[ntp:questions] question about my ntpd.conf

Cong congngo at yahoo.com
Thu Oct 26 21:12:31 UTC 2006


Thank Steve


Steve Kostecke wrote:
> On 2006-10-25, Cong <congngo at yahoo.com> wrote:
>
> <snip: old ntp.conf>
>
> Here's a cleaned up version. I've removed a couple of lines that served
> no purpose and appended iburst to your server lines to get you quicker
> initial sync.
>
> -------------------------------------8X-------------------------------------
>
> # General Settings
> driftfile /var/lib/ntp/drift
> logfile /var/log/ntp.log
>
> # Default Restrictions
> restrict default kod nomodify notrap noquery
> restrict 127.0.0.1
>
> # Authorized Clients
> restrict 10.0.0.0 mask 255.255.255.0 nomodify notrap
>
> # Undisciplined Local Clock
> server	127.127.1.0
> fudge	127.127.1.0 stratum 10
>
> # Remote Time Servers
> server 0.us.pool.ntp.org iburst
> server 1.us.pool.ntp.org iburst
> server 2.us.pool.ntp.org iburst
>
> -------------------------------------8X-------------------------------------
>
> The following lines are not doing anything:
>
> > broadcastdelay	0.008
> > keys		/etc/ntp/keys
>
> > shouldn't I have this line for my server instead like below
> > restrict a.b.c.d (my server) mask 255.255.255.255 nomodify notrap no
> > query
>
> No. Restrict lines affect how your ntpd treats packets that arrive FROM
> the address / subnet specified on that line.
>
> BTW: You can not currently use restrict statements for hostnames that
> resolve to more than one IP address unless you include separate restrict
> statements for every possible IP address. So the best that you can do
> for pool servers is set a reasonable default restriction.
>
> You may want to take a look at http://ntp.isc.org/Support/AccessRestrictions
>
> --
> Steve Kostecke <kostecke at ntp.isc.org>
> NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list