Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- From: Stephen Carville <stephen@xxxxxxxxxxxxxx>
- Date: Fri, 18 May 2007 13:01:17 -0700
Young, Mike wrote:
Hello,
I'm seeing an odd NTP problem on a couple of Redhat servers here.
Basically the NTP client is on a firewalled DMZ, away from the NTP server.
NTP updates via ntpq work fine on the local NTP server subnet, but it
isn't working for hosts on the firewalled DMZ. We've checked ports on the
firewall, and 123/UDP is open. In addition, we see packets incrementing
when we use the "iostat" command in ntpdc, and don't see any dropped or
ignored packets in iostat either.
Any ideas?
Does the firewall allow port 123 in _both_ directions? NTP requires unrestricted access to 123/udp for _both_ source and destination.
Thanks,
Mike.
--
Stephen Carville <stephen@xxxxxxxxxxxxxx>
Systems Engineer
Land America
1.626.667.1450 X326
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- RE: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- From: Young, Mike
- RE: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- References:
- Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- From: Young, Mike
- Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Prev by Date: Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Next by Date: RE: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Previous by thread: Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Next by thread: RE: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Index(es):
Relevant Pages
- Re: ntpdate synchronization b/w two ntpservers
... the problem is that our servers are unable to synchronize with our ntp ... ntpdate
uses port 123 UDP to connect to ntp Server ... firewall for randomn ports. ...
(comp.sys.sun.admin) - Re: Correcting my time servers clock drift on AlphaES40s / Tru64
... of a working NTP setup, but is not a design objective of NTP. ... is then a
stratum 1 time server, Phillip looks to Terrance as its time server, ... with Terrance
reading it's system clock. ... In that case, you need to create a clear server hierarchy,
not to peer, ... (comp.protocols.time.ntp) - Re: NTP internal server?
... Access to NTP externally is not permitted. ... Normally, an NTP client will
use a server that gets time directly or indirectly, from a hardware reference clock. ...
Typical reference clocks are GPS receivers, WWV receivers (NIST HF broadcast station),
WWVB receivers or equivalent services operated the the national standards laboratories of other countries.
... (comp.protocols.time.ntp) - Re: Which release notes say sts$manager:utc$configure_tdf is obsolete
... >>in UTC, and after comparing it to the time as determined from its ...
I think it will only attempt to change the clock if it is less than ... or a ST clock just
after the spring forward, and NTP would fix it. ... guess of the real time that it makes
from polling the time server. ... (comp.os.vms) - Re: Any security issues with roots cron job?
... >>Hi Kim, ... >>from a remote ntp server for example would
then mean you place your ... If your vault is to merely be an NTP client, ... (FreeBSD-Security)
