IPFW blocked my IPv6 NTP traffic
Mark Felder
feld at FreeBSD.org
Tue Dec 1 16:09:18 UTC 2015
On Tue, Dec 1, 2015, at 09:53, elof2 at sentor.se wrote:
>
> On Tue, 1 Dec 2015, Matthew Seaman wrote:
>
> > On 2015/12/01 15:05, Mark Felder wrote:
> >> Notice how almost all of them are port 123 on both sides, but a few of
> >> them are not. Why? The RFC says that NTP is supposed to be using port
> >> 123 as both the source and destination port, but I clearly have
> >> something happening on port 16205. Is something screwy with ntpd in
> >> CURRENT?
> >
> > NTP not using port 123 as the source port usually indicates that it is
> > behind a NAT gateway at the other end. It's harmless and fairly common.
>
> ...or simply that it is a ntp *client* like ntpdate, and not a daemon.
> Clients often use a random source port, while ntpd use source port 123.
>
I wouldn't expect something in pool.ntp.org to be behind NAT and this
wasn't an ntp client like ntpdate, but those are both interesting
scenarios. Perhaps I'm just naive and they have a good reason for using
NAT in front of that NTP server.
--
Mark Felder
ports-secteam member
feld at FreeBSD.org
More information about the freebsd-net
mailing list