On Fri, Jun 22, 2018, 3:45 PM Mike <deb...@norgie.net> wrote: > On Thu, Jun 21, 2018 at 10:04:24AM +0300, David Baron wrote: > > On Wed, Jun 20, 2018, 5:33 PM Mike <deb...@norgie.net> wrote: > > > > > > > > OK, so your NTP servers are: > > > > > > pool 0.debian.pool.ntp.org iburst > > > pool 1.debian.pool.ntp.org iburst > > > pool 2.debian.pool.ntp.org iburst > > > pool 3.debian.pool.ntp.org iburst > > > > > > > > > Most likely you are blocking UDP/123. However, if you fail to resolve > > > the IP when you ping it, you have a DNS issue. > > > > > > Mike. > > > > > > > 123 udp allowed both ways. > > The destination is resolved do dns ok. > > Ping still fails, unreachable,sendmsg operation not permitted. > > > > The npt config is correct and the servers should be reachable. This > points to some kind of networking issue at your end. > > That ping error is a little curious. It does sounds like a permissions > issue. One needs to be root to send the ICMP messages that ping uses. > Ping gets around this issue by having setuid set on /usr/bin/ping, so > that anyone who can run it runs it effectively as root. I've never > tried it but I suspect that if you remove setuid from /usr/bin/ping > you'd probably see the above error. Having said that, I did a quick > seearch with a well-known Internet search engine and it the results > suggested that iptables could also cause the above error. > > Anyway, speculation aside, the error (and I've ran ping many, many times > and never seen that error before) does suggest that something isn't > right on your box and it's not the NTPd config. I'd start by looking at > your iptables config. I'd be fairly sure something is blocking UDP/123, > whereever it is. > > Mike.
I just Port forwarded on the router. May!! be working. >
