Reputation: 1528
Public LB configuration for NTP service in azure
I am trying to get NTP daemon working on my virtual machines in azure which are behind public load balancer for outbound access to internet.
NTP service is configured in client mode (default) and I have allowed outbound UDP 123 access in security group.
Now, the ntp service is not working if I am not configuring an incoming UDP 123 rule in my external load balancer to the VMs.
Running ntpdate -dq 0.centos.pool.ntp.org shows that packets are being transmitted, but none received if there is no LB incoming rule.
Adding the rule fixes the problem, but my concern is that it shouldn't be required at all, since in client mode the ntp service doesn't required inbound connections. Why is the service not working without this rule?
Upvotes: 1
Views: 1019
Answers (1)
Reputation: 46
I guess you are using Standard SKU LB. Standard SKU SNAT programming is per IP transport protocol and derived from the load balancing rule. If only a TCP load balancing rule exists, SNAT is only available for TCP. If you have only a TCP load balancing rule and need outbound SNAT for UDP, create a UDP load balancing rule from the same frontend to the same backend pool. This will trigger SNAT programming for UDP.
From my understanding, any UDP port load balancing rule should work.
Upvotes: 3
Related Questions
- How to get local time when Azure Data Factory Linked Service parses Timezone offset to UTC
- Is there a way to put a Public LB in front of Application Gateay?
- New Azure Standard LB doesn't allow inbound connection
- Azure Public IP scheduled change
- Assign Public IP address to Azure Load Balancer
- Assign static public IP to LB in Azure
- Azure External Load Balancer - Adding LB Rules with PowerShell
- Azure internal load balancing - Which IP address need to be passed while creating ILB
- Clock synchronization with ntp
- How to validate local VM clock with NTP on Windows Azure?