[ntp:questions] peer command and clusters

Rob nomail at example.com
Tue Mar 29 08:10:06 UTC 2011


Florin Andrei <florin at andrei.myip.org> wrote:
> On 03/26/2011 03:36 AM, Rob wrote:
>> Florin Andrei<florin at andrei.myip.org>  wrote:
>>>
>>> restrict 0.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
>>> restrict 1.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
>>> restrict 2.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
>>> restrict 3.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
>>
>> This does not work!
>> The names like 0.us.pool.ntp.org return multiple IP adresses and
>> the "server" and "restrict" lines will not match.
>
> The ntpd version we're using is pretty old and does not support the 
> "source" keyword. Since the local NTP servers are behind a firewall and 
> are not reachable from the outside, should this matter at all?

I don't have those paranoid restrict statements in the NTP servers on
our LAN...  and on an internet facing server I have only:

restrict default nomodify nopeer notrap


I fail to see what all those paranoid restrict statements are good for.




More information about the questions mailing list