Linux – Why does NTP daemon keep listening on UDP6

daemonipv6linuxntpservice

I have a clean Debian 7 installation, and I manually entered the following lines in /etc/ntp.conf:

interface ignore wildcard
interface listen <local_nic_ip>

Hoping that NTP will no longer listen on UDP6, but after a restart, it still does:

5:udp        0      0 <local_nic_ip>:123       0.0.0.0:*                           9172/ntpd       
6:udp        0      0 127.0.0.1:123           0.0.0.0:*                           9172/ntpd       
8:udp6       0      0 ::1:123                 :::*                                9172/ntpd

The command line of NTP shows nothing unusual:

/usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 121:130

How to stop NTP from listening on that UDP6 port?

Best Answer

I have been able to disable IPv6 for NTP on my Debian 5/6/7 and Ubuntu 12.04 this way :

Edit file /etc/default/ntp and replace

NTPD_OPTS='-g'

by

NTPD_OPTS='-4 -g'

Then, you can keep your directives in ntp.conf, they are not ignored :

interface ignore wildcard
interface listen <local_nic_ip>
  • Without interface ignore wildcard NTP will also listen on 0.0.0.0
  • Without interface listen <local_nic_ip> NTP will only listen on 127.0.0.1 (of course)

This will results in :

# netstat -anp | grep :123
udp    0      0 192.168.0.38:123     0.0.0.0:*                 2901/ntpd
udp    0      0 127.0.0.1:123        0.0.0.0:*                 2901/ntpd

Also, i confirm that OpenNTPD listens where you ask him to listen more friendly (no need to edit multiple config files). By default it listens nowhere until you configure it to do so (very secure) ;)

In config file, just uncomment line

listen on 127.0.0.1

And add line

listen on <local_nic_ip>

Results in :

# netstat -anp | grep :123
udp   0    0 192.168.0.38:123     0.0.0.0:*                 8581/ntpd
udp   0    0 127.0.0.1:123        0.0.0.0:*                 8581/ntpd
Related Topic