[ntp:questions] Re: recvfrom(0.0.0.0) fd=51: Connection refused

Danny Mayer mayer at ntp.isc.org
Mon Sep 11 03:39:17 UTC 2006


Harlan Stenn wrote:
> Danny,
> 
> A name in the 'restrict' line may work for him now, and this issue may be
> resolved in the future, but in general at this time it is a Bad Idea unless
> there is Good Reason to believe a single address will be returned for
> the name both now and in the future.
> 
> IE, the current BCP is to use IPs for 'restrict' addresses.  I do not know
> why this is not the BCP for server/peer targets as well, but that is a
> different matter.
> 

No, that's exactly the issue. People use the pool a lot and get a
different address each time. Use IP addresses for the restrict line is
almost impossible for pool addresses.

This needs to be fixed properly a different way.

Danny
> H
> 



More information about the questions mailing list