[ntp:questions] notrust alternative?
David L. Mills
mills at udel.edu
Wed Nov 15 04:29:22 UTC 2006
In your network the clients should be using server, not peer, unless
they intend to mobilize a symmetric association. However, without
notrust they get served anyway, but an association is not mobilized. I
did that for the original Windows XP client that was using symmetric
active mode in error. It's hard to figure out how the dominos should
fall under all kinds of misconfigured clients.
ntplist at gmail.com wrote:
> I have seen behavior identical to what Dennis described with a
> pre-built Solaris 8 version of the 4.2.0 at 1.1161-r daemon that is
> available from Community Software (CSW), http://www.blastwave.org/ if
> your interested. I have "restrict default nopeer" configured. With
> authorization disabled, all of the systems on our network that peered
> my server showed up in its ntpq -p output. With authorization enabled,
> only the systems I had configured on that server showed up. I plopped
> a version 4.2.2p3 at 1.1577-o daemon that was build from the official
> source, disabled authorization and it behaved normally, no additional
> spurious output from ntpq -p. Something perculiar with 4.2.0 at 1.1161-r?
> Regardless, this was enough to steer me away from anything pre-built
> and back to the genuine article.
> Bill McGovern
> General Dynamics
More information about the questions