Buy or Renew
Buy or Renew
NOTICE: OpenDNS Service Currently Not Available To Users In Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
133
Views
1
Helpful
6
Replies

time.nist.gov Requests

fortmillsc
Level 1
Level 1

ā€Ž11-01-2018 06:21 AM

Hello,

I enabled OpenDNS for the first time on our Router last night to block unwanted categories of sites.

I reviewed OpenDNS Stats this morning and saw a large comparative number of requests to time-**.nist.gov. I understand that this service provides an Internet Time Service.

Is this number of requests normal? Or is something on my network pinging time.nist.gov uncontrollably!

Thanks for any feedback.

 

support.opendns.com_hc_user_images_HBrd99XCDTplok3BTcejbA.png

Labels:
0 Helpful
6 Replies 6

rotblitz
Level 6
Level 6

ā€Ž11-01-2018 08:25 AM

Yes, rather the latter: a service in your network attempts to query the time too many times, not only against nist.gov, but also against ntp.org.  It could be that this app cannot reach out to these time services, hindered by a firewall or so, so it tries again and again.

Ensure that port 123/udp is open from your network to the outside world.
https://en.wikipedia.org/wiki/Network_Time_Protocol

"pinging time.nist.gov"

DNS is not pinging and nothing to do with connections, but is a looking up for name resolution and such information.  DNS is the phone book of the internet, not the phone lines.  Pinging would be phone lines.

fortmillsc
Level 1
Level 1

ā€Ž11-01-2018 09:16 AM

Thanks for the clarification on the port, I will check that and for clarifying my verbiage of describing the "call" that the app is making.

0 Helpful

fortmillsc
Level 1
Level 1

ā€Ž11-01-2018 10:06 AM

How would I determine which app (devices) are trying to connect to *.nist.gov and *.ntp.org? Looks like I need to identify this so I can set the IP address for Port Forwarding. Unless there is an easier way to make sure the port is open.

 

support.opendns.com_hc_user_images_p9AhQJJ9PfD94jlIstSz9Q.png

 

I have a TP-LInk Archer C9 Router.

0 Helpful

rotblitz
Level 6
Level 6

ā€Ž11-01-2018 02:12 PM

Port forwarding is the wrong approach.  Port forwarding is for incoming connections to the related internal device, i.e. for remote access to your network.

The problem here seems to be the outgoing traffic, and a firewall seems to block port 123/udp, be it the router's firewall or something like a Windows built-in firewall.  You had to check the firewall logs or to run a network sniffer on the suspected devices to identify this traffic, both the DNS queries for the time servers and the attempt to obtain the time via destination port 123/udp.  On Windows you can check access or blocking to time services with the tool w32tm.exe or "net time".

Looking at your router manual, it seems you should check chapter 10.2 Access Control to see if something is configured which could prevent specific devices from using time services.

0 Helpful

fortmillsc
Level 1
Level 1

ā€Ž11-05-2018 05:47 PM

Thanks for the follow-up and the detail. I'll take a look at the one windows device we have on the network. Other than that, the only thing connected 24/7 is the camera system. 

0 Helpful

rotblitz
Level 6
Level 6

ā€Ž11-06-2018 02:51 AM

Well, both sources are in question of raising NTP traffic, the PC and also the camera system.

0 Helpful
Customers Also Viewed These Support Documents