[ntp:questions] How to configure ntp client to connect to localhost?
maarten at kittensandcats.net
Wed Jul 4 08:21:37 UTC 2007
"Ron Ogle" <ogler at tce.com> wrote in message news:4689922A.7040708 at tce.com...
> I would like to set my ntp client to connect to localhost. The normal
> connection does not allow this.
Like David said, you can't do that. NTP is both a server and a client,
and _always_ takes UDP port 123 for itself. So you can't set up a
tunnel on the same machine. And as far as I know, you can't make NTP
use a different port, either. Of course, that leaves open the
possibility of setting up a tunnel and using it from another machine.
But it does mean that NTP is never going to run locally on a host
that pretends to be another host somewhere else.
> My situation is that I use SSH for all of my communications to
> external servers. I need my clients to tunnel their NTP requests
> over this tunnel.
I'd say you _want_ them to. Incidentally, I use the same trick to
access my home network from work. But the business case is _quite_
> I can setup a TCP or UDP tunnel on local port 123 that is actually a
> remote connection to another server's NTP service.
Yes, well, for the clients, it's not a problem. They simply see your
proxy as 'the' Internet NTP server. But your proxy itself is hosed,
> I do this as a security measure. It allows me to allow only outgoing
> connections from a firewall perspective.
Get a better firewall! Ancient Linuxes could do that, _and_ allow
return traffic as appropriate (and only as appropriate).
More information about the questions