36
1.pool.ntp.org.         150     IN      A       208.75.88.4
1.pool.ntp.org.         150     IN      A       198.60.22.240

;; Query time: 28 msec
;; SERVER: 168.95.192.1#53(168.95.192.1)
;; WHEN: 日  6月 21 18:50:26 CST 2020
;; MSG SIZE  rcvd: 135

alica@atelier:~$ ping 94.228.220.14
PING 94.228.220.14 (94.228.220.14) 56(84) bytes of data.
64 bytes from 94.228.220.14: icmp_req=1 ttl=47 time=242 ms
64 bytes from 94.228.220.14: icmp_req=2 ttl=47 time=241 ms
^C
--- 94.228.220.14 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 241.826/241.966/242.106/0.140 ms
alica@atelier:~$ ping 129.70.132.36
PING 129.70.132.36 (129.70.132.36) 56(84) bytes of data.
64 bytes from 129.70.132.36: icmp_req=1 ttl=41 time=279 ms
^C
--- 129.70.132.36 ping statistics ---
2 packets transmitted, 1 received, 50% packet loss, time 1001ms
rtt min/avg/max/mdev = 279.424/279.424/279.424/0.000 ms
alica@atelier:~$ ping 208.75.88.4
PING 208.75.88.4 (208.75.88.4) 56(84) bytes of data.
64 bytes from 208.75.88.4: icmp_req=1 ttl=47 time=158 ms
^C
--- 208.75.88.4 ping statistics ---
2 packets transmitted, 1 received, 50% packet loss, time 1001ms
rtt min/avg/max/mdev = 158.511/158.511/158.511/0.000 ms
alica@atelier:~$ ping 198.60.22.240
PING 198.60.22.240 (198.60.22.240) 56(84) bytes of data.
64 bytes from 198.60.22.240: icmp_req=1 ttl=45 time=162 ms
64 bytes from 198.60.22.240: icmp_req=2 ttl=45 time=161 ms
^C
--- 198.60.22.240 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 161.769/162.020/162.272/0.474 ms

If I query only the pool.ntp.org then the GeoIP works fine and returned nearby IPs. 162.159.200.1 and 162.159.200.123 come from CloudFlare and was ignored in the test.

alica@atelier:~$ dig @dns.hinet.net pool.ntp.org

; <<>> DiG 9.11.20 <<>> @dns.hinet.net pool.ntp.org
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17917
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pool.ntp.org.                  IN      A

;; ANSWER SECTION:
pool.ntp.org.           31      IN      A       162.159.200.123
pool.ntp.org.           31      IN      A       162.159.200.1
pool.ntp.org.           31      IN      A       122.117.253.246
pool.ntp.org.           31      IN      A       218.161.118.185

;; Query time: 4 msec
;; SERVER: 168.95.1.1#53(168.95.1.1)
;; WHEN: 日  6月 21 18:51:49 CST 2020
;; MSG SIZE  rcvd: 105

alica@atelier:~$ ping 122.117.253.246
PING 122.117.253.246 (122.117.253.246) 56(84) bytes of data.
64 bytes from 122.117.253.246: icmp_req=1 ttl=57 time=9.36 ms
64 bytes from 122.117.253.246: icmp_req=2 ttl=57 time=9.20 ms
^C
--- 122.117.253.246 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 9.207/9.286/9.366/0.124 ms
alica@atelier:~$ ping 218.161.118.185
PING 218.161.118.185 (218.161.118.185) 56(84) bytes of data.
64 bytes from 218.161.118.185: icmp_req=1 ttl=55 time=8.22 ms
^C
--- 218.161.118.185 ping statistics ---
2 packets transmitted, 1 received, 50% packet loss, time 1001ms
rtt min/avg/max/mdev = 8.220/8.220/8.220/0.000 ms

I do not have IPv6 connection so I did not test the 2.pool.ntp.org zone, but I suspect it cannot reply nearby IPs neither.

For me, when I queried the same DNS server ( ns.hinet.net) both pool.ntp.org and 1.pool.ntp.org gave Taiwanese NTP servers, which I believe is the correct answer. The question is, which public IP address(es) the DNS provider is using to execute the recursion for DNS. One may be Taiwanese IP address another one may be from other country, or even non-categorized IP address. The endresult depends on the accuracy of the GeoIP database as well.

After that there is one more case to use directly 2.au.pool.ntp.org: when the client IP address is incorrectly categorized in the GeoIP database.