[ntp:questions] Linux client ntp

Riccardo Castellani castellani.riccardo at tiscali.it
Sun Apr 15 17:34:29 UTC 2007

Richard, but "restrict default ignore" is more resctricted that "restrict
default nomodify nopeer notrap noquery".
Why should you suggest me second option ?
I'should always be more comfortable with ignore for all hosts except for
servers A/B even if I have no nat or Stateful inspection firewall.



----- Original Message ----- 
From: Richard B. gilbert
Newsgroups: comp.protocols.time.ntp
To: questions at lists.ntp.isc.org
Sent: Friday, April 13, 2007 3:59 PM
Subject: Re: [ntp:questions] Linux client ntp

Steve Kostecke wrote:
> On 2007-04-13, RICCARDO <castellani.riccardo at tiscali.it> wrote:
>>I want to use ntpd -qg, it could be right this ntp.conf for my Linux
>>client ?
>>restrict default ignore
>>restrict server A
>>restrict server B
> You could simplify this greatly by replacing all of those restrict lines
> with this:
> restrict default nomodify nopeer notrap noquery
> Please see http://ntp.isc.org/Support/AccessRestrictions
>>server A
>>server B
> When you only have two clocks there is no way of knowing which is
> correct. Either use 1 or 3 or more.
Four or more are better!  Three servers degenerate too easily to the two
server case.  Four servers will be somewhat more robust.

questions mailing list
questions at lists.ntp.isc.org

More information about the questions mailing list