[ntp:questions] Re: ntpd

Brian Utterback brian.utterback at sun.removeme.com
Thu May 11 13:09:10 UTC 2006


Ted Gervais wrote:
> Well I finally got ntpd installed and I have it running.
> Here is what I have in my ntp.conf file:
> -------------
> restrict default noquery notrust nomodify
> restrict 127.0.0.1
> restrict 24.224.176.0 mask 255.255.248.0
> fudge 127.127.1.0 stratum 3
> server 127.127.1.0
> server 0 pool.ntp.org
> server 1 pool.ntp.org
> server 2 pool.ntp.org
> server pool.ntp.org
> driftfile /etc/ntp.drift
> logfile /var/log/ntp.log
> ------------------
> 
> And I am not sure that is all correct or if there istoo much in there etc..
> 
> As well - I have no idea that ntp(d) is working?  How can I tell and if 
> it is how does it change the system time or the hardware time??

This looks quite wrong to me. First, why do you need to configure
the LOCAL clock, i.e. the 127.127.1.0 lines? If you don't really
understand why you need them, then get rid of them.

Next, the first 3 pool lines look wrong. I don't know of a syntax
that has a single digit number following the server keyword. Was
there supposed to be a dot between the number and "pool"?

Next, with the restrictions you have here, you will not trust any
unauthenticated server unless it is on the 24.224.176.0 network.
Unless you have your own local definitions for pool.ntp.org, they
are all unauthenticated servers that are not on that network, and
will not be trusted and thus not usable.

It is an unfortunate fact of life at the moment that there is no
way to specify restrict lines that refer to the pool servers. It
is planned to add such a feature, but it isn't there yet, as far
as I know.

Hope that helps.
-- 
blu

Rose are #FF0000, Violets are #0000FF. All my base are belong to you.
----------------------------------------------------------------------
Brian Utterback - OP/N1 RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom




More information about the questions mailing list