Gary Gendel wrote: > On 4/26/12 12:55 PM, James Carlson wrote: >> If that works, then you'll probably want to go looking at your firewall >> configuration. >> > Thanks for the -u option. That worked fine so now I have to figure out > what's going on. Since the other machines work fine, it means that > indeed it's because I'm on the same host as the router. I don't want to > set port 123 to route specifically to this machine because that would > break all the other machines ntp requests. > > This one is tricky.
I used to have similar problems on my home system. Because I have a /28 and a few spare external static IP addresses, I was able to set up a second address on the main ("wan") interface as a work-around. The first address has no NAT configured on it, and it's what everything running locally on the machine uses by default. The second address is used exclusively for NAT to the rest of my internal network. I can't say this is the "best" solution, but it certainly seems to be working well for me, and has eliminated a lot of annoyances. (In particular, with the old single-address solution, I was forced to use ftp in 'passive' mode all the time, because the ipnat configuration didn't seem to like maintaining state for local applications. But with two addresses, the problem goes away, and both local and internal instances of ftp can run with either passive or non-passive mode without trouble.) Plus, it makes it much easier to filter NAT versus gateway traffic and to look at packet traces. -- James Carlson 42.703N 71.076W <carls...@workingcode.com> _______________________________________________ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss