Date: Tue, 24 Jul 2007 16:51:52 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG, petefrench@ticketswitch.com Subject: Re: ntpd on a NAT gateway seems to do nothing Message-ID: <200707241451.l6OEpq2O014634@lurza.secnetix.de> In-Reply-To: <E1ICxMX-000Mg2-J1@dilbert.ticketswitch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Pete French wrote: > [...] > Any suggestions ? I assume it has something to do with the NAT, but I am > not sure what. All other TCP connections out from that machine to > external systems work fine, so it is not as if outbound connections from > there are not working at all. Note that NTP does not use TCP, but UDP. Are you sure that your filter rules are OK? It's certainly possible to have a bug in the rule set so it forwards NTP replies for the internal clients, but doesn't allow them to reach the ntpd running on the machine itself. Another question: Do you have a dynamically assigned IP address? In that case ntpd needs to be restarted when a new address is assigned, because ntpd has the unfortunate habit to bind to all addresses that exist at the time it is started. I'm running ntpd on a NAT gateway myself (RELENG_6), and there are no problems at all. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200707241451.l6OEpq2O014634>