From owner-freebsd-stable@FreeBSD.ORG Thu Feb 28 14:21:26 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 69B2A1065673 for ; Thu, 28 Feb 2008 14:21:26 +0000 (UTC) (envelope-from jdc@parodius.com) Received: from mx01.sc1.parodius.com (mx01.sc1.parodius.com [72.20.106.3]) by mx1.freebsd.org (Postfix) with ESMTP id 541C98FC20 for ; Thu, 28 Feb 2008 14:21:26 +0000 (UTC) (envelope-from jdc@parodius.com) Received: by mx01.sc1.parodius.com (Postfix, from userid 1000) id 45DEC1CC033; Thu, 28 Feb 2008 06:21:26 -0800 (PST) Date: Thu, 28 Feb 2008 06:21:26 -0800 From: Jeremy Chadwick To: freebsd-stable@freebsd.org Message-ID: <20080228142126.GA46068@eos.sc1.parodius.com> References: <20080227213340.8723D106567D@hub.freebsd.org> <20080228140220.GA890@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080228140220.GA890@gmail.com> User-Agent: Mutt/1.5.16 (2007-06-09) Subject: Re: ntpd fails to synchronize on FreeBSD 6.3-STABLE X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2008 14:21:26 -0000 On Thu, Feb 28, 2008 at 09:02:20PM +0700, Pongthep Kulkrisada wrote: > > You're not getting responses back from __any__ of those NTP servers. If > > you have a firewall *in front* of your BSD box (meaning a separate box, > > not ipfw/ipfilter/pf on the same BSD box!), then this is likely the > > cause of the problem. > The question is that two weeks ago, with same machine, same gateway, same NAT and same firewall config, when I was on FreeBSD 6.2-RELEASE and behind NAT, I could sync with ALL IPv6 servers (IPv4 is not functioning there) I said that in my first post. > I'm pretty sure that if I went back to 6.2 even behind NAT, I could get sync with IPv6. Long writing since my first post I shall summarize my events here for better understanding, and sorry for redundancy. > 1. FreeBSD 5.4-RELEASE(dial up) - can sync all servers > 2. FreeBSD 6.2-RELEASE(dial up) - can sync all servers > 3. FreeBSD 6.2-RELEASE(NAT) - can sync IPv6 servers > 4. FreeBSD 6.3-STABLE (NAT) - not sync at all > The issue is the different result between 3. and 4. > It seems something different between 6.2-RELEASE and 6.3-STABLE. > But today I hear good news for issuance of 7.0-RELEASE. > I shall go on with the new RELEASE. > My bad news is I've just updated to 6.3 for 2 weeks. :-( Okay, so this really sounds like something that changed between 6.2 and 6.3. I don't know what kind of NAT you're using; I believe FreeBSD offers a couple different methods. More information is required... 1) What NAT method are you using (ipfw, ipnat, etc.) 2) What does your network topology look like (draw a diagram, referring to each NIC/ethernet device, IPs, and so on) 3) Please post your NAT rules 4) Have you checked /usr/src/UPDATING for relevant changes? Someone else will have to help you from this point on, because I am not familiar with present-day NAT configuration/usage on FreeBSD. But again: on fxp0, you're seeing outbound NTP queries, but you never get responses on fxp0. Something somewhere is blocking that traffic. One final question: > I'm not using BSD box as a router. Then I'm not sure why you're using NAT on the box at all? -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |