[ntp:questions] How to configure ntp client to connect to localhost?

Maarten Wiltink maarten at kittensandcats.net
Wed Jul 4 08:21:37 UTC 2007


"Ron Ogle" <ogler at tce.com> wrote in message news:4689922A.7040708 at tce.com...

> I would like to set my ntp client to connect to localhost.  The normal
> connection does not allow this.

Like David said, you can't do that. NTP is both a server and a client,
and _always_ takes UDP port 123 for itself. So you can't set up a
tunnel on the same machine. And as far as I know, you can't make NTP
use a different port, either. Of course, that leaves open the
possibility of setting up a tunnel and using it from another machine.
But it does mean that NTP is never going to run locally on a host
that pretends to be another host somewhere else.


> My situation is that I use SSH for all of my communications to
> external servers.  I need my clients to tunnel their NTP requests
> over this tunnel.

I'd say you _want_ them to. Incidentally, I use the same trick to
access my home network from work. But the business case is _quite_
different.


> I can setup a TCP or UDP tunnel on local port 123 that is actually a
> remote connection to another server's NTP service.

Yes, well, for the clients, it's not a problem. They simply see your
proxy as 'the' Internet NTP server. But your proxy itself is hosed,
NTP-wise.


> I do this as a security measure.  It allows me to allow only outgoing
> connections from a firewall perspective.

Get a better firewall! Ancient Linuxes could do that, _and_ allow
return traffic as appropriate (and only as appropriate).

Groetjes,
Maarten Wiltink





More information about the questions mailing list