[ntp:questions] change in behavior from RHEL 5 to Ubuntu 9.10

Steve Kostecke kostecke at ntp.org
Wed Jun 2 20:50:12 UTC 2010


On 2010-06-02, Aaron Bennett <systemspoet at gmail.com> wrote:

> I'm puzzling through an odd discrepancy between ntpd on CentOS 5 to
> Ubuntu 9.10 -- to wit, with this exact same config on both os's:
>
> restrict default ignore

[snip]

> restrict 0.us.pool.ntp.org nomodify nopeer notrap noquery

[snip]

> From what I just read at http://support.ntp.org/bin/view/Support/AccessRestrictions#Section_6.5.1.1.3.
> , it looks like if you use 'restrict default ignore' then "You must
> use an IP address on the restrict line" -- can that be right?   If so,
> how can you do that and still use the pool servers?

restrict lines containing a hostname currently resolve to _one_ IP
address. So, you can't use 'restrict default ignore' with a hostname
which resolves to multiple IP addresses unless you are able to create a
"relaxed" restriction line for every possible IP address for that
hostname.

You should work through the decision tree at
http://support.ntp.org/bin/view/Support/AccessRestrictions#Section_6.5.1.1.
and find the right default restriction for your network configuration
and security requirements.

Please feel free to visit #ntp at irc.freenode.net if you want live
support.

-- 
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/




More information about the questions mailing list