[vox-tech] I'm also having ntp problems :-(

vox-tech@lists.lugod.org vox-tech@lists.lugod.org
Thu, 25 Apr 2002 01:51:32 -0400 

On Wed, Apr 24, 2002 at 10:26:13PM -0700, Ryan wrote:
> On Wednesday 24 April 2002 10:04 pm, msimons@moria.simons-clan.com wrote:
> >   Something is preventing port 123 UDP packets from going between
> > bob and nat, you can see packets be transmitted and no reply.  It
> > could also be that your ntpd is configured to not accept connections
> > from bob.
> 
> This can now be blamed on firewall rules.

Something doesn't look right about this...

  Both ntdq and ntpdate create the same type of UDP based socket,
running from the same machine one of them gets replies the other
does not (the packets are different sizes).  It is true that some 
length based firewall checks could be blocking the replies... but
it's important to figure out what is broken before changing things
and I still don't have enough information.  It could be either ntpd 
or the firewall, since it could as likely be server configuration 
(like only accepting certain client revisions).

  If it still doesn't work after you have fun looking through your
firewall rules install strace on the firewall and run the trace 
requested below.  If you can't use "apt-get install strace" then
remember it is simply one big executable, scp it to the firewall 
from a similar machine and just run the binary from /tmp then
nuke it.

> [root@bob root]# strace -e connect,socket,sendto ntpq -ddn -c peers 
> 192.168.0.1 2>&1 | grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'
> 
> socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
> connect(3, {sin_family=AF_INET, sin_port=htons(123), 
> sin_addr=inet_addr("192.168.0.1")}}, 16) = 0
> Got packet, size = 20
> 
> [root@bob root]# strace -e connect,socket,sendto ntpdate -qd 192.168.0.1 2>&1 
> | grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'
> 
> 24 Apr 22:17:59 ntpdate[7455]: ntpdate 4.1.1@1.786 Wed Feb 27 16:42:53 CET 
> 2002 (1)
> socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
> --- SIGALRM (Alarm clock) ---
> transmit(192.168.0.1)
> sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, 
> {sin_family=AF_INET, sin_port=htons(123), 
> sin_addr=inet_addr("192.168.0.1")}}, 16) = 48
> --- SIGALRM (Alarm clock) ---
> --- SIGALRM (Alarm clock) ---