Venus v3.60-66 Are NTP Calls to Russia & Belarus Servers Normal?

I"m not sure how closely I’ve been watching, but recently I’ve seen repeated NTP requests from my Ekrano GX running v3.60-66 to Russia and Belarus NTP servers. I’m fairly certain these are legitimate requests looking at the network traffic, but since there is no way to set the NTP server, I want to understand if others have seen this issue. Here is just today’s NTP requests that I’ve had my router block. I should note for the pictures that the GX is 192.168.50.12 sits behind a Peplink Router 192.168.162.126 connected through WiFi for WAN to a Unifi AP


I got similar blocks in my firewall,

Good to have block feature :slight_smile:

/Kaj

Thank you for confirming Kaj. Good to know I’m not alone. I’m always worried about a compromised system getting onto my control network and wreaking havoc. ChatGPT suggested I SSH into the Ekrano GX and edit timesycnd.conf directly to point to an NTP server like time.gogle.com and a fallback like pool.ntp.org. I have yet to try this and assume any changes I did make would be overwritten by the next firmware update. So for now, blocking is the path. In the future I’d to see the option in the VenusOS to configure the NTP server directly through the UI.

ChatGPT is wrong, as it always is, there is not systemd-timesyncd on VenusOS.

And pool.ntp.org might well be the reason for those packets, as it returns a number of addresses from the pool. You might want to use “CC.pool.ntp.org” with “CC” being your two-letter country code to get local ntp servers.

ChatGPT only suggested time.google.com.. I assumed pool.ntp.org was the hardcoded default and was planning on moving that to backup. Even so, I had no way to confirm either timesycnd.conf existed or the current NTP setting. I found SSH locked down in v3.60-66 and no easy way to enable. For now, firewall blocking is the easy path until a future update provides an override for a NTP server setting.

Please take a look at how ntp system works.

Cerbo is configured to ask time from:
0.europe.pool.ntp.org,
1.europe.pool.ntp.org,
2.europe.pool.ntp.org,
3.europe.pool.ntp.org

These can translate, if network status in that moment ask for, to any “europe” mapped timeservers.
Want it or not Belarus and Russia are still from Europe…

Good info Alex. Thanks. I had no idea where my GX was pointing. That information is not exposed in the UI or configurable. That was my point. If you guys in Europe want to use Russian or Belarus NTP servers, that is your choice. Us in other parts of the world may not want to use those same servers and have the option to change.

Hi @joeAV541 ,

Victron here :sweat_smile: .

To change this, you’ll have to indeed ssh into the Cerbo and amend a file somewhere.

It might be quite a while before we get to changing this, if ever. Its the eternal matter of choices and limited capacity and long lists of whishes by ourselves + userbase.

hope you understand, Matthijs