NTP Redirect via DNAT

Started by ddam191, Today at 03:12:01 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 03:12:01 AM Last Edit: Today at 03:45:16 AM by ddam191
I'm trying to set up NTP redirects across my network using DNAT, but am running into issues where clients are still reaching outside NTP pools and bypassing my NAT rule.

I have the following set up under Destination NAT:

Interface: VLAN_2212, VLAN_2224, VLAN_2248, VLAN_2296 (i.e. all VLAN interfaces within my network)
Version: IPv4
Protocol: TCP/UDP
Source: all empty
Destination invert: checked
Destination address: This Firewall
Destination port: 123
Redirect target IP: This Firewall
Redirect port: 123
Firewall rule: Pass

I cloned this rule from a DNS redirect that seems to be working, so hopefully someone can tell me what I'm missing.
Today at 03:28:29 AM #1
Any difference if you change "Redirect Target IP" to 127.0.0.1?
N5105/8GB/4xi226-V (local)
J4125/8GB/4xi210 (remote)
26.1 Community
Today at 03:44:18 AM #2
Quote from: OPNenthu on Today at 03:28:29 AMAny difference if you change "Redirect Target IP" to 127.0.0.1?

No, I tried an alias I have called localhost that points to 127.0.0.1 but that doesn't change anything.
Today at 08:05:13 AM #3
IPv6? When your clients use DNS names for the NTP servers, IPv6 is preferred and you need a second rule for it. Note that ::1 and LL-addresses do not work as targets for redirection, so you have to use a GUA or ULA (e.g. as virtual IP).
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Print
Go Up Pages1
User actions