Getting chrony to not try to use IPv6 time sources on Fedora
Ever since I switched over to chrony,
one of the quiet little irritations of its setup on my office
workstation has been that it tried to use IPv6 time sources along
side the IPv4 ones. It got these time sources from the default
Fedora pool I'd left it using along side our local time sources
(because I'm the kind of person who thinks the more time sources
the merrier), and at one level looking up IPv6 addresses as well
as IPv4 addresses is perfectly sensible. At another level, though,
it wasn't, because my office workstation has no IPv6 connectivity
and even no IPv6 configuration. All of those IPv6 time sources that
chrony was trying to talk to were completely unreachable and would
never work. At a minimum they were clutter in '
output, but probably they were also keeping chrony from picking up
some additional IPv4 sources.
I started out by reading the
chrony.conf manpage, on
the assumption that that would be where you configured this.
When I found nothing, I unwisely gave up and grumbled to myself,
eventually saying something on Twitter. This
caused @rt2800pci1 to suggest using systemd restrictions so
chronyd couldn't even use IPv6. This had some interesting
results. On the one hand,
chronyd definitely couldn't use IPv6
and it said as much:
chronyd: Could not open IPv6 command socket : Address family not supported by protocol
On the other hand, this didn't stop
chronyd from trying to use
IPv6 addresses as time sources:
chronyd: Source 2620:10a:800f::14 replaced with 2620:10a:800f::11
(I don't know why my office workstation has such high PIDs at the moment. Something odd is clearly going on.)
However, this failure caused me to actually read the
I finally noticed the
-4 command line option, which tells chrony
to only use IPv4 addresses for everything. On Fedora, you can
configure what options are given to
which is automatically used by the standard Fedora
systemd service for chrony(d). A quick addition and chrony restart,
and now it's not trying to use IPv6 and I'm happy.
There are a number of lessons here. One of them is my perpetual one,
which is that I should read the manual pages more often (and make
sure I read all of them). There was no reason to stop with just the
chronyd.conf manpage; I simply assumed that not using IPv6 would be
configured there if it was configurable at all. I was wrong and I could
had my annoyance fixed quite a while ago if I'd looked harder.
Another one, on the flipside, is that completely disabling IPv6 doesn't necessarily stop modern programs from trying to use it. Perhaps this is a bug on chrony's part, but I suspect that its authors will be uninterested in fixing it. It's likely becoming a de facto standard that Linux systems have IPv6 enabled, even if they don't have it configured and can't reach anything with it. Someday we're going to see daemons that bind themselves only to the IPv6 localhost, not the IPv4 one.
Comments on this page:Written on 05 March 2018.