[ntp:questions] change in behavior from RHEL 5 to Ubuntu 9.10

Steve Kostecke kostecke at ntp.org
Wed Jun 2 20:50:12 UTC 2010

On 2010-06-02, Aaron Bennett <systemspoet at gmail.com> wrote:

> I'm puzzling through an odd discrepancy between ntpd on CentOS 5 to
> Ubuntu 9.10 -- to wit, with this exact same config on both os's:
> restrict default ignore


> restrict 0.us.pool.ntp.org nomodify nopeer notrap noquery


> From what I just read at http://support.ntp.org/bin/view/Support/AccessRestrictions#Section_6.
> , it looks like if you use 'restrict default ignore' then "You must
> use an IP address on the restrict line" -- can that be right?   If so,
> how can you do that and still use the pool servers?

restrict lines containing a hostname currently resolve to _one_ IP
address. So, you can't use 'restrict default ignore' with a hostname
which resolves to multiple IP addresses unless you are able to create a
"relaxed" restriction line for every possible IP address for that

You should work through the decision tree at
and find the right default restriction for your network configuration
and security requirements.

Please feel free to visit #ntp at irc.freenode.net if you want live

Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/

More information about the questions mailing list