Date: Tue, 24 Jul 2007 16:00:08 +0100 From: Pete French <petefrench@ticketswitch.com> To: freebsd-stable@FreeBSD.ORG Subject: Re: ntpd on a NAT gateway seems to do nothing Message-ID: <E1IDLrs-0001U0-Di@dilbert.ticketswitch.com> In-Reply-To: <200707241451.l6OEpq2O014634@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> Note that NTP does not use TCP, but UDP. Are you sure that > your filter rules are OK? It's certainly possible to have > a bug in the rule set so it forwards NTP replies for the > internal clients, but doesn't allow them to reach the ntpd > running on the machine itself. Yes, I discovered the UDPness of it last night and went through the rules again. I am pretty sure they are correct (or at least I cannot see anything wrong). I would assume that ntpdate also uses UDP - and using that I can see all these servers ? > Another question: Do you have a dynamically assigned IP > address? In that case ntpd needs to be restarted when a > new address is assigned, because ntpd has the unfortunate > habit to bind to all addresses that exist at the time it > is started. No, everything is static. It has to be some error in my PF config file somewhere I guess, just hard to work out where. > I'm running ntpd on a NAT gateway myself (RELENG_6), and > there are no problems at all. yes, I too am doing this on a machine elsewhere, which is why this is so frustrating! I know it works, I even have it working on a different network, and it particlaly works here too (it can see one NTP machine on the far side NAT, just none further away). I will continue looking Thanks, -pcf.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1IDLrs-0001U0-Di>