[ntp:questions] ntpdate unexpected behaviour

Chuck Swiger cswiger at mac.com
Thu Aug 3 17:47:16 UTC 2017


On Aug 3, 2017, at 7:27 AM, Leandro Martelli <martelli at epix.com.br> wrote:
> I just came across a non-intuitive ntpdate case caused by my firewall
> configuration.
> 
> My firewall outbound rules include something like:
> 
> - allow from udp 123 to udp 123
> - allow from udp 10000-20000 to any

Try: all from udp any to udp 123 instead.

...or udp 123,1024-65535 if you prefer.

Check sysctl net.ipv4.ip_local_port_range (or your system's equivalent) and tweak the range if needed.

Regards,
-- 
-Chuck



More information about the questions mailing list