NTS not 'working', likely operator error
ntpsec at anastrophe.com
ntpsec at anastrophe.com
Tue Apr 9 05:01:15 UTC 2024
On 4/8/2024 20:55 PM, ntpsec--- via users wrote:
> On 4/8/2024 20:40 PM, Paul Theodoropoulos via users wrote:
>> What I'm wondering now is if there is some fubar in the way I have
>> things set up wrt the certificate(s). I make the NTP service available
>> as ntpsec.anastrophe.com, but the NTS service tied to
>> nts.anastrophe.com for the cert. Perhaps this is creating a mismatch of
>> sorts, though since the source host/IP is the same either way, I would
>> think not. I'll take a quick poke at that avenue.
>
> Nope, that wasn't it, no errors on system startup, no traffic regardless
> of the cert name.
Using tools available (netcat), I've determined that UDP port 123 packets
are being truncated at 1472 bytes. Rebooted router, timeserver, no change.
Comcast strikes again with an arbitrary new policy that accomplishes
nothing. I'll make a vain attempt to reach somebody at comcast that would
understand the issue, but in past experience they never budge once they
put a new arbitrary and undocumented policy in place.
--
Paul Theodoropoulos
www.anastrophe.com
More information about the users
mailing list