I just try to synchronize time with NTP-Server on EC2 instances:
server 0.amazon.pool.ntp.org iburst
server 1.amazon.pool.ntp.org iburst
server 2.amazon.pool.ntp.org iburst
server 3.amazon.pool.ntp.org iburst
Unfortunately, I couldn't sync with NTP-Server. My question is:
Thanks in advance,
Toan Dao
A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic from your instance. When you launch an instance, you can specify one or more security groups.
NACL can be understood as the firewall or protection for the subnet. Security group can be understood as a firewall to protect EC2 instances. These are stateless, meaning any change applied to an incoming rule isn't automatically applied to an outgoing rule.
AWS Security Groups have a set of rules that filter traffic in two ways: inbound and outbound. Since AWS security groups are assigned differently, you won't be needing the same rules for both inbound and outbound traffic.
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/ . In the navigation pane, choose Instances. Select your instance, and then choose Actions, Security, Change security groups. For Associated security groups, select a security group from the list and choose Add security group.
You need to allow outbound traffic to 0.0.0.0/0 on port 123 on your security group for NTP to work.
If your EC2 instance is in a public subnet, then you only need to allow this on your security group.
But if your EC2 instance is in a private subnet, then you need to allow inbound and outbound traffic on port 123 for your NAT to pass the requests and responses. Inbound is required from your EC2 instance (not the world).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With