> You might be better off running ntpd on the firewall and having
> the inside hosts sync to it.
That would be nice - except my problem is that the firewal is the only
one on which ntp *doest* run! :-)
Thanks for all the other suggestions - will take a look a them later today
and see if I can tra
On 2007-Jul-25 10:30:25 +1000, Andrew Reilly <[EMAIL PROTECTED]> wrote:
>On Wed, Jul 25, 2007 at 05:24:25AM +1000, Peter Jeremy wrote:
>> On 2007-Jul-24 16:00:08 +0100, Pete French <[EMAIL PROTECTED]> wrote:
>> Yes it does. The major difference is that ntpd will use a source
>> port of 123 whilst
Andrew Reilly wrote:
> Peter Jeremy wrote:
> > The major difference is that ntpd will use a source port
> > of 123 whilst ntpdate will use a dynamic source port.
>
> Is that behaviour that can be defeated? If it uses a fixed
> source port, then multiple ntpd clients behind a nat firewall
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Andrew Reilly wrote:
> On Wed, Jul 25, 2007 at 05:24:25AM +1000, Peter Jeremy wrote:
>> On 2007-Jul-24 16:00:08 +0100, Pete French <[EMAIL PROTECTED]> wrote:
>> Yes it does. The major difference is that ntpd will use a source
>> port of 123 whilst n
On Wed, Jul 25, 2007 at 05:24:25AM +1000, Peter Jeremy wrote:
> On 2007-Jul-24 16:00:08 +0100, Pete French <[EMAIL PROTECTED]> wrote:
> Yes it does. The major difference is that ntpd will use a source
> port of 123 whilst ntpdate will use a dynamic source port.
Is that behaviour that can be defea
On 2007-Jul-24 16:00:08 +0100, Pete French <[EMAIL PROTECTED]> wrote:
>at least I cannot see anything wrong). I would assume that ntpdate
>also uses UDP - and using that I can see all these servers ?
Yes it does. The major difference is that ntpd will use a source
port of 123 whilst ntpdate will
Hi, all!
On Tue, Jul 24, 2007 at 04:00:08PM +0100, Pete French wrote:
> Yes, I discovered the UDPness of it last night and went
> through the rules again. I am pretty sure they are correct (or
> at least I cannot see anything wrong). I would assume that ntpdate
> also uses UDP - and using that I
> Note that NTP does not use TCP, but UDP. Are you sure that
> your filter rules are OK? It's certainly possible to have
> a bug in the rule set so it forwards NTP replies for the
> internal clients, but doesn't allow them to reach the ntpd
> running on the machine itself.
Yes, I discovered the
Pete French wrote:
> [...]
> Any suggestions ? I assume it has something to do with the NAT, but I am
> not sure what. All other TCP connections out from that machine to
> external systems work fine, so it is not as if outbound connections from
> there are not working at all.
Note that NTP do
> Well it could just as easily be the associated reboot, but one hesitates to
> suggest that on a *nix list :)
Well, I updated to this mornings -STABLE and I still get the same effect.
Somewhat puzzled, and I not sure where to go from here - especially as
making the queries with 'ntpdate' works f
On Monday 23 July 2007 20:22:22 Pete French wrote:
> > It's deja-vu all over again.
> >
> > I found my works NTP service was broken on Friday, just after I started
> > my holiday.
>
> Interesting to hear from someone also using NAt with a very similar
> problem. Thanks, I am running -STABLE rather
> It's deja-vu all over again.
>
> I found my works NTP service was broken on Friday, just after I started my
> holiday.
Interesting to hear from someone also using NAt with a very similar
problem. Thanks, I am running -STABLE rather than RELENG, but I suspect
I will simply try updating to a late
On Monday 23 July 2007 13:50:09 Pete French wrote:
> Just following the similarly names thread with a bit of interest and I
> decided to check my own ntp setup and, to my surprise, discovered I also
> have a machine which does nothing. What is more surprising to me is that it
> has the same config
Just following the similarly names thread with a bit of interest and I decided
to check my own ntp setup and, to my surprise, discovered I also have a machine
which does nothing. What is more surprising to me is that it has the same
config as a number of other machines, all of which work.
We have
14 matches
Mail list logo
