Dual NICs, NTP Nettime Windows 10

Olddawg

Getting the hang of it
Joined
Aug 9, 2018
Messages
113
Reaction score
49
Location
OK
I added a second NIC on my BI Server for cameras and everything is working great except NTP on cameras. The second NIC IP is 192.168.253.60, cameras are 192.168.253.50, 51, 52. The other NIC is 192.168.254.98 which is what BI is showing on my Web Server LAN access. Installed Nettime. I have set Firewall Inbound and Outbound rules for port 123 UDP. I have tried setting camera NTP Server to 192.168.253.60 and 192.168.254.98 and both fail. I don't see any way to configure Nettime to the second NIC 192.168.253.60. Any suggestions? Also on the second NIC does it matter what the Default Gateway is?
 

bp2008

Staff member
Joined
Mar 10, 2014
Messages
12,666
Reaction score
14,007
Location
USA
I am pretty sure Nettime would listen on all network interfaces, but you can check by opening Task Manager's Performance tab and click the link at the bottom "Open Resource Monitor". Then on the resource monitor's network tab, there is a section showing all listening ports. For each port it tells you which protocol (TCP, UDP), which address it is listening on (IPv4 unspecified means it is listening on all IPv4 addresses), and which process is doing the listening.

You can leave default gateway blank on any network interface that does not need internet access.
 

Olddawg

Getting the hang of it
Joined
Aug 9, 2018
Messages
113
Reaction score
49
Location
OK
I am pretty sure Nettime would listen on all network interfaces, but you can check by opening Task Manager's Performance tab and click the link at the bottom "Open Resource Monitor". Then on the resource monitor's network tab, there is a section showing all listening ports. For each port it tells you which protocol (TCP, UDP), which address it is listening on (IPv4 unspecified means it is listening on all IPv4 addresses), and which process is doing the listening.

You can leave default gateway blank on any network interface that does not need internet access.
Thank you bp2008- Here is what I found. I was thinking port 123 was the port for Nettime. One thing I should also mention is I have Windows NTPServer enabled and Windows Time running.

upload_2018-9-14_8-35-1.png
 
Joined
Apr 26, 2016
Messages
1,090
Reaction score
852
Location
Colorado
Port 37 is either legacy Time protocol or for onsite Time synchronization, the one you want is 123. I use the network Time Synchronization" application (found on these forums), and points the cameras at the 2nd NIC (192.168.253.60 in your case), and port 123 and it just works. Do you have Windows Firewall possibly blocking that port?
 

Olddawg

Getting the hang of it
Joined
Aug 9, 2018
Messages
113
Reaction score
49
Location
OK
Port 37 is either legacy Time protocol or for onsite Time synchronization, the one you want is 123. I use the network Time Synchronization" application (found on these forums), and points the cameras at the 2nd NIC (192.168.253.60 in your case), and port 123 and it just works. Do you have Windows Firewall possibly blocking that port?
Nettime is installed for time synchronization but showing port 37. I do have port 123 open on inbound and outbound.
 

Netwalker

Getting the hang of it
Joined
Aug 8, 2017
Messages
46
Reaction score
28
Nettime is installed for time synchronization but showing port 37. I do have port 123 open on inbound and outbound.
It's been a while since you've posted this, but I was running into similar NTP sync problems on the isolated LAN that my cameras are on (A second NIC). The issue was that Windows Firewall had automatically set my camera network's adapter connection to "Public" instead of "Private". To make the solution more complicated, since it was an "unidentified network" it didn't give me the normal option to make it a private network on the network connections page.

What fixed it was opening the windows firewall settings, and preforming these steps:

{Outdated, bad info. See post below}

I also went ahead and selected the "Public Profile" tab and deselected the camera network on that page, although that step probably isn't required. Immediately after the change, the Network Time Sync server started logging the time sync requests from my ip cameras.

Hopefully this helps others.
 

Attachments

Last edited:

Whoaru99

Pulling my weight
Joined
Dec 22, 2018
Messages
422
Reaction score
159
Location
Here
I had this same/similar problem. My solution was not to remove the NIC from firewall protection, but to be sure public was included in the 123 rule.

Probably could tighten it up with more criteria such as the specific IPs and that sort of thing. But since it's just the cameras on that LAN I don't think it really helps anything to do that.

Capture.JPG
 
Last edited:

Netwalker

Getting the hang of it
Joined
Aug 8, 2017
Messages
46
Reaction score
28
I had this same/similar problem. My solution was not to remove the NIC from firewall protection, but to be sure both public and private were included in the 123 rule.
Yes, I accidentally deleted my firewall rules so I had to go over the whole thing again and I think you are correct. It was disabling the "public" firewall rules on the Camera LAN that enabled the NTP sync to work. I'll double check things and see if I can get another updated pic to post.

What we really need to do however is to set the secondary NIC (Camera Network) to be a "private network" according to Windows.
 

Netwalker

Getting the hang of it
Joined
Aug 8, 2017
Messages
46
Reaction score
28
So there are a couple of options here. You could go into your firewall rules and set the 4 Network Time Service rules to operate on both public and private networks. It's a fine solution, but the main root of the problem is that in Windows 10, a LAN without a router on it automatically gets assigned as a Public network which ends up automatically blocking a bunch of stuff you may want (i.e. file sharing and possibly event notifications from your cameras). A better solution in my opinion is to set your network which should be private, to private:

Problem:

Problem.png


Solution:


Solution.png
 

Whoaru99

Pulling my weight
Joined
Dec 22, 2018
Messages
422
Reaction score
159
Location
Here
Interesting. Thanks.

I hadn't found the way to change the unidentified network to Private.

That said, IMO, the whole point of a separate network for cams is restriction and isolation so leaving at Public doesn't inherently seem like the wrong direction. I really want only two things for them; send the video to BI (or allow BI to pull it, whichever it is), allow them to sync time with NTP/computer (I'm using NetTime with all the Windows NTP stuff disabled).
 
Top