Why do I have NTP traffic to random IP's?

Started by opnrules, July 30, 2020, 11:27:06 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 30, 2020, 11:27:06 PM Last Edit: July 30, 2020, 11:35:15 PM by opnrules
From time to time NTP connections to IPs like 185.83.169.27 are made.
Why and how can I block them? I don't see an option for this particular protocol in the rules.
I have my VPN providers DNS IP configured.
July 31, 2020, 12:31:38 AM #1
NTP is port 123
July 31, 2020, 01:35:24 AM #2 Last Edit: July 31, 2020, 01:37:26 AM by lrosenman
The system defaults to OPNsense pool NTP servers.  You really DO want NTP to do it's thing so that your system time is accurate and not drifting.

Time is CRITICAL for certificate and SSL validation.

attached is what my system is currently using.
July 31, 2020, 01:40:36 AM #3
Thanks for the explanation. Can I not simply have time synced via my specified DNS servers?
July 31, 2020, 01:43:43 AM #4
DNS is *NOT* NTP.

NTP servers synchronize to GPS and other stratum 1 servers.

DNS is purely for Domain Name (Human Readable)-> IP address (and other info).  It has NOTHING to do with time.

Please read up on NTP.

http://www.ntp.org/ntpfaq/NTP-s-def.htm
July 31, 2020, 07:41:18 AM #5
You can specify custom NTP servers on services -> network time -> general
but this is not really needed, default is a good setting, especially since you don't seems to be an expert on this topic
https://www.signorini.ch
Protectli Pfsense Mi7500L6 Intel 7Th Gen Core I7 7500U 16Gb Ddr4 Ram
512Gb Msata Ssd
6 X Intel Gigabit Ethernet
September 13, 2020, 12:21:36 AM #6
I am wondering the same. Why does OPNsense try to contact the following IPs with UDP/123 (i.e. NTP) 185.17.70.106, 212.25.1.1, etc. (see picture attached)? These are not the default OPNsense NTP Servers (which by the way at the moment are configured as "do not use").

Where are the NTP servers show in the picture configured?

Print
Go Up Pages1
User actions