From owner-freebsd-net@freebsd.org  Tue Dec  1 15:53:46 2015
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 01A8CA3D39F
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Tue,  1 Dec 2015 15:53:46 +0000 (UTC) (envelope-from elof2@sentor.se)
Received: from smtp-out.sentor.se (smtp-out.sentor.se [176.124.225.2])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id B93B910EE;
 Tue,  1 Dec 2015 15:53:45 +0000 (UTC) (envelope-from elof2@sentor.se)
Received: from localhost (localhost [127.0.0.1])
 by farmermaggot.shire.sentor.se (Postfix) with ESMTP id 40D80B61D233;
 Tue,  1 Dec 2015 16:53:42 +0100 (CET)
Date: Tue, 1 Dec 2015 16:53:42 +0100 (CET)
From: elof2@sentor.se
To: Matthew Seaman <matthew@FreeBSD.org>
cc: freebsd-net <freebsd-net@freebsd.org>
Subject: Re: IPFW blocked my IPv6 NTP traffic
In-Reply-To: <565DBA5B.20203@FreeBSD.org>
Message-ID: <alpine.BSF.2.00.1512011650350.54839@farmermaggot.shire.sentor.se>
References: <1448920706.962818.454005905.61CF9154@webmail.messagingengine.com>
 <1448956697.854911427.15is5btc@frv34.fwdcdn.com>
 <1448982333.1269981.454734633.11BA4DB2@webmail.messagingengine.com>
 <565DBA5B.20203@FreeBSD.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2015 15:53:46 -0000


On Tue, 1 Dec 2015, Matthew Seaman wrote:

> On 2015/12/01 15:05, Mark Felder wrote:
>> Notice how almost all of them are port 123 on both sides, but a few of
>> them are not. Why? The RFC says that NTP is supposed to be using port
>> 123 as both the source and destination port, but I clearly have
>> something happening on port 16205. Is something screwy with ntpd in
>> CURRENT?
>
> NTP not using port 123 as the source port usually indicates that it is
> behind a NAT gateway at the other end.  It's harmless and fairly common.

...or simply that it is a ntp *client* like ntpdate, and not a daemon.
Clients often use a random source port, while ntpd use source port 123.

/Elof