[lug] NTP question (crypto)
Bear Giles
bgiles at coyotesong.com
Sun Mar 23 18:13:44 MST 2003
I wrote:
> Has anyone managed to get the "autokey pubkey" stuff to work? I seem to
> have success, but the times never sync.
With blind experimentation, I've determined that eris
(192.168.1.3) can sync its clocks only when I modify the linksys
router to no longer direct all NTP UDP packets from the outside to
chaos (192.168.1.2). With packet forwarding disabled, chaos and
eris immediately saw each other as peers.
Unfortunately, without packet forwarding I can't bring my
colocation box into the peer cloud. It's not very close, netwise,
but the benefits of having the clocks mutually synchronized should
be obvious. (In the meanwhile, I'm setting it as one of my time
servers.)
I might try running the packets through a CIPE tunnel, once I have
one set up. But that may not be practical, due to the extra
crypto overhead. SSH tunnels would undoubtably be even worse.
Bear
More information about the LUG
mailing list