I have checked the NTP-server in OpenWRT and its working but I don't understand how. When I use netcat to scan port 123:
# nc -z 192.168.1.1 123;echo $?
1
So I used NMAP to confirm, just in case:
# nmap -p123 192.168.1.1
Starting Nmap 7.80 ( https://nmap.org ) at 2022-11-26 07:55 CET
Nmap scan report for myrouter (192.168.1.1)
Host is up (0.00068s latency).
PORT STATE SERVICE
123/tcp closed ntp
Nmap done: 1 IP address (1 host up) scanned in 6.71 seconds
Hopped over to the router, clearly no listening port for ipv4.
# netstat -an|grep 123
udp 0 0 :::123 :::*
I expected something like this:
tcp 0 0 127.0.0.1:123 0.0.0.0:* LISTEN
So what do I not understand? and how can I check if an NTP-server is accepting connections?
This is a dual stack socket that is listening for udp packets on any address, ipv4 and ipv6. Try netstat -anp | grep 123 and you will see what process services that socket. Like the previous reply says, ntp uses stateless send-it-and-forget-it udp, which makes sense because ntp is a latency sensitive application that doesn't benefit from tcp resending outdated lost packets.
But what IP is the npt server? 192.168.1.1, isn’t that your device (ntp client?)
The client at startup burst the request time from all the servers port 123 and finds the best server for the job and locks on to that one for synchronization and after about 30min goes over to only maintaining the time from the servers.
The client port is normal outgoing internet traffic so that port isn’t 123 and the port on the client doesn’t matter anyway.
They wanted to know why there was no corresponding IPv4 netstat sever (listening) entry. It's because the IPv6 listener entry covers the entire IPv4 space as well.
I will dive into the RFC next time.