[ntp:questions] ntpd not talking to servers? (was Re: SIGINFO for Portable OpenNTP on Linux)

Steve Kostecke kostecke at ntp.org
Fri Sep 4 16:02:20 UTC 2009

On 2009-09-04, RedGrittyBrick <RedGrittyBrick at spamweary.invalid> wrote:

> # grep "^[^#]" /etc/ntp.conf
> restrict default ignore
> restrict
> server 0.uk.pool.ntp.org
> server 1.uk.pool.ntp.org
> server 2.uk.pool.ntp.org
> server 3.uk.pool.ntp.org

The 'restrict default ignore' line is your problem. It tells ntpd to
ignore _all_ NTP packets from _anywhere_.

When 'restrict default ignore' is used one must explicitly allow
packets from authorized addresses (which can be servers or clients).
Unfortunately, this won't work with the pool or any other host name
which can resolve to multiple IP addresses.

A more sensible set of restriction lines is:

restrict default nomodify nopeer notrap noquery

More information about restrictions is available at

> driftfile /etc/ntp/drift

These lines aren't  doing anything useful:

> broadcastdelay  0.008
> authenticate yes
> keys            /etc/ntp/keys

Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/

More information about the questions mailing list