[ntp:questions] Will AutoKey setup work on a NAT host behind a firewall?

Dave Hart davehart at gmail.com
Sun Nov 14 04:55:22 UTC 2010


On Sun, Nov 14, 2010 at 04:27 UTC, Danny Mayer <mayer at ntp.org> wrote:
> On 11/13/2010 9:47 PM, Dave Hart wrote:
>> On Sun, Nov 14, 2010 at 00:32 UTC, Harlan Stenn <stenn at ntp.org> wrote:
>>> A single "pool FOO.pool.ntp.org iburst" line should be enough.
>>
>> ... assuming you're using 4.2.7.  With 4.2.6 or earlier, "pool" spins
>> up only one association, and uses DNS only at startup.
>
> That didn't used to be true, at least in the original code that was in
> 4.2.5 which would create up to 10 associations depending on the number
> of IP addresses returned by the DNS resolver and how many previous
> associations had been set up. Did something change in 4.2.6 to break that?

No, thanks, good point.  I simply misremembered the old behavior.  As
Danny said, the old pool implementation would spin up as many
associations as the DNS query returned addresses, capped at maxclock
(default 10).  However, pool.ntp.org changed its behavior in response,
reducing the number of addresses returned per query, on the flawed
theory that pool users don't need more than three servers.  So with
4.2.6 and earlier using *.pool.ntp.org, each "pool" directive spins up
3 associations.  Using 4.2.7 and later, each "pool" directive solicits
one additional pool server per poll until there are maxclock * 2 total
associations, or there are both (a) at least minclock survivors and
(b) at least maxclock total associations.

Cheers,
Dave Hart



More information about the questions mailing list