[ntp:questions] Problem syncing NTP behind NAT

E-Mail Sent to this address will be added to the BlackLists Null at BlackList.Anitech-Systems.invalid
Fri Apr 6 03:37:05 UTC 2012

On 4/5/2012 7:38 PM, Ken Link wrote:
> Machine A sees the server response and thanks to iburst quickly
> syncs to the machine, all good.
> Now I stop NTP on machine A and start NTP on machine B.
>  The client request goes out the NAT, and I see the request
>   coming into the external server with tcpdump.
>  But, NTP on the external server doesn't respond.

No message at all, not RATE or KOD?

 If the external has restrict limited / kod,
  it may not respond, if KOD is enabled, and limited is not,
  or it it the rate limit for KODs.

Is Auth required by the external ntp?

>  In fact, the debug from NTP doesn't even have a "receive"
>   line for the request.

Does the external server still respond to A, if you restart A?

> The order I start/stop NTP doesn't make a difference. With both
> machines running NTP it doesn't make a difference. The external server
> will always respond to machine A, and never respond to machine B.

What client source ports through the NAT are seen by the external?

 IIRC restrict ntpport at the external,
  will make it only answer clients,
  that it sees messages coming from port 123;
   and if the NAT sends from port 123 for machine A,
   and another port from machine B, ...
  {You should be able to see this at the external's wireshark.}

E-Mail Sent to this address <BlackList at Anitech-Systems.com>
  will be added to the BlackLists.

More information about the questions mailing list