What next?, Big picture
James Browning
jamesb192 at jamesb192.com
Sun Jun 29 09:30:58 UTC 2025
On Saturday, June 28, 2025 9:02:56 PM Pacific Daylight Time Hal Murray wrote:
> > None of them should need port 123 if packets are
> > selectively port forwarded.
>
> Why do we want/need port forwarding?
The Idea there is that you could have several ntp servers for different tasks.
- an rsntp analogue to handle unsigned traffic.
- a server for Network Time security
- an MS-SNTP server that can't block the above
- maybe others like symmetric, 3des or autokey
> The idea is to move everything else to a different port so the only
> traffic on port 123 is requests for the server.
>
> If the client side opens a socket for each server, that gets a default
> random local port. The replies will come back to that port/socket rather
> than port 123.
>
> I don't have a good plan for mode6/ntpq traffic. If we put the data into
> shared memory, we can write a version of ntpq that looks there. Maybe
> it's time for SNMP. (as much as I hate that sort of stuff)
I would say just run it locally and allow access via ssh and 9p. We have an
SNMP widget, it's probably time to dust it a backhand some fixes.
More information about the devel
mailing list