ntpMerlin Ntp pools question.

DJones

Senior Member
So I’ve been noticing a lot of outgoing blocks from Skynet to some sketchy looking domains. Each time it takes some digging to get to the bottom of what those actual outgoing connections are and usually it results in the blocks being due to pool.ntp.org now obviously a pools is a collection of ntp servers and hitting some sketchy servers is bound to happen.

Symmetric nat type is more secure then full cone and is unlikely to result is hole punching so I’m not too concerned since skynet does block these server.

My question is their safer ntp server to specify instead of pool.ntp.org? I replaced it with time.windows.com and ntp.ubuntu.com, but I’m pretty sure those are still just random pools.
 

ColinTaylor

Part of the Furniture
Anyone can contribute to pool.ntp.org. I found that my router would frequently be given the address of an unreliable server and the router's built-in client is stupid enough that it never looks for another one. Consequently, like you I have chosen two servers from the "big boys" and haven't had a problem since.

That's not to say that ntpMerlin suffers the same problem, but it just highlights that IMHO pool.ntp.org can be an unreliable source.
 
Last edited:

DJones

Senior Member
Anyone can contribute to pool.ntp.org. I found that my router would frequently be given the address of an unreliable server and the router's built-in client is stupid enough that it never looks for another one. Consequently, like you I have chosen two servers from the "big boys" and haven't had a problem since.

That's not to say that ntpMerlin suffers the same problem, but it just highlights that IMHO pool.ntp.org can be an unreliable source.
Thanks, yeah I was getting servers associated with Mirai malware and all kinds of unreliable servers with problems.

Sometimes it would be a data centre like Linode that shares a ASN and single ip address, but has hundreds of domains so when multiple of my devices and server all ntp redirect to something like those I start hunting for a problem lol.

Logs have been much cleaner since, but still get a questionable block here and there, but the high frequency has dropped.
 

heysoundude

Part of the Furniture
apple, google, cloudflare are good time references, but you should always look for the nearest to you, geographically speaking.
if you do a wee bit of research, there is usually an IX with a publicly-available NTP stratum-1 clock closer to you than you might think/currently be aware of.
If you live in a city with a university with an engineering school/faculty, it's a good bet they would have one...same for colleges with computer science programs...for example.
 

DJones

Senior Member
if you do a wee bit of research, there is usually an IX with a publicly-available NTP stratum-1 clock closer to you than you might think/currently be aware of.
If you live in a city with a university with an engineering school/faculty, it's a good bet they would have one...same for colleges with computer science programs...for example.
Good point I’ll try to see if my local university has one.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top