Сan't authorize the server

Sol · November 29, 2024, 12:20pm

Hello everyone.
I can’t authorize the server 195.54.177.84
This is self hosted VDS. No any NAT or DMZ.
curl --interface 195.54.177.84 *ttps://validate4.ntppool.dev/p/ return me “Server IP not found”.
curl *ttps://ipinfo.io/ip return me “195.54.177.84”

root@ntppool-node1:~# ip address show dev enp1s0
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 52:54:00:79:d3:30 brd ff:ff:ff:ff:ff:ff
inet 195.54.177.84/28 brd 195.54.177.95 scope global noprefixroute enp1s0
valid_lft forever preferred_lft forever
inet6 2001:67c:205c:11::84/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe79:d330/64 scope link noprefixroute
valid_lft forever preferred_lft forever

avij · November 29, 2024, 12:33pm

Is your DNS working? Also try “ping validate4.ntppool.dev”.

avij · November 29, 2024, 12:59pm

How does your server look like on the management page? Are you on manage.ntppool.org or some other page?

It should probably show something like:

Hostname: ntp.example.com
IP: 195.54.177.84
✗ Unverified

You can also try the “indirect” method, ie. “curl https://validate4.ntppool.dev/p/indirect/195.54.177.84”

Sol · November 29, 2024, 1:16pm

Yes, DNS working
root@ntppool-node1:~# ping validate4.ntppool.dev
PING validate4.ntppool.dev (151.101.65.55) 56(84) bytes of data.
64 bytes from 151.101.65.55: icmp_seq=1 ttl=53 time=84.8 ms
64 bytes from 151.101.65.55: icmp_seq=2 ttl=53 time=85.0 ms
^C
— validate4.ntppool.dev ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 84.786/84.876/84.966/0.090 ms
root@ntppool-node1:~#

Sol · November 29, 2024, 1:20pm

root@ntppool-node1:~# curl *ttps://validate4.ntppool.dev/p/indirect/195.54.177.84
server ip not in client ip network

trace: 202d6e86c74d0132c415bd83046cf2db

root@ntppool-node1:~#

avij · November 29, 2024, 2:09pm

Odd. Do you have access to some other host on the 195.54.177.0/24 network where you could run that indirect verification?

Sol · November 29, 2024, 2:23pm

Yes. I’m ISP network admin on this net.
But, i have same result for indirect verification.

apuls · November 29, 2024, 4:38pm

@ask
Can you take a look ?

Sol · December 10, 2024, 11:30am

I assume everyone died. The server still does not authorize, no one answers the question. There is also silence in the mail.

avij · December 10, 2024, 7:28pm

Does the verification work on the beta/development site? https://manage.beta.grundclock.com/

Sol · December 11, 2024, 12:36pm

No. Same behavior.

(attachments)

Sol · December 11, 2024, 12:46pm

I found the cause of trouble.
This is Great Russian Firewall aka Goverment Regulator (RosKomNadzor, Russian Communication Supervision).

root@ntppool-node1:~# host validate4.ntppool.dev
validate4.ntppool.dev has address 151.101.193.55
validate4.ntppool.dev has address 151.101.129.55
validate4.ntppool.dev has address 151.101.1.55
validate4.ntppool.dev has address 151.101.65.55

Traffic to these IPs is filtered and sometimes undergoes NAT conversion.
I’m used a trick to bypass this filter and all autorized fine.

Many thanks for support.

Topic		Replies	Views
Server Unreachable from NTPPool Server operators	8	1167	September 2, 2020
Does server-owner-help@ntppool.org still work? Server operators	5	456	May 17, 2022
I want to add my NTP server. But I can't Server operators	11	1075	August 5, 2022
Manage.ntppool.org seems unreachable Server operators	0	454	July 3, 2021
Delete server from pool, added unsolicited in the first place Server operators	6	1181	September 25, 2019

Сan't authorize the server

Related topics