NTS not 'working', likely operator error

ntpsec at anastrophe.com ntpsec at anastrophe.com
Tue Apr 9 02:29:13 UTC 2024 

On 4/8/2024 19:16 PM, Paul Theodoropoulos via users wrote:
> tcpdumps don't show anything 'interesting' really on either timeservice 
> port - steady flow of NTP traffic, no meaningful NTS traffic (I have to 
> imagine that the NTS traffic at initialization at ntpd startup would be 
> entirely broken if there were limits on the port)
The above isn't really helpful if I don't provide some output. Here's 
traffic on port 4460 on my timeserver - on comcast - after restarting 
timeservice on my mailserver, hosted within AWS, with nts.anastrophe.com 
set up as an NTS server for it.

root@ 64bit A-NTPsec: ~ # tcpdump port 4460
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
19:17:58.367440 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags [S], 
seq 2292647955, win 62727, options [mss 1460,sackOK,TS val 2686481743 ecr 
0], length 0
19:17:58.367564 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags 
[S.], seq 2280240109, ack 2292647956, win 65160, options [mss 
1460,sackOK,TS val 1405730056 ecr 2686481743], length 0
19:17:58.406925 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags [.], 
ack 1, win 62727, options [nop,nop,TS val 2686481792 ecr 1405730056], length 0
19:17:58.436900 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags 
[P.], seq 1:230, ack 1, win 62727, options [nop,nop,TS val 2686481793 ecr 
1405730056], length 229
19:17:58.437020 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags [.], 
ack 230, win 64931, options [nop,nop,TS val 1405730125 ecr 2686481793], 
length 0
19:17:58.458726 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags [.], 
seq 1:1449, ack 230, win 64931, options [nop,nop,TS val 1405730147 ecr 
2686481793], length 1448
19:17:58.458776 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags 
[P.], seq 1449:2897, ack 230, win 64931, options [nop,nop,TS val 
1405730147 ecr 2686481793], length 1448
19:17:58.459243 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags 
[P.], seq 2897:3150, ack 230, win 64931, options [nop,nop,TS val 
1405730148 ecr 2686481793], length 253
19:17:58.504194 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags [.], 
ack 1449, win 61279, options [nop,nop,TS val 2686481884 ecr 1405730147], 
length 0
19:17:58.520388 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags [.], 
ack 2897, win 59831, options [nop,nop,TS val 2686481889 ecr 1405730147], 
length 0
19:17:58.520754 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags [.], 
ack 3150, win 59578, options [nop,nop,TS val 2686481889 ecr 1405730148], 
length 0
19:17:58.520816 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags 
[P.], seq 230:310, ack 3150, win 59578, options [nop,nop,TS val 2686481890 
ecr 1405730148], length 80
19:17:58.520877 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags [.], 
ack 310, win 64851, options [nop,nop,TS val 1405730209 ecr 2686481890], 
length 0
19:17:58.521989 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags 
[P.], seq 3150:3405, ack 310, win 64851, options [nop,nop,TS val 
1405730210 ecr 2686481890], length 255
19:17:58.569348 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags 
[P.], seq 310:348, ack 3150, win 59578, options [nop,nop,TS val 2686481945 
ecr 1405730209], length 38
19:17:58.569431 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags [.], 
ack 348, win 64813, options [nop,nop,TS val 1405730258 ecr 2686481945], 
length 0
19:17:58.570808 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags 
[FP.], seq 3405:4586, ack 348, win 64813, options [nop,nop,TS val 
1405730259 ecr 2686481945], length 1181
19:17:58.616500 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags [.], 
ack 3405, win 59323, options [nop,nop,TS val 2686481992 ecr 1405730210], 
length 0
19:17:58.643974 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags 
[P.], seq 348:372, ack 4587, win 58141, options [nop,nop,TS val 2686481997 
ecr 1405730259], length 24
19:17:58.644095 IP a-ntpsec.ntske > relay.anastrophe.com.57454: Flags [R], 
seq 2280244696, win 0, length 0
19:17:58.644157 IP relay.anastrophe.com.57454 > a-ntpsec.ntske: Flags 
[R.], seq 372, ack 4587, win 58141, options [nop,nop,TS val 2686481997 ecr 
1405730259], length 0

-- 
Paul Theodoropoulos
www.anastrophe.com

More information about the users mailing list