Thank you for visiting the Rackspace Community
The The Community is live! Post new content or topics so our teams can assist.

Please contact your support team if you have a question or need assistance for any Rackspace products, services, or articles.

Awareness: Enabling Security Groups on Rackspace Public Cloud servers Blocks NTP

Problem

Enabling Security Groups on Rackspace Public Cloud servers (PublicNet connection) unexpectedly blocks NTP.

Root Cause

NTP is not whitelisted by default, and it typically uses UDP (stateless) transport. While Security Groups do allow inbound connections that are initiated by your Cloud Server (stateful rules), they cannot work with UDP-based traffic.

Recommended Workaround

All Rackspace DNS servers are fully functional NTP servers as well. Thus, we recommend using the Rackspace DNS servers as your NTP servers.

  • From the mycloud portal, add a Security Group rule whitelisting each DNS server IP on all ports (or UDP and TCP 123 if you want to be very specific).
  • From your Cloud Server, configure your NTP client to sync to the IPs listed in your DNS settings. (/etc/resolv.conf in Linux, Network Properties in Windows).
  • Restart the time service or force a sync, then verify that your server is syncing properly. If it's still not working, check your NTP client settings, then try detaching and re-attaching the Security Group to your PublicNet port.