[vox-tech] I'm also having ntp problems :-(

Ryan vox-tech@lists.lugod.org
Wed, 24 Apr 2002 22:26:13 -0700 

On Wednesday 24 April 2002 10:04 pm, msimons@moria.simons-clan.com wrote:
>   Something is preventing port 123 UDP packets from going between
> bob and nat, you can see packets be transmitted and no reply.  It
> could also be that your ntpd is configured to not accept connections
> from bob.

Debugging things with netcat in udp mode reveals that if bob runs
`nc -ulp 123` bob recives packets, but can't get them back to nat.

With nc listening on nat, however, it works both ways.

This can now be blamed on firewall rules.

Ugh.....

>   Below are two commands as they show up on my local network,
> if you could verify that the UDP packets are not being dropped,
> then send the output from the following commands it would help.
>
> root@star:/tmp#
>   strace -e connect,socket,sendto ntpq -ddn -c peers 10.1.1.1 2>&1 |
>     grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'
>
>
> # socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) =3D 3
> # connect(3, {sin_family=3DAF_INET, sin_port=3Dhtons(123),
> sin_addr=3Dinet_addr("10.1.1.1")}}, 16) =3D 0 # Got packet, size =3D 24
> # Packet okay
> #      remote           refid      st t when poll reach   delay   offse=
t=20
> jitter #
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
>=3D=3D=3D # Got packet, size =3D 428
> # Packet okay
> # Got packet, size =3D 192
> # Packet okay
> # +169.237.105.80  192.5.41.41      2 u   28  256  377   32.159  -11.67=
3 =20
> 4.231

[root@bob root]# strace -e connect,socket,sendto ntpq -ddn -c peers=20
192.168.0.1 2>&1 | grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'

socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) =3D 3
connect(3, {sin_family=3DAF_INET, sin_port=3Dhtons(123),=20
sin_addr=3Dinet_addr("192.168.0.1")}}, 16) =3D 0
Got packet, size =3D 20
Packet okay
     remote           refid      st t when poll reach   delay   offset  j=
itter
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
Got packet, size =3D 420
Packet okay
Got packet, size =3D 204
Packet okay
*192.43.244.18   .ACTS.           1 u  135  512  377  133.955   -2.932  1=
2.280
Got packet, size =3D 428
Packet okay
Got packet, size =3D 192
Packet okay
+207.215.64.108  192.5.41.41      2 u   98  512  377   25.751   23.138   =
1.170

> root@star:/tmp#
>   strace -e connect,socket,sendto ntpdate -qd 10.1.1.1 |
>     grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'
>
> # socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) =3D 3
> # 24 Apr 21:59:09 ntpdate[12079]: ntpdate 4.1.0 Mon Mar 25 23:39:50 UTC
> 2002 (2) # --- SIGALRM (Alarm clock) ---
> # transmit(10.1.1.1)
> # sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...=
,
> 48, 0, {sin_family=3DAF_INET, sin_port=3Dhtons(123),
> sin_addr=3Dinet_addr("10.1.1.1")}}, 16) =3D # 48
> # receive(10.1.1.1)
> # transmit(10.1.1.1)
> # sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...=
,
> 48, 0, {sin_family=3DAF_INET, sin_port=3Dhtons(123),
> sin_addr=3Dinet_addr("10.1.1.1")}}, 16) =3D # 48
>

[root@bob root]# strace -e connect,socket,sendto ntpdate -qd 192.168.0.1 =
2>&1=20
| grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'

24 Apr 22:17:59 ntpdate[7455]: ntpdate 4.1.1@1.786 Wed Feb 27 16:42:53 CE=
T=20
2002 (1)
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) =3D 3
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48=
, 0,=20
{sin_family=3DAF_INET, sin_port=3Dhtons(123),=20
sin_addr=3Dinet_addr("192.168.0.1")}}, 16) =3D 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48=
, 0,=20
{sin_family=3DAF_INET, sin_port=3Dhtons(123),=20
sin_addr=3Dinet_addr("192.168.0.1")}}, 16) =3D 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48=
, 0,=20
{sin_family=3DAF_INET, sin_port=3Dhtons(123),=20
sin_addr=3Dinet_addr("192.168.0.1")}}, 16) =3D 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48=
, 0,=20
{sin_family=3DAF_INET, sin_port=3Dhtons(123),=20
sin_addr=3Dinet_addr("192.168.0.1")}}, 16) =3D 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
192.168.0.1: Server dropped: no data
server 192.168.0.1, port 123
stratum 0, precision 0, leap 00, trust 000
refid [0.0.0.0], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Wed, Feb  6 2036 22:28:16.000
originate timestamp: 00000000.00000000  Wed, Feb  6 2036 22:28:16.000
transmit timestamp:  c072100a.953f39d1  Wed, Apr 24 2002 22:18:02.582
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

24 Apr 22:18:03 ntpdate[7455]: no server suitable for synchronization fou=
nd


> Now on the firewall...
>
> root@seawolf:~# strace -p `pidof ntpd` -e recvfrom

strace isn't on the firewall.

> # --- SIGALRM (Alarm clock) ---
> # recvfrom(6, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0".=
=2E.,
> 500, 0, {sin_family=3DAF_INET, sin_port=3Dhtons(1458),
> sin_addr=3Dinet_addr("10.1.1.27")}}, [16]) =3D 48 # recvfrom(6,
> "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0,
> {sin_family=3DAF_INET, sin_port=3Dhtons(1458),
> sin_addr=3Dinet_addr("10.1.1.27")}}, [16]) =3D 48 # recvfrom(6,
> "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0,
> {sin_family=3DAF_INET, sin_port=3Dhtons(1458),
> sin_addr=3Dinet_addr("10.1.1.27")}}, [16]) =3D 48 # recvfrom(6,
> "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0,
> {sin_family=3DAF_INET, sin_port=3Dhtons(1458),
> sin_addr=3Dinet_addr("10.1.1.27")}}, [16]) =3D 48 # --- SIGALRM (Alarm =
clock)
> ---
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech