enable ntp dhcp option in kea

[sarcasticadmin]

Description

Blocked by: #592

Now that we have a ntp service lets define the correct dhcp option in kea so ensure that clients are getting this information.

Acceptance Criteria

• kea serving up ntp servers via dhcp v4 & v6 options
• tests to confirm that kea is correctly setting those options for a client

[owendelong]

Does this still need something? How is our Kea configuration built and where would the options need to be added? Let's do this for both v4 and v6 at the same time.

[sarcasticadmin]

Adding some notes here about dhcpv6:

There seem to be more than one way to set NTP servers via DHCPv6: https://superuser.com/a/1766773 which calls out RFC 5908: https://www.rfc-editor.org/rfc/rfc5908.html#section-7

Kea only seems to be aware of SNTP (option 31): https://kea.readthedocs.io/en/kea-2.0.0/arm/dhcp6-srv.html#id2

We could also set both dhcp ntp options just to cover our basis: 31 & 56

[MrHamel]

Hijacking this due to the RPi systemd-timesyncd delay issues when booting NixOS. Let's do that.

It seems very simple to add: (existing v4) https://github.com/socallinuxexpo/scale-network/blob/c6e657d6cca7fc17aac370905dd1e8105d087f8b/facts/inventory.py#L462, (where V6 additions need to go) https://github.com/socallinuxexpo/scale-network/blob/c6e657d6cca7fc17aac370905dd1e8105d087f8b/facts/inventory.py#L528

Signs is a v6 only network: https://github.com/socallinuxexpo/scale-network/blob/c6e657d6cca7fc17aac370905dd1e8105d087f8b/switch-configuration/config/vlans.d/Conference#L9 + https://github.com/socallinuxexpo/scale-network/blob/c6e657d6cca7fc17aac370905dd1e8105d087f8b/switch-configuration/config/vlans.d/Expo#L9

The Pi solution would be to either hard code the NTP server IPs into their config, update the Kea config with the applicable v6 core IPs + get the RPi config to ignore the built-in list and use DHCP https://nixos.wiki/wiki/NTP.

[MrHamel]

https://wiki.archlinux.org/title/systemd-timesyncd#Configuration

Per the documentation, this is the order for NTP server list:

Further to the daemon configuration, NTP servers may also be provided via a systemd-networkd configuration with a NTP= option or, dynamically, via a DHCP server.

The NTP server to be used will be determined using the following rules:

• Any per-interface NTP servers obtained from systemd-networkd.service(8) configuration or via DHCP take precedence.
• The NTP servers defined in /etc/systemd/timesyncd.conf will be appended to the per-interface list at runtime and the daemon will contact the servers in turn until one is found that responds.
• If no NTP server information is acquired after completing those steps, the NTP server host names or IP addresses defined in FallbackNTP= will be used.

Errata: According to the big cheese, it checks one server at a time (i.e no parallelism), so it's crucial that the first server be up for a quick RPi boot. -- https://github.com/systemd/systemd/issues/19494#issuecomment-831953675

An option around that if performance is important, is to ditch systemd-timesyncd for chrony, which would be forced to use hardcoded servers, and for backup it has a pool config option which allows it to discover and automatically maintain 2-16 servers from pool.ntp.org (more information at https://chrony-project.org/doc/4.1/chrony.conf.html).

If DHCP is a must for the RPi's we could pull off something like https://github.com/systemd/systemd/issues/19230#issuecomment-1972125246. The "if" is important, because I want to be sure chrony will attempt to sync in parallel, and whatever responds, wins that initial sync.

[owendelong]

I don’t see any issue with adding it to the DHCP server.

Owen

On Jun 1, 2024, at 09:55, Ryan Hamel @.***> wrote:

https://wiki.archlinux.org/title/systemd-timesyncd#Configuration

Per the documentation, this is the order for NTP server list:

Further to the daemon configuration, NTP servers may also be provided via a systemd-networkd https://wiki.archlinux.org/title/Systemd-networkd#%5BNetwork%5D configuration with a NTP= option or, dynamically, via a DHCP server.

The NTP server to be used will be determined using the following rules:

Any per-interface NTP servers obtained from systemd-networkd.service(8) https://man.archlinux.org/man/systemd-networkd.service.8 configuration or via DHCP take precedence. The NTP servers defined in /etc/systemd/timesyncd.conf will be appended to the per-interface list at runtime and the daemon will contact the servers in turn until one is found that responds. If no NTP server information is acquired after completing those steps, the NTP server host names or IP addresses defined in FallbackNTP= will be used. Errata: According to the big cheese, it checks one server at a time (i.e no parallelism), so it's crucial that the first server be up for a quick RPi boot. -- systemd/systemd#19494 (comment) https://github.com/systemd/systemd/issues/19494#issuecomment-831953675 An option around that if performance is important, is to ditch systemd-timesyncd for chrony, which would be forced to use hardcoded servers, and for backup it has a pool config option which allows it to discover and automatically maintain 2-16 servers from pool.ntp.org (more information at https://chrony-project.org/doc/4.1/chrony.conf.html).

If DHCP is a must for the RPi's we could pull off something like systemd/systemd#19230 (comment) https://github.com/systemd/systemd/issues/19230#issuecomment-1972125246. The "if" is important, because I want to be sure chrony will attempt to sync in parallel, and whatever responds, wins that initial sync.

— Reply to this email directly, view it on GitHub https://github.com/socallinuxexpo/scale-network/issues/593#issuecomment-2143512960, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAK6GTXCIYM3ERHVOZNTHDTZFH4IHAVCNFSM6AAAAAAV4ACYHGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBTGUYTEOJWGA. You are receiving this because you were assigned.