Re: [vox-tech] I'm also having ntp problems :-(

Ryan Wed, 24 Apr 2002 22:09:41 -0700

On Wednesday 24 April 2002 10:04 pm, [EMAIL PROTECTED] wrote:
>   Something is preventing port 123 UDP packets from going between
> bob and nat, you can see packets be transmitted and no reply.  It
> could also be that your ntpd is configured to not accept connections
> from bob.


Debugging things with netcat in udp mode reveals that if bob runs
`nc -ulp 123` bob recives packets, but can't get them back to nat.

With nc listening on nat, however, it works both ways.

This can now be blamed on firewall rules.

Ugh.....

>   Below are two commands as they show up on my local network,
> if you could verify that the UDP packets are not being dropped,
> then send the output from the following commands it would help.
>
> root@star:/tmp#
>   strace -e connect,socket,sendto ntpq -ddn -c peers 10.1.1.1 2>&1 |
>     grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'
>
>
> # socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
> # connect(3, {sin_family=AF_INET, sin_port=htons(123),
> sin_addr=inet_addr("10.1.1.1")}}, 16) = 0 # Got packet, size = 24
> # Packet okay
> #      remote           refid      st t when poll reach   delay   offset 
> jitter #
> ===========================================================================
>=== # Got packet, size = 428
> # Packet okay
> # Got packet, size = 192
> # Packet okay
> # +169.237.105.80  192.5.41.41      2 u   28  256  377   32.159  -11.673  
> 4.231

[root@bob root]# strace -e connect,socket,sendto ntpq -ddn -c peers 
192.168.0.1 2>&1 | grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'

socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sin_family=AF_INET, sin_port=htons(123), 
sin_addr=inet_addr("192.168.0.1")}}, 16) = 0
Got packet, size = 20
Packet okay
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
Got packet, size = 420
Packet okay
Got packet, size = 204
Packet okay
*192.43.244.18   .ACTS.           1 u  135  512  377  133.955   -2.932  12.280
Got packet, size = 428
Packet okay
Got packet, size = 192
Packet okay
+207.215.64.108  192.5.41.41      2 u   98  512  377   25.751   23.138   1.170

> root@star:/tmp#
>   strace -e connect,socket,sendto ntpdate -qd 10.1.1.1 |
>     grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'
>
> # socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
> # 24 Apr 21:59:09 ntpdate[12079]: ntpdate 4.1.0 Mon Mar 25 23:39:50 UTC
> 2002 (2) # --- SIGALRM (Alarm clock) ---
> # transmit(10.1.1.1)
> # sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 48, 0, {sin_family=AF_INET, sin_port=htons(123),
> sin_addr=inet_addr("10.1.1.1")}}, 16) = # 48
> # receive(10.1.1.1)
> # transmit(10.1.1.1)
> # sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 48, 0, {sin_family=AF_INET, sin_port=htons(123),
> sin_addr=inet_addr("10.1.1.1")}}, 16) = # 48
>

[root@bob root]# strace -e connect,socket,sendto ntpdate -qd 192.168.0.1 2>&1 
| grep -Ev '(htons\(53\)|AF_UNIX|PF_UNIX)'

24 Apr 22:17:59 ntpdate[7455]: ntpdate [EMAIL PROTECTED] Wed Feb 27 16:42:53 CET 
2002 (1)
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, 
{sin_family=AF_INET, sin_port=htons(123), 
sin_addr=inet_addr("192.168.0.1")}}, 16) = 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, 
{sin_family=AF_INET, sin_port=htons(123), 
sin_addr=inet_addr("192.168.0.1")}}, 16) = 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, 
{sin_family=AF_INET, sin_port=htons(123), 
sin_addr=inet_addr("192.168.0.1")}}, 16) = 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
sendto(3, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 48, 0, 
{sin_family=AF_INET, sin_port=htons(123), 
sin_addr=inet_addr("192.168.0.1")}}, 16) = 48
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
--- SIGALRM (Alarm clock) ---
transmit(192.168.0.1)
192.168.0.1: Server dropped: no data
server 192.168.0.1, port 123
stratum 0, precision 0, leap 00, trust 000
refid [0.0.0.0], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Wed, Feb  6 2036 22:28:16.000
originate timestamp: 00000000.00000000  Wed, Feb  6 2036 22:28:16.000
transmit timestamp:  c072100a.953f39d1  Wed, Apr 24 2002 22:18:02.582
filter delay:  0.00000  0.00000  0.00000  0.00000
         0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
         0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

24 Apr 22:18:03 ntpdate[7455]: no server suitable for synchronization found


> Now on the firewall...
>
> root@seawolf:~# strace -p `pidof ntpd` -e recvfrom

strace isn't on the firewall.

> # --- SIGALRM (Alarm clock) ---
> # recvfrom(6, "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
> 500, 0, {sin_family=AF_INET, sin_port=htons(1458),
> sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48 # recvfrom(6,
> "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0,
> {sin_family=AF_INET, sin_port=htons(1458),
> sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48 # recvfrom(6,
> "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0,
> {sin_family=AF_INET, sin_port=htons(1458),
> sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48 # recvfrom(6,
> "\343\0\4\372\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 500, 0,
> {sin_family=AF_INET, sin_port=htons(1458),
> sin_addr=inet_addr("10.1.1.27")}}, [16]) = 48 # --- SIGALRM (Alarm clock)
> ---
> _______________________________________________
> vox-tech mailing list
> [EMAIL PROTECTED]
> http://lists.lugod.org/mailman/listinfo/vox-tech
_______________________________________________
vox-tech mailing list
[EMAIL PROTECTED]
http://lists.lugod.org/mailman/listinfo/vox-tech

Re: [vox-tech] I'm also having ntp problems :-(

Reply via email to