NTP behind NAT - NTP

This is a discussion on NTP behind NAT - NTP ; Hello, Does NTP work if I have two systems behind a NAT-router querying the same NTP server? Does an NTP server keep track of who it has replied to? The NTP server will see the same source IP for both ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: NTP behind NAT

  1. NTP behind NAT

    Hello,

    Does NTP work if I have two systems behind a NAT-router querying the
    same NTP server?

    Does an NTP server keep track of who it has replied to?

    The NTP server will see the same source IP for both systems, only the
    source port will be different.

    Regards.

  2. Re: NTP behind NAT

    On 2007-04-06, Spoon wrote:

    > Does NTP work if I have two systems behind a NAT-router querying the
    > same NTP server?


    NTP time service works through NAT (I do that on my home LAN) but NTP
    Authentication will not.

    > Does an NTP server keep track of who it has replied to?


    ntpd does not maintain any state information pertaining to the polls
    that it has answered.

    --
    Steve Kostecke
    NTP Public Services Project - http://ntp.isc.org/

  3. Re: NTP behind NAT

    Steve Kostecke wrote:
    > On 2007-04-06, Spoon wrote:
    >> Does an NTP server keep track of who it has replied to?

    >
    > ntpd does not maintain any state information pertaining to the polls
    > that it has answered.
    >


    Not quite true. See ntpdc -c monlist which tells you which clients have
    queried it.

    Danny
    _______________________________________________
    questions mailing list
    questions@lists.ntp.isc.org
    https://lists.ntp.isc.org/mailman/listinfo/questions


  4. Re: NTP behind NAT


    >NTP time service works through NAT (I do that on my home LAN) but NTP
    >Authentication will not.


    Should we add a NAT section to the wiki?

    Anything else interesting to incoude there?

    --
    These are my opinions, not necessarily my employer's. I hate spam.


  5. Re: NTP behind NAT

    Spoon wrote:
    > Hello,
    >
    > Does NTP work if I have two systems behind a NAT-router querying the
    > same NTP server?
    >

    Yes.

    > Does an NTP server keep track of who it has replied to?

    It can. I'm not certain that all do.

    It's usually not a problem unless you are using broken software or firmware
    that queries the server more frequently than once every 64 seconds.
    Using "iburst" in the server statement for that server is acceptable;
    the clients causing problems are those that query once per second
    forever. Hard as it may be to believe there have been some and many are
    still in service.


  6. Re: NTP behind NAT

    Steve Kostecke wrote:
    > On 2007-04-06, Spoon wrote:
    >
    >
    >>Does NTP work if I have two systems behind a NAT-router querying the
    >>same NTP server?

    >
    >
    > NTP time service works through NAT (I do that on my home LAN) but NTP
    > Authentication will not.
    >
    >
    >>Does an NTP server keep track of who it has replied to?

    >
    >
    > ntpd does not maintain any state information pertaining to the polls
    > that it has answered.
    >


    It does, or can, record who it has replied to. You can query a server
    for the list of its clients.


  7. Re: NTP behind NAT

    On 2007-04-06, Danny Mayer wrote:
    > Steve Kostecke wrote:
    >> On 2007-04-06, Spoon wrote:
    >>> Does an NTP server keep track of who it has replied to?

    >>
    >> ntpd does not maintain any state information pertaining to the polls
    >> that it has answered.

    >
    > Not quite true. See ntpdc -c monlist which tells you which clients have
    > queried it.


    Yes, ntpd does keep a list of the last 600 clients that have polled it
    (including some minimal information about the clients).

    But the polls themselves are stateless from the server point of view.
    The server merely answers the poll; the client does the work of
    analyzing the poll information.

    --
    Steve Kostecke
    NTP Public Services Project - http://ntp.isc.org/

  8. Re: NTP behind NAT

    On 2007-04-06, Richard B. gilbert wrote:
    > Steve Kostecke wrote:
    >>
    >> ntpd does not maintain any state information pertaining to the polls
    >> that it has answered.

    >
    > It does, or can, record who it has replied to.


    That's a well known fact.

    But ntpd can not maintain any state information about the polls because
    the associations are client-based.

    >You can query a server for the list of its clients.


    What you see is a list of _IP_ _addresses_ that ntpd has received
    polls/quires from.

    --
    Steve Kostecke
    NTP Public Services Project - http://ntp.isc.org/

+ Reply to Thread