[ntp:questions] Re: recvfrom( fd=51: Connection refused

Danny Mayer mayer at ntp.isc.org
Mon Sep 11 03:39:17 UTC 2006

Harlan Stenn wrote:
> Danny,
> A name in the 'restrict' line may work for him now, and this issue may be
> resolved in the future, but in general at this time it is a Bad Idea unless
> there is Good Reason to believe a single address will be returned for
> the name both now and in the future.
> IE, the current BCP is to use IPs for 'restrict' addresses.  I do not know
> why this is not the BCP for server/peer targets as well, but that is a
> different matter.

No, that's exactly the issue. People use the pool a lot and get a
different address each time. Use IP addresses for the restrict line is
almost impossible for pool addresses.

This needs to be fixed properly a different way.

> H

More information about the questions mailing list