[RndTbl] MTS blocking NTP
grdetil at scrc.umanitoba.ca
Sat Jan 26 16:29:53 CST 2019
On my MTS home fibre connection, my Windows 10 PC fails to synchronize
to the two MS defaults, time.windows.com and time.nist.gov. ntp.mts.net
does work for me, and also to my surprise, so does 0.pool.ntp.org. My PC
was able to sync to these two multiple times. I'm pretty sure when I
tried this previously a few years ago, the latter one wasn't reachable,
but they may have added a whitelist for it because it's such a common
built-in one for many devices. I haven't tried any other subdomains of
ntp.org so I don't know how thoroughly they whitelisted.
On 2019-01-26 02:44, Trevor Cordes wrote:
> On 2019-01-25 Adam Thompson wrote:
>> IIRC a handful of "important" NTP servers are whitelisted, e.g.
>> time.windows.com and the equivalent from Apple. The source port
> I tried time.windows.com, as a first check no dice. No major ntp
> server I can think of goes through.
>> limitation is specifically because only full-fledged NTP server
>> implementations were vulnerable, and they must by definition use port
>> 123. The block only exists for ADSL/VDSL/FTTH customers AFAIK.
>> Business fibre and SHDSL customers are expected to run firewalls that
>> work. -Adam
> The customer is VDSL business, low-ish end plan, but not fibre. Yes,
> one would think they'd not block 123 for business. This plan does *not*
> block SMTP port 25. What a strange world MTS dwells in that 25 is
> open but 123 is not.
> On 2019-01-25 John Lange wrote:
>> Might be worth going through the pain of opening a ticket to see if
>> you can get an official answer. I believe the CRTC regulations
>> prevent them from arbitrarily manipulating, blocking, or shaping the
>> network traffic without disclosing what they are doing.
> The staff will contact MTS so we'll see. I did find a web page that
> showed all the ports MTS blocks, and 123 wasn't on there. Probably out
> of date though (still said MTS). As for ISP companies not blocking
> without disclosing... wouldn't hold my breath on that one.
> On 2019-01-25 Gilles Detillieux wrote:
>> I had an issue with NTP port 123 being blocked when switching from
>> MTS's phone-line based ADSL service to their fibre based "VDSL"
>> service several years ago (well before the Bell takeover). Colin is
> Ah, that might be it! It may not have broken when Bell took over, it
> may have broken when the company switched to VDSL. It was around the
> same time I think (give or take 2 years, grin). Weird I didn't notice
> until now... I guess the RTCs were so good it took this long to lose a
> whole 1-2 minutes and cause me to notice.
>> Apparently the only solution is to use MTS's own NTP server. I think
>> it's ntp.mts.net, but I'm not at home now so I can neither check my
> ntp.mts.net also does not work. If you do have their official ntp
> server name somewhere, please dig it up for me as that would be super
> handy if they decide to block my current workaround trick too!
> Thanks all!
> Roundtable mailing list
> Roundtable at muug.ca
Gilles R. Detillieux E-mail: <grdetil at scrc.umanitoba.ca>
Spinal Cord Research Centre WWW: http://www.scrc.umanitoba.ca/
Dept. of Physiology and Pathophysiology, Faculty of Health Sciences,
Univ. of Manitoba Winnipeg, MB R3E 0J9 (Canada)
More information about the Roundtable