[ntp:questions] NTP on small 100% Linux LAN : reasonable access control policy ?

Niki Kovacs mickey at mouse.com
Sun Aug 1 15:24:56 UTC 2010


I experimented for a few hours with a local "sandbox" network, and 
here's the configuration I finally found out.

Server (192.168.1.2 = bernadette):

--8<---- /etc/ntp.conf ----------------

driftfile /var/lib/ntp/drift
logfile /var/log/ntp.log

server 0.fr.pool.ntp.org
server 1.fr.pool.ntp.org
server 2.fr.pool.ntp.org
server 3.fr.pool.ntp.org

restrict default kod nomodify notrap nopeer
restrict 127.0.0.1
restrict 192.168.1.0 mask 255.255.255.0

--8<-----------------------------------


Client (192.168.1.3 = raymonde):

--8<---- /etc/ntp.conf ----------------

driftfile /var/lib/ntp/drift
logfile /var/log/ntp.log

server bernadette

restrict default ignore
restrict 127.0.0.1
restrict bernadette

--8<-----------------------------------

If I understand correctly, the whole setup works OK as soon as ntpq -p 
shows me a list of servers, and at least one of them has a little * star 
in front of the line (which can take a few minutes to appear).

I'm open for suggestions if there's something wrong with my setup.

Cheers from the sunny South of France,

Niki




More information about the questions mailing list