[email protected] wrote: > David Woolley wrote: > >> [email protected] wrote: >> >>>>> 1 61694 8000 yes yes none reject >> >>> assID=61694 status=8000 unreach, conf, no events, >> >> >> I don't know why it is saying reach on the assoc, but the rv is >> certainly saying that nothing is coming back, which normally does mean a >> firewall problem. Often port 123 is firewalled off even though the port >> used for connectivity tests is not. > > But the reply packets are comin' thru no problem. I can see them with > tcpdump: > > # tcpdump -ieth0 -s0 -vvv port ntp > tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size > .... > > So it really can't be a connectivity issue, can it?
Wait, now that I *can* see the packets, the associations actually look like this: ntpq> as ind assid status conf reach auth condition last_event cnt =========================================================== 1 13136 9344 yes yes none outlyer reachable 4 2 13137 942a yes yes none candidate sys_peer 2 3 13138 962a yes yes none sys.peer sys_peer 2 4 13139 9414 yes yes none candidate reachable 1 Which looks fine to me. It seems it was the -I lo option I was passing to ntpd. But why that would prevent it from *sending* out ANY traffic is beyond me. This client/server-in-one-app-thing is really confusing, especially if the docs don't make it clear what part of the operation particular options refer to. _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
