The NTP2x0 servers should implement this. The web page shows one possible apache configuration, but as you use lighttpd, you'll want something like (untested):
This should not prevent access to the NTP2x0's own web pages, but since this exposes the server to the wild, wild internet: an option to make them password-protected and/or restricted to known addresses would be a good thing. You don't want the script kiddies attacking the server either looking for vulnerabilities or simply doing a DOS attack (which could also affect timekeeping).
Note that while it is usually possible to do port forwarding for IPv4, it's generally not possible for IPv6; thus the NTP2x0 servers need to handle the redirections. (IPv6 port mapping/NAT exists, but is discouraged, fragile, often not implemented and/or broken.)
Also, to test this, you can temporarily modify your /etc/hosts (on windows: C:\Windows\System32\drivers\etc\hosts.txt) on your web browser's machine to point pool.ntp.org and ntppool.org to your NTP2x0's IPv4 and IPv6 addresses.
When joining the ntp pool, one can get http(s) requests intended for www.ntppool.org or www.pool.ntp.org (users type urls without the www).
https://www.ntppool.org/join.html recommends that such requests be redirected to https://www.ntppool.org/join.html
The NTP2x0 servers should implement this. The web page shows one possible apache configuration, but as you use
lighttpd
, you'll want something like (untested):This should not prevent access to the NTP2x0's own web pages, but since this exposes the server to the wild, wild internet: an option to make them password-protected and/or restricted to known addresses would be a good thing. You don't want the script kiddies attacking the server either looking for vulnerabilities or simply doing a DOS attack (which could also affect timekeeping).
Note that while it is usually possible to do port forwarding for IPv4, it's generally not possible for IPv6; thus the NTP2x0 servers need to handle the redirections. (IPv6 port mapping/NAT exists, but is discouraged, fragile, often not implemented and/or broken.)
Also, to test this, you can temporarily modify your
/etc/hosts
(on windows:C:\Windows\System32\drivers\etc\hosts.txt
) on your web browser's machine to pointpool.ntp.org
andntppool.org
to your NTP2x0's IPv4 and IPv6 addresses.Don't forget to remove (or comment out) these lines when done testing.