mån 2007-09-17 klockan 21:58 +0200 skrev Jan Hoevers: > Sure I would like to give my ntp server its own public address, but it > would quadruple the monthly cost of my connection. I'm surely not going > to pay that amount of money just to be a pool member. > I think the pool would loose a lot of members if it banned NAT routers. > > In due time IPv6 may solve this issue, but for now NAT is part of life. > > I see little harm in a stateless NAT setup, no tables to overflow, just > the latency of an extra hop. Doesn't have to be more than 0.5 ms, > probably even less, and it's symmetrical. That doesn't hurt the quality > of the provided time service. > What is the rtt to your closest ntp server? Around 14 ms in my case. > > Jan
I'm in a similar situation myself actually, and I agree. However, in my setup the ntpd is on the same machine that does NAT so I don't think these connections is actually NATed in my setup. But the state of the connections still seems to get registered with iptables (conntrack). Does anyone know how disable this just for ntp packets? / Johan _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
