[ntp:questions] change in behavior from RHEL 5 to Ubuntu 9.10

Dave Hart hart at ntp.org
Wed Jun 2 20:40:48 UTC 2010

On Wed, Jun 2, 2010 at 20:29 UTC, Aaron Bennett wrote:
> Thank you.  What I'm going to do is remove the default restrict ignore and
> use iptables to prevent off-campus hosts from syncronizing with our time
> server.  I'm not entirely sure why I used default restrict ignore in the
> first place -- it was three or four years ago -- and I would guess that
> whatever documentation I was reading said that that was the best approach.

The official docs (for ntp-dev):


For your version, either look for the html subdirectory in your ntpd
distribution tarball or source directory, or see http://docs.ntp.org/
(thanks, Steve!).

Thank you for explaining what you are hoping the "restrict default
ignore" will accomplish for you.  I suspect "restrict default noserve"
may be a closer fit to the requirement, but I also suspect it will
similarly interfere with pool use.  If you can't find a way to avoid
default restrictions which are too restrictive for pool use, you may
want to hand-select public NTP servers rather than use the pool, or
upgrade to current ntp-dev to get "restrict source".

Dave Hart
questions mailing list
questions at lists.ntp.org

More information about the questions mailing list