> Note that NTP does not use TCP, but UDP. Are you sure that > your filter rules are OK? It's certainly possible to have > a bug in the rule set so it forwards NTP replies for the > internal clients, but doesn't allow them to reach the ntpd > running on the machine itself.
Yes, I discovered the UDPness of it last night and went through the rules again. I am pretty sure they are correct (or at least I cannot see anything wrong). I would assume that ntpdate also uses UDP - and using that I can see all these servers ? > Another question: Do you have a dynamically assigned IP > address? In that case ntpd needs to be restarted when a > new address is assigned, because ntpd has the unfortunate > habit to bind to all addresses that exist at the time it > is started. No, everything is static. It has to be some error in my PF config file somewhere I guess, just hard to work out where. > I'm running ntpd on a NAT gateway myself (RELENG_6), and > there are no problems at all. yes, I too am doing this on a machine elsewhere, which is why this is so frustrating! I know it works, I even have it working on a different network, and it particlaly works here too (it can see one NTP machine on the far side NAT, just none further away). I will continue looking Thanks, -pcf. _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
