Like Someone Flipped a Switch

I received an email from the Pool stating my server hadn’t been heard from, when I checked I noted that it seemed as if it had been dropped from the pool. No changes on my end to anything in the network (at least on this side of the firewall), the NTP server (LeoBodnar) is still dishing time to everything on the LAN, I’m still seeing various hosts on my D-DNS provider (No-IP). My ISP (Spectrum) states NTP isn’t blocked.

I’m stumped.

image

Hi @cspacone , welcome to the community!

I tested the NTP server with IP 76.90.44.100 from Switzerland, and it does not answer. It is definitely indication of a problem, however it is not conclusive about the location where the issue is.

Perhaps you can try a traceroute and post the results?

Your server is not responding to NTP requests from the online test service NTP Server Test

1 Like

Are you sure that the IP address did not change? What does the command

curl -s 'http://ifconfig.me'

give?

NTPman, this NTP server is the LeoNTP from Leo Bodnar. As far as I know there is no way for me to get a command line, Telnet or SSH into the server.

It is reliably serving NTP requests on the private side of the firewall.

There have been no changes to the server proper, nor to the firewall rules that forward NTP requests to it.

Just weird, like a switch has been flipped to the off position.

I asked an earlier commenter if they could perform a traceroute to the device and post the results. My son did that for me yesterday and it returned some odd results that I’d rather not disclose until I see more data.

Thanks for looking at it though.

Resolving tick.spacone.net is iffy. Various DNS servers say:
76.90.44.100
23.221.222.250
does not resolve

I’ll assume 76.90.44.100 is the desired IP. The San Jose NTP monitor saw a sudden cutoff of NTP replies:
1463 2021-07-13 06:45:21.840163 139.178.70.122 → 76.90.44.100 NTP 90 NTP Version 4, client
1464 2021-07-13 06:45:21.861348 76.90.44.100 → 139.178.70.122 NTP 90 NTP Version 4, server
1465 2021-07-13 07:05:21.486620 139.178.70.122 → 76.90.44.100 NTP 90 NTP Version 4, client
1466 2021-07-13 07:05:26.488161 139.178.70.122 → 76.90.44.100 NTP 90 NTP Version 4, client
1467 2021-07-13 07:05:31.490349 139.178.70.122 → 76.90.44.100 NTP 90 NTP Version 4, client
1468 2021-07-13 07:26:07.354917 139.178.70.122 → 76.90.44.100 NTP 90 NTP Version 4, client
Often the NTP failures are accompanied with ICMP, host unreachable, from 24.30.173.154
This appears to be the router upstream of your NTP server.
I would focus on that router.

Steve,
I came to the same conclusion as well. My son did a traceroute from his office to my system and the packets appeared to bounce between two IP addresses on the same subnet with each address having a different host name.

Getting Spectrum involved in resolving this issue is going to be a massive pain in the ass as the chances of me actually speaking to a technically literate person isn’t zero but is some number roughly approximating zero…

I suspect that Spectrum is doing something evil to UDP traffic as literally nothing on my side has changed. My next step will be trolling the shallows of Spectrum support forums to see if that turns up anything useful.

My thanks to all for the help!

73,
Chris, KD6OUB

As I thought, the port is now blocked by Spectrum.

Running NTP service on a Residential account is against the Spectrum AUP. Apparently I was ‘getting away with it’ until this past Monday. If I upgrade my service to a Business account (same U/D speeds, for ‘just’ $45.00 more per month and a ‘small’ installation fee of $99.00) I can get unfettered access.

Well, it was fun while it lasted…

-Chris