[ntp:questions] Re: Newbie question - ntpd not answering requests

Richard B. Gilbert rgilbert88 at comcast.net
Wed Oct 20 22:06:51 UTC 2004

Laura wrote:

>I'm running NTP 4.2.0-r2 from ntp.org on a Gentoo linux box. My
>ntp.conf file is as follows:
>server pool.ntp.org
>driftfile       /var/lib/ntp/ntp.drift
>restrict pool.ntp.org nomodify notrap noquery
>restrict mask notrust nomodify notrap
>My server is syncing time with the pool.ntp.org server, but it won't
>answer ntp requests from my internal network. My ntp server
>is directly connected to the network, and there is no
>firewall in between. When I run ntpd in debug mode, I show the ntp
>requests being received but the server does not respond to them. Any
>ideas? Am I missing something in my configuration file?
>Thanks so much!
Hi Laura,

It's not causing your current problem but I believe that:

restrict mask notrust nomodify notrap

is incorrect!

You have opened your server to everybody on the 10.*.*.* network.   I 
believe that the /8 means that only the last octet of the address is the 
local network so:

restrict mask notrust nomodify notrap

is probably what you meant to do.  If you really meant to allow all 2^24 
addresses on the 10 net to access your server, sorry about that.

Your problem is almost certainly your restrict statements.   Lose them 
all and things should start to work. 

Then, since you probably don't want to serve time to the whole world or 
have random people dinking with your server, you need to put the 
restrict statements back.

restrict default ignore   # Ignore everyone by default
restrict       # Allow local host to do anything
restrict pool.ntp.org  nomodify notrap noquery
restrict mask   # Allow anything from your local 

You can restore the notrust, nomodify and notrap in the last statement 
one at a time and see which one(s) is/are causing the problem.  I think 
that notrust is the likeliest cause of your problem but testing will 
prove or disprove that rather quickly.

More information about the questions mailing list