[ntp:questions] Answering only to the LAN

Richard B. Gilbert rgilbert88 at comcast.net
Mon Jul 4 16:52:51 UTC 2011

On 7/4/2011 10:15 AM, Andre Majorel wrote:
> A local NTP server is running on the firewall, sync'd to my
> ISP's NTP server, ntp.myisp.net.
> I'm trying to configure the NTP server on the firewall to speak
> only to ntp.myisp.net and the hosts on the LAN.
> All my attempts lead to an NTP server which will talk to either
> ANYONE, including random hosts on the internet, or NO-ONE. Well,
> it will speak to ntp.myisp.net but not the hosts on my LAN.
>    server ntp.myisp.net
>    restrict default ignore
>    restrict -6 default ignore
>    restrict<IP_of_ntp.myisp.net>  nomodify notrap nopeer
>    restrict mask kod nomodify notrap nopeer
>    restrict
>    restrict -6 ::1
> What am I doing wrong ? Thanks in advance.

Too many restrict statements!   Delete them all and things will work.

If you must have them, restore ONE AT A TIME.  When things stop working, 
  you have found a problem.  There may be more than one!

More information about the questions mailing list