[ntp:questions] How to configure ntp client to connect to localhost?

Danny Mayer mayer at ntp.isc.org
Wed Jul 4 15:15:03 UTC 2007


Ron Ogle wrote:
> I would like to set my ntp client to connect to localhost.  The normal
> connection does not allow this.
> 

Of course not. Don't use 127.0.0.1 for this. Use a different address.

> My situation is that I use SSH for all of my communications to external
> servers.  I need my clients to tunnel their NTP requests over this tunnel.
> 

NTP has no problem running over a VPN, it's implemented on a layer below
UDP. However using localhost is a really bad idea.

> I can setup a TCP or UDP tunnel on local port 123 that is actually a
> remote connection to another server's NTP service.
> 

Follow the SSH rules for this but even with SSH you can't use localhost,
that would just route you back to yourself. The tunnel needs to have an
address other than the ones in use by the system.

> I do this as a security measure.  It allows me to allow only outgoing
> connections from a firewall perspective.
> 

This makes no sense. Set up the firewall correctly to allow only those
packets for which you need.

Danny
> Thanks in advance.
> Ron Ogle




More information about the questions mailing list