[ntp:questions] Re: Broadcast

David L. Mills mills at udel.edu
Sun Jul 10 15:58:50 UTC 2005


Jeremy,

The MV scheme is quite exotic. It would probably be best if you first 
brought up IFF in ordinary client/server mode to verify the keys work 
and monitor with cryptostats for error messages. Then, move on to IFF in 
broadcast mode. If that works, then tackle MV. Verify with ntpq 
billboards that the keys do get installed. The debug trace has quite a 
bit of useful information as does the cryptostats. If you continue to 
have trouble, please include snips of these data in your messages.

Dave

Jeremy Baggs wrote:
>  I am trying to get ntpd working in broadcast mode using the MV
> encryption scheme. I am running ntp 4.2.0 on all systems involved For
> testing this out I have been using 2 boxes running FreeBSD 5.4. 
> On the server side:
>  I ran ntpkeygen -V 5 -p ******.
> 
>  ntpkey_mv_server.foo-> ntpkey_MVpar_server.foo.12345
>  ntpkey_host_server.foo -> ntpkey_RSAkey_server.foo.12345
> 
> I copied ntpkey_MVkey3_server.foo.12345 to my client and linked it to
> ntpkey_mvkey_client.foo
> 
> my server /etc/ntp.conf contains:
> 
>  crypto pw ******
>  keysdir /usr/local/etc
> 
>  server ...
>  server ...
>  server ...
> 
>  broadcast a.b.255.255 autokey
> 
> I have also tried it with the servers IP as:
>  
>  broadcast a.b.c.d autokey
> 
> In the client /etc/ntp.conf I have:
> 
>  keysdir /usr/local/etc
>  
> and have tried each of:
> 
> broadcastclient autokey
> broadcastclient a.b.255.255 autokey
> broadcastclient a.b.c.d autokey
> broadcastclient server.foo autokey
> 
> Nothing is working. ntpq -p on the client returns: No association ID's
> returned.
> when I run the server with:
> 
>  broadcast a.b.c.d autokey
> 
> I get the ability to connect as if it were not in broadcast mode which
> leads me to suspect this is the wrong way to do things. Aside from
> that does anyone know what else I am doing wrong? 
> 
>  Thanks in advance,
> 
>  Jeremy
> 
> 
> 
> 
> _______________________________________________
> questions mailing list
> questions at lists.ntp.isc.org
> https://lists.ntp.isc.org/mailman/listinfo/questions
> 




More information about the questions mailing list