[ntp:questions] Time source IP address validation.

Danny Mayer mayer at ntp.isc.org
Wed Dec 28 16:25:44 UTC 2005


ssubrama wrote:
> 
> Is the IP address added in the ntp.conf as time source validated  in the
> daemon? (We use NTP version 4.x.x)
> 

What do you mean by validated? In what way does it need to be validated?

> How do we restrict the time source IP addresses of a loop back or
> multicast address.

You specify the time sources you want on server lines. If you set it up
as a multicast client and want to only accept from specific multicast
servers you can require authentication (which is the default anyway) and
you can use restrict lines to limit which systems from you will accept
packets.

> What shall happen if we configure the loop back and multicast addresses
> as time source IP address.
> 
You will never get packets from the loopback, it's meaningless anyway
and shouldn't configure it. The multicast addresses you configure as a
client will allow you to receive packets from any system sending to that
multicast address. Since the hop count (or ttl) is usually limited you
should only see multicasts from a few systems mainly on your local LAN.

Danny



More information about the questions mailing list