[ntp:questions] Re: 4.2a headaches

David L. Mills mills at udel.edu
Thu Jan 5 18:18:33 UTC 2006


Steve.

DNS host names on restrict lines work just fine. I verified this just now.

Dave

Steve Kostecke wrote:
> On 2006-01-05, Williams, Jeffrey <jeff at sailorfej.net> wrote:
> 
> 
>>I am having some interesting issues with the newer implementation of ntp 
>>4.2 versus 4.1.
> 
> 
> <snip>
> 
>>The problem is that you can't use hostnames in a restrict line, and the 
>>reason we use hostname on server lines is so a hosting party can move 
>>the time service to a different IP address with out disrupting 
>>timeservice, not to mention for obvious reasons specific IP listings 
>>won't work if you want to use the ntp.org ntp server pools.  So if you 
>>want to sync with pool timeservers and/or use only host names to sync 
>>with specific public timeservers you have to allow open access to your 
>>time server?
> 
> 
> You could place your time server behind a stateful firewall. Then it
> will not respond to NTP requests from the outside world.
> 
> Please see http://ntp.isc.org/Support/AccessRestrictions
> 
> 
>>So is this the way it is supposed to work? am I making a stupid mistake? 
>>or is this a bug in 4.2?
> 
> 
> It's a feature.
> 




More information about the questions mailing list