[ntp:questions] Answering only to the LAN

Richard B. Gilbert rgilbert88 at comcast.net
Mon Jul 4 16:52:51 UTC 2011


On 7/4/2011 10:15 AM, Andre Majorel wrote:
> A local NTP server is running on the firewall, sync'd to my
> ISP's NTP server, ntp.myisp.net.
>
> I'm trying to configure the NTP server on the firewall to speak
> only to ntp.myisp.net and the hosts on the LAN.
>
> All my attempts lead to an NTP server which will talk to either
> ANYONE, including random hosts on the internet, or NO-ONE. Well,
> it will speak to ntp.myisp.net but not the hosts on my LAN.
>
>    server ntp.myisp.net
>    restrict default ignore
>    restrict -6 default ignore
>    restrict<IP_of_ntp.myisp.net>  nomodify notrap nopeer
>    restrict 192.168.0.0 mask 255.255.255.0 kod nomodify notrap nopeer
>    restrict 127.0.0.1
>    restrict -6 ::1
>
> What am I doing wrong ? Thanks in advance.
>

Too many restrict statements!   Delete them all and things will work.

If you must have them, restore ONE AT A TIME.  When things stop working, 
  you have found a problem.  There may be more than one!




More information about the questions mailing list