[ntp:questions] Re: recvfrom(0.0.0.0) fd=51: Connection refused
mayer at ntp.isc.org
Mon Sep 11 03:39:17 UTC 2006
Harlan Stenn wrote:
> A name in the 'restrict' line may work for him now, and this issue may be
> resolved in the future, but in general at this time it is a Bad Idea unless
> there is Good Reason to believe a single address will be returned for
> the name both now and in the future.
> IE, the current BCP is to use IPs for 'restrict' addresses. I do not know
> why this is not the BCP for server/peer targets as well, but that is a
> different matter.
No, that's exactly the issue. People use the pool a lot and get a
different address each time. Use IP addresses for the restrict line is
almost impossible for pool addresses.
This needs to be fixed properly a different way.
More information about the questions