Date: Wed, 25 Jul 2007 09:50:09 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG, andrew-freebsd@areilly.bpc-users.org Subject: Re: ntpd on a NAT gateway seems to do nothing Message-ID: <200707250750.l6P7o9FL056031@lurza.secnetix.de> In-Reply-To: <20070725003025.GA63332@duncan.reilly.home>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Reilly wrote: > Peter Jeremy wrote: > > The major difference is that ntpd will use a source port > > of 123 whilst ntpdate will use a dynamic source port. > > Is that behaviour that can be defeated? If it uses a fixed > source port, then multiple ntpd clients behind a nat firewall > will be competing for the same ip quadtuple at the NAT box. Usually the clients behind the NAT gateway use the ntpd running on the gateway itself, not any servers beyond. So NTP queries never have to be forwarded across the gateway, so they're not subject to NAT translation at all. The gateway rather acts as server and client at the same time. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd Passwords are like underwear. You don't share them, you don't hang them on your monitor or under your keyboard, you don't email them, or put them on a web site, and you must change them very often.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200707250750.l6P7o9FL056031>