[ntp:questions] Re: noserve restrict option

Steve Kostecke kostecke at ntp.isc.org
Tue Oct 5 19:04:27 UTC 2004


On 2004-10-05, Robert Rati <Robert.Rati at motorola.com> wrote:

> I'm attempting to secure an NTP client setup and have recently upgraded 
> from 4.1 to 4.2 but one of the options I used in 4.1 appears to work 
> differently in 4.2.  Basically, I restrict clients with the default:
>
> restrict default ignore
>
> For each time server I have:
>
> restrict <ip-addr> noquery noserve

Noserve blocks time packets. This means that you won't be able to get
the time from that server because you can't send time packets to it.

Why do you think that you need noserve in this situation? 

> server <ip-addr> maxpoll 12 version 3

You're better off not overriding ntpd's min/maxpoll settings unless you
find yourself in a situation where you absolutely have to do it.

-- 
Steve Kostecke <kostecke at ntp.isc.org>



More information about the questions mailing list