On 9/18/07, Joel Reicher <[EMAIL PROTECTED]> wrote: > As far as I know, in the case of incoming NTP packets, however, they're > always to port 123, and always to the machine designated as the NTP > server. Consequently the translation of incoming packets is static, and > never needs to be subject to the dynamic tracking of a state table. > > So even with NAT it should be possible to make NTP/UDP work without the > router maintaining state.
It's definitely true that UDP state tracking is not required for NTP servers running behind a NAT router since, as you mention, the translation is static. However, many routers running stateful firewalls keep information about UDP flows in some form of state table nonetheless.. Rusty _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
