Issue with NTP, odd tcpdump behavior
I have two new HA pairs of i5800s running version 13.1.1 and ntp isn't working. I know I may have firewall rules that have yet to be implemented, or not implemented properly, but in troubleshooting I found something odd in tcpdump behavior. If I run tcpdump -nni any port 123, I see packets going out (can't tell which interface) but they have a source ip of the non-floating self-ip on my internal vlan. However tcpdump -nni internal port 123 does not see those packets.... the internal vlan is assigned as an untagged vlan to a trunk that is also named internal, containing two 1 Gig interfaces, 1.2 and 1.4
From the tcpdump -nni any port 123 15:11:14.243324 IP 172.31.1.86.21857 > 192.168.251.50.123: NTPv4, Client, length 48 out slot1/tmm0 lis= 15:11:14.243328 IP 172.31.1.86.26767 > 192.168.251.52.123: NTPv4, Client, length 48 out slot1/tmm0 lis= 15:11:17.205098 IP 172.31.1.86.29537 > 10.11.73.31.123: NTPv4, Client, length 48 out slot1/tmm0 lis= From tcpdump -nn1 internal port 123 [root@apm01-corp-DCNDH-EPVD-RI-US:Active:In Sync] config tcpdump -nni internal port 123 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on internal, link-type EN10MB (Ethernet), capture size 65535 bytes