[ntp:questions] NTP Sync Problem

Ron C. nospam at nospam.com
Fri Mar 9 09:56:39 UTC 2007

"Per Hedeland" <per at hedeland.org> wrote in message news:esq7cq$1qtc$3 at hedeland.org...
> In article <33448$45efe4e1$42865632$32620 at msgid.meganewsservers.com>
> "Ron C." <nospam at nospam.com> writes:
> >However Covad makes the WAN IP private (non-routable) with the local end
> >programmed as and the remote as  Apparently Netopia
> >uses the WAN IP for  NTP  and the router knows that it makes no sense to
> >try to use NTP with a non-routable IP, so it logs the "cannot send"
> >error message.
> I'm not sure I followed all that, but if the router has its WAN
> interface "configured" with, it's no surprise that it refuses to
> originate traffic in that direction. Nothing NTP-specific, nor even
> necessarily knowledge about what is "routable", but sending out IP
> packets with source address is just Plain Wrong (unless you're
> booting and need to speak DHCP/BOOTP before you can get your address).
> But I believe you said that it worked fine to do NTP requests from
> inside your network (and I would expect that, as long as the router
> doesn't try to NAT them to Couldn't you just set up an NTP
> server there, and point the router at *that*? This would also have the
> advantage that if the router goes berserk and starts spewing requests
> continously, only you will suffer.:-)
> --Per Hedeland
> per at hedeland.org

The problem causing the "cannot SEND" error message seems to be the originating IP rather than the destination IP.  The Netopia router uses the WAN IP as the originating source.  In order to conserve their IP address space Covad causes this WAN IP to be of the private type (172.19.x.x). [BTW this number is NOT one of the WAN numbers entered into the router during setup which are and  It seems to be aquired by the router when the connection with Covad is authenticated.]  In any case, Covad tech support said that the router tries to use this "private" IP as a source and that's why it fails.  I think the NTP program in the router stops in its tracks when it sees the private IP and produces the "cannot SEND" error message instead of sending the NTP request.  It's probably not going berserk, it's just designed to send NTP requests FROM a routable public WAN IP, and stops because it doesn't have one.  In my case it's the LAN side that has routable IPs since I'm paying extra for a block of 16 IP addresses, so that I can have internet servers.  (Some of these are part of a DHCP pool programmed in the router for non-servers on my network.)  NAT is not used.  I believe that if I were using NAT instead, the single routable IP would be on the WAN while the LAN addresses would be private and then the router would be able to send NTP requests to set its own clock.

More information about the questions mailing list