[ntp:questions] Re: 4.2a headaches

Steve Kostecke kostecke at ntp.isc.org
Thu Jan 5 17:38:53 UTC 2006


On 2006-01-05, Williams, Jeffrey <jeff at sailorfej.net> wrote:

> I am having some interesting issues with the newer implementation of ntp 
> 4.2 versus 4.1.

<snip>

> The problem is that you can't use hostnames in a restrict line, and the 
> reason we use hostname on server lines is so a hosting party can move 
> the time service to a different IP address with out disrupting 
> timeservice, not to mention for obvious reasons specific IP listings 
> won't work if you want to use the ntp.org ntp server pools.  So if you 
> want to sync with pool timeservers and/or use only host names to sync 
> with specific public timeservers you have to allow open access to your 
> time server?

You could place your time server behind a stateful firewall. Then it
will not respond to NTP requests from the outside world.

Please see http://ntp.isc.org/Support/AccessRestrictions

> So is this the way it is supposed to work? am I making a stupid mistake? 
> or is this a bug in 4.2?

It's a feature.

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list