[time] problem with russian pool servers ntp.ru
Thu Feb 4 12:40:27 UTC 2010
Ronan Flood wrote:
>> For example:
>> 18.104.22.168 .INIT. 16 u - 1024 0 0.000 0.000 0.000
>> Can someone please check if these servers are broken or if I'm doing
>> something wrong?
> I've tried that one, and I see the same behaviour as you. I suppose
> they could be behind firewalls blocking incoming traffic from port 123,
> which would explain why ntpdate -u works.
Exactly. I've just verified that your theory is correct with tcpdump. Time
packets from a high port receive a response whereas time packets from port 123
I didn't realise before that the debug option "ntpdate -d" makes it use an
unprivileged source port.
So "ntpdate -v 22.214.171.124" does NOT work because it uses port 123 as source
whereas "ntpdate -d 126.96.36.199" DOES work because it uses a high-numbered port.
Surely all these servers should be removed from the pool if they do not allow
connections from port 123?
More information about the pool