* Kevin Darbyshire-Bryant <ke...@darbyshire-bryant.me.uk> [23.09.2015 12:21]:
[...] > signature timestamps. If the system time is not actually 'internet > time' (within a tolerance of which I'm unclear) and dnsmasq is using > 'dnssec-check-unsigned' then ALL dns resolution will fail (everything is > considered BOGUS) - arguably a fail safe in that it just stops! This > become really problematic when trying to resolve name to ip addresses of > ntp servers ;-) good point. so it makes sense to startup dnsmasq without dnssec strict checks and reconfigure it when NTP was successful? it would be really helpful if ntp can mark (with a file) somehow, that time is 'good'. At least the returncode indicates that: root@box:~ /usr/sbin/ntpd -q -n -p 1.openwrt.pool.ntp.org root@box:~ echo $? 0 (it is e.g. 143 when it fails) so if first timesetting is done, it has to trigger dnsmasq... bye, bastian _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
