I have DSL and a Pace 5268AC. The Pace is in DMZ Plus mode, forwarding all traffic to my server. Most traffic works, but NTP does not: 'ntpdate time.sonic.net' says "no server suitable for synchronization found", and 'tcpdump port 123' on my server shows that no NTP packets are getting to my server.
'ntpdate -u whatever' does work, but that doesn't help me because I really want to run ntpd (which doesn't have the equivalent of ntpdate's -u), not ntpdate. (I know I could run ntpdate in cron, but that's jumpy.)
As an experiment, I set the Pace to explicitly forward port 123 to my server; that makes ntpdate work without -u. It's not a good fix, though, as I'd have to explicitly forward to every restricted port on my server.
Is there a way to unblock port 123 and still use DMZ Plus?
'ntpdate -u whatever' does work, but that doesn't help me because I really want to run ntpd (which doesn't have the equivalent of ntpdate's -u), not ntpdate. (I know I could run ntpdate in cron, but that's jumpy.)
As an experiment, I set the Pace to explicitly forward port 123 to my server; that makes ntpdate work without -u. It's not a good fix, though, as I'd have to explicitly forward to every restricted port on my server.
Is there a way to unblock port 123 and still use DMZ Plus?