Hi, Our public NTP servers have started receiving an inordinate amount of NTP requests. In order to mitigate the problem, we find that a lot of these queries are originating from or being sent to ports other than 123.
>From the documentation, and all literature that I can find on the internet, it seems any remote client who needs to talk to our NTP servers on UDP 123, must also originate the request from UDP 123. Considering this, we have firewalled any traffic for/from UDP 123 on our servers that does not start/end in UDP 123 on the remote machines. Could someone confirm if this is correct? Or are we blocking legitimate reqeusts as well? Regards HASSAN _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
