[ntp:questions] Re: uk pool problem

Per Hedeland per at hedeland.org
Tue Sep 5 20:53:30 UTC 2006

In article <aNGdnapm7rU_NWDZnZ2dnUVZ_vOdnZ2d at comcast.com> "Richard
B. Gilbert" <rgilbert88 at comcast.net> writes:
>Danny Mayer wrote:
>> David Woolley wrote:
>>>For several years now, it has been almost essential that it does respond
>>>to client requests from other ports, because of network address translation.
>> I hope NAT does not REQUIRE different port numbers.
>NAT maps public address + port to (RFC 1918) private address + port.  So 
>a system with an RFC 1918 address will send an NTP packet 
>from port 123 and the NAT router will map it to port 
>xxxxx.  When you reply to port xxxxx the router knows to 
>map it to port 123.
>So yes, in a sense, NAT does require "different" port numbers.

Well, it doesn't require *different* port numbers (not sure what you
mean with the quotes), i.e. it's perfectly possible (and generally
desirable IMHO) for xxxxx to be 123 - as long as there is only one
internal address sending from 123. YMMV depending on the capabilities of
your NAT device of course, but it's certainly technically possible, and
trivial to do with something like ipfilter on a *nix box.

--Per Hedeland
per at hedeland.org

More information about the questions mailing list