ntp with 2 interfaces, iptables rules?
by giggler from LinuxQuestions.org on  (#5G5S6)
	Hi.
I have ntp installed. Default configuration changed with new, regional servers. My hardware setup is basically eth0 to internet. eth1 private lan. This server should serving private lan.
Everything works out of the box, accept I really only want the server part on port 123, using udp over eth1.
eth0 10.0.0.10 (static, on lan to internet)
eth1 192.168.0.1 (static, on private lan, actually gateway for it to)
The private lan eth1 has no internet traffic so this service running on eth1 is important.
When I limit the interface for ntp (/etc/ntp.conf):
interface ignore wildcard
interface listen 127.0.0.1
interface listen 192.168.0.1
Clients on eth1 lan can contact this box, however this server cannot then use the internet to get updates. It appears to be directing requests to the regional servers over 192.168.x.x, but only when I restrict the server to listen on eth1.
So I think there is some IPTables rules missing that I might need to ensure internet traffic goes to the correct eth0 for ntp requests to be serviced. If you can point me or suggest something I'd be very grateful.
Regards 
  
  
  
 

	
I have ntp installed. Default configuration changed with new, regional servers. My hardware setup is basically eth0 to internet. eth1 private lan. This server should serving private lan.
Everything works out of the box, accept I really only want the server part on port 123, using udp over eth1.
eth0 10.0.0.10 (static, on lan to internet)
eth1 192.168.0.1 (static, on private lan, actually gateway for it to)
The private lan eth1 has no internet traffic so this service running on eth1 is important.
When I limit the interface for ntp (/etc/ntp.conf):
interface ignore wildcard
interface listen 127.0.0.1
interface listen 192.168.0.1
Clients on eth1 lan can contact this box, however this server cannot then use the internet to get updates. It appears to be directing requests to the regional servers over 192.168.x.x, but only when I restrict the server to listen on eth1.
So I think there is some IPTables rules missing that I might need to ensure internet traffic goes to the correct eth0 for ntp requests to be serviced. If you can point me or suggest something I'd be very grateful.
Regards