From halmurray at sonic.net Fri Aug 5 20:09:54 2022 From: halmurray at sonic.net (Hal Murray) Date: Fri, 05 Aug 2022 13:09:54 -0700 Subject: AT&T blocking port 123 Message-ID: <20220805200954.2163928C1CA@107-137-68-211.lightspeed.sntcca.sbcglobal.net> Does anybody have an AT&T residential account? Google gets lots of hits on the subject. Their forums have several comments similar to this one: > No, Port 123 is restricted both ways on residential AT&T accounts because > it's a known DDoS risk. With no help at all for how to get time. That links to: https://about.att.com/sites/broadband/network Down at the bottom is a table of the ports they block which says they block port 123 in both directions. >From another thread: > AT&T performs source port blocking for port 123 for traffic coming from > endpoints in its network. It allows requests to go to servers on port 123. > NTP peers use both a source and a destination port of 123, so this would > typically block traffic. [But if you go through NAT, the internal source port gets translated so it works.] I'm a bit surprised I haven't heard about this before. Is this well known and I just, somehow, missed it? -- These are my opinions. I hate spam.