RE: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- From: "Young, Mike" <Mike.Young@xxxxxxxxxxxxxx>
- Date: Fri, 18 May 2007 15:24:19 -0500
Yes, 123/UDP is open in both directions.
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Stephen Carville
Sent: Friday, May 18, 2007 3:01 PM
To: General Red Hat Linux discussion list
Subject: Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
Young, Mike wrote:
Hello,
I'm seeing an odd NTP problem on a couple of Redhat servers here.
Basically the NTP client is on a firewalled DMZ, away from the NTP server.
NTP updates via ntpq work fine on the local NTP server subnet, but it
isn't working for hosts on the firewalled DMZ. We've checked ports on the
firewall, and 123/UDP is open. In addition, we see packets incrementing
when we use the "iostat" command in ntpdc, and don't see any dropped or
ignored packets in iostat either.
Any ideas?
Does the firewall allow port 123 in _both_ directions? NTP requires
unrestricted access to 123/udp for _both_ source and destination.
Thanks,
Mike.
--
Stephen Carville <stephen@xxxxxxxxxxxxxx>
Systems Engineer
Land America
1.626.667.1450 X326
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- References:
- Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- From: Stephen Carville
- Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Prev by Date: RE: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Next by Date: Re: RHEL Linux 3 - AS vs ES
- Previous by thread: Re: Firewalled NTP on Redhat - ntpdate works, but ntpq doesn't
- Index(es):
Relevant Pages
- Re: servers address in ntp payload?
... >> with all the stateful firewalls now in place if the response to a packet ...
>> the address and the requestor will never receive a response. ... > Which is
a flaw in such a firewall and a violation of RFC 2979. ... appears to only discuss TCP
and it's layered protocols which NTP isn't. ... (comp.protocols.time.ntp) - IPTable Rule to allow NTP thru ?
... I am hoping that someone can explain to me what I need to add or change to my firewall
settings to allow ntp to synchronize to an outside time source. ... My objective is
to have a server in my office synchronize to an outside time server, then the desktop PC's would
synchronize to the server. ... It appears that the IPtables rules on the server is blocking
the ntp communication. ... (comp.protocols.time.ntp) - Re: [SLE] quick question about checking time
... (parameters, gotchas, etc?) ... NTP will determine how often it has to
phone home. ... client configuration module in YaST when the firewall is running. ...
'Stop' the firewall using 'expert mode' in YaST's runlevel editor. ... (SuSE) - Re: Setting Up NTP for Time Sync
... >>Why can't I synch off of the NTP machine from linux? ... >>I
deliberately set the clock off by 15 seconds. ... Your personal or network firewall
prevents clock synchronization. ... (comp.os.linux.networking) - Re: IPTable Rule to allow NTP thru ?
... to my firewall settings to allow ntp to synchronize to an outside time ... My
objective is to have a server in my office synchronize to ... properly if I had the right
firewall setting. ... The stock RHEL 3 comes with an old version of nptd and a script
that ... (comp.protocols.time.ntp)
