Date: Mon, 28 Jan 2002 23:05:56 +0100 From: Mark Rowlands <fuc952d@tninet.se> To: Jonathan Chen <jonc@chen.org.nz>, devin-freebsdquestions@rintrah.org Cc: Marco Radzinschi <marco@radzinschi.com>, freebsd-questions@FreeBSD.ORG Subject: Re: NTP behind NAT box? Message-ID: <20020128220550.2293E37B416@hub.freebsd.org> In-Reply-To: <20020129075727.A2307@grimoire.chen.org.nz> References: <20020122085250.N7705-100000@mail.radzinschi.com> <20020128072745.A76592@tharmas.rintrah.org> <20020129075727.A2307@grimoire.chen.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 28 January 2002 7:57 pm, Jonathan Chen wrote: > On Mon, Jan 28, 2002 at 07:27:45AM -0500, devin-freebsdquestions@rintrah.org wrote: > > On Tue, Jan 22, 2002 at 08:56:10AM -0500, Marco Radzinschi wrote: > > > Hello: > > > > > > I am running ntpd on a machine behind a router which is taking > > > care of NAT. I have the router forwarding UDP packets on port 123 to > > > said machine, and NTP is working. > > > > > > Now, do I really need to be forwarding UDP/123 to that machine, or will > > > ntpd work without it? > > > > ntpd will make outbound connections to sync the box it is running on with > > whatever ntp server you connect to in the outside world. > > > > in this case you don't need to be forwarding port 123 to it (in fact, > > that might be a bad idea...) > > Hmm. I've just played around with this recently, and it looks like one > *does* need to forward port 123. A quick check with "ntpq -p" shows that > if you don't forward the port, all of the servers you try to sync with > are marked as "rejected". > I run a freebsd firewall / router with ipf and nat, have no ports forwarded and ntpd runs fine. -- A lost ounce of gold may be found, a lost moment of time never. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020128220550.2293E37B416>