[ntp:questions] Re: ntpd

Ted Gervais ve1drg at av.eastlink.ca
Thu May 11 15:08:49 UTC 2006


Thanks Brian for your input. I have the localhost line in there as that is 
what I got from examples (127.127.1.0) but will take them out as I don't 
know what they are doing.
And I already took out the 'notrust' statement so that is ok now.
I also changed my servers so things are in better shape now since I made 
these changes.

It all takes a bit to get things going but I think I am in better shape 
now thanbefore.  But thanks again for you input..



On Thu, 11 May 2006, Brian Utterback wrote:

> Ted Gervais wrote:
>> Well I finally got ntpd installed and I have it running.
>> Here is what I have in my ntp.conf file:
>> -------------
>> restrict default noquery notrust nomodify
>> restrict 127.0.0.1
>> restrict 24.224.176.0 mask 255.255.248.0
>> fudge 127.127.1.0 stratum 3
>> server 127.127.1.0
>> server 0 pool.ntp.org
>> server 1 pool.ntp.org
>> server 2 pool.ntp.org
>> server pool.ntp.org
>> driftfile /etc/ntp.drift
>> logfile /var/log/ntp.log
>> ------------------
>> 
>> And I am not sure that is all correct or if there istoo much in there etc..
>> 
>> As well - I have no idea that ntp(d) is working?  How can I tell and if it 
>> is how does it change the system time or the hardware time??
>
> This looks quite wrong to me. First, why do you need to configure
> the LOCAL clock, i.e. the 127.127.1.0 lines? If you don't really
> understand why you need them, then get rid of them.
>
> Next, the first 3 pool lines look wrong. I don't know of a syntax
> that has a single digit number following the server keyword. Was
> there supposed to be a dot between the number and "pool"?
>
> Next, with the restrictions you have here, you will not trust any
> unauthenticated server unless it is on the 24.224.176.0 network.
> Unless you have your own local definitions for pool.ntp.org, they
> are all unauthenticated servers that are not on that network, and
> will not be trusted and thus not usable.
>
> It is an unfortunate fact of life at the moment that there is no
> way to specify restrict lines that refer to the pool servers. It
> is planned to add such a feature, but it isn't there yet, as far
> as I know.
>
> Hope that helps.
> -- 
> blu
>
> Rose are #FF0000, Violets are #0000FF. All my base are belong to you.
> ----------------------------------------------------------------------
> Brian Utterback - OP/N1 RPE, Sun Microsystems, Inc.
> Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom
>

---
Ted Gervais
Coldbrook, Nova Scotia
Canada. (ve1drg)




More information about the questions mailing list