How to direct all internal NTP traffic to local server?

Is there a roundabout way to have the Soho mk3 redirect all NTP traffic and send it to a local server? Much like it can intercept DNS queries and force them to the local server?

Reason is that I have my own NTP server that I have my windows and linux servers pointing to, as well as any other devices that use NTP (switches, battery backup, etc) to sync time.

But it is getting tedious having to parse my DNS logs (I’m diverting DNS traffic to a local instance of Deadwood) trying to figure out all the different public NTP servers that my various IoT/Smarthome devices, game consoles, desktops, tablets and mobile phones are using.

Vendors of embedded devices intended for consumer use and even commercial use often hardcode NTP servers into their configs and there is no way to edit them. For example many of my smarthome devices were set by the vendor to use pool.ntp.org or time.nist.gov. Interestingly enough, one of the products seems to want to use NTP servers based in China (probably the dev’s who wrote the code never circled back to localize the NTP settings before hitting the market).

I have read guides that it should be possible to do this with port forwarding, but it seems that the port forwarding config in the Pepwave only let you forward ports inbound from internal to intranet.

Could we either have a capability that would allow us to redirect ports on the lan to another host? And if not, could we have a similar option where the Pepwave would detect and redirect all NTP traffic to the same IP (similar to how it can do for DNS)?

This would be immensely helpful.

PS- I did search the forum for NTP related topics but it seems those discussions revolved around having the device host NTP, rather than have it redirect it.

1 Like

I can never remember what features the SOHO has removed from a normal balance, so don’t get your hopes up till you check, however on a Balance router you can go to Network > Misc.Settings | Service Forwarding and add a custom forwarding service for NTP that would redirect all NTP requests (to wherever you want).

5 Likes

Yup. I can confirm that works perfectly (and thanks to Peplink for including that capability.) We have a Stratum 1 time server in a rack in our office and that’s how we corral all the wacky NTP requests and direct them to our server. :smirk:

3 Likes

Well I’ll be darned, it is there. I was looking in the wrong place the whole time. I did notice that the Custom Service Forwarding Setup seems to have “TCP Port” listed but I guess it must work for UDP too?

1 Like

So I finally got the Leo Bodnar NTP time server that I ordered. Now that I have a reliable NTP server on my network I decided to play around with this.

I cannot seem to get this working and I am using the same settings as shown above in Martin’s post.

I was worried that the service forwarding was only going to work for TCP ports since it only makes reference to TCP.

I ended up just parsing through my OpenDNS statistics and creating individual A records to redirect the traffic to my local NTP server.

Unfortunately, with all the IoT devices in use, I now have more A records to divert NTP than I do for any other purpose.

Would it be possible to implement this some other way? If not with a UDP redirection then maybe to have the DNS server be able to redirect all queries matching a certain criteria (i.e. “ntp”) to a certain IP?

lets ask @sitloongs and @TK_Liew if they know whether udp ports are forwarded by custom service forwarding or if it just work son tcp.

1 Like

@MartinLangmaid and @mamc

:sweat_smile:As for now “Custom Service Forwarding Setup” only work on TCP port connection.

1 Like

@MartinLangmaid @mamc @Rick-DC

Good news to everyone , we will support UDP custom service forwarding in 8.1.0 Beta3 and above. This will allow user to redirected NTP traffics to local NTP server. Please stay tuned for the 8.1.0 Beta 3 release :+1: :+1: :+1: :+1:

6 Likes

Some screenshot and explanation for the NTP Server feature is posted here :

3 Likes

Thanks so much for implementing this! Now I could remove the 50+ dns records I put in to repoint all the major ntp servers to my local network. Works great!

5 Likes