time.nist.gov Requests

Comments

6 comments

  • Avatar
    rotblitz (Edited )

    Yes, rather the latter: a service in your network attempts to query the time too many times, not only against nist.gov, but also against ntp.org.  It could be that this app cannot reach out to these time services, hindered by a firewall or so, so it tries again and again.

    Ensure that port 123/udp is open from your network to the outside world.
    https://en.wikipedia.org/wiki/Network_Time_Protocol

    "pinging time.nist.gov"

    DNS is not pinging and nothing to do with connections, but is a looking up for name resolution and such information.  DNS is the phone book of the internet, not the phone lines.  Pinging would be phone lines.

    1
    Comment actions Permalink
  • Avatar
    fortmillsc

    Thanks for the clarification on the port, I will check that and for clarifying my verbiage of describing the "call" that the app is making.

    0
    Comment actions Permalink
  • Avatar
    fortmillsc

    How would I determine which app (devices) are trying to connect to *.nist.gov and *.ntp.org? Looks like I need to identify this so I can set the IP address for Port Forwarding. Unless there is an easier way to make sure the port is open.

     

     

    I have a TP-LInk Archer C9 Router.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Port forwarding is the wrong approach.  Port forwarding is for incoming connections to the related internal device, i.e. for remote access to your network.

    The problem here seems to be the outgoing traffic, and a firewall seems to block port 123/udp, be it the router's firewall or something like a Windows built-in firewall.  You had to check the firewall logs or to run a network sniffer on the suspected devices to identify this traffic, both the DNS queries for the time servers and the attempt to obtain the time via destination port 123/udp.  On Windows you can check access or blocking to time services with the tool w32tm.exe or "net time".

    Looking at your router manual, it seems you should check chapter 10.2 Access Control to see if something is configured which could prevent specific devices from using time services.

    0
    Comment actions Permalink
  • Avatar
    fortmillsc

    Thanks for the follow-up and the detail. I'll take a look at the one windows device we have on the network. Other than that, the only thing connected 24/7 is the camera system. 

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Well, both sources are in question of raising NTP traffic, the PC and also the camera system.

    0
    Comment actions Permalink

Please sign in to leave a comment.