[ntp:questions] systems won't synchronize no matter what
Steve Kostecke
kostecke at ntp.org
Thu Oct 28 11:36:00 UTC 2010
On 2010-10-28, Null at BlackList.Anitech-Systems.invalid wrote:
> Florin Andrei wrote:
>> above would be great. Would have saved me a lot of trouble.
>
> restrict source ...
> has been around since ntp 4.2.7p22 (01-Apr-2010)?
NTP4 v2.7.22
> However you are using ntp 4.2.2p1-7 (08-Jul-2006) ?
NTP4 v2.2.1-7
The prepackaged versiom of NTP shipped by most OSes does tend to be a
bit old. We do provide Debian packages of the current ntp-dev snapshot
(binary i386 on Stable, and source debs). The Debian Testimg release
usually ships a relatively recent stable relase of NTP (which can be
used on a "stable" machine through "apt pinning".
>> restrict 10.10.16.64 noquery
>> restrict 10.10.16.65 noquery
>
> So, those server can't get time from yours, but they can change your
> running conf
Not unless you either (a) start ntpd with -A to disable NTP auth or (b)
you configure symmetric keys for remote control _and_ the remote end has
that information.
> and request to be a trap?
Which is only a monitor.
>> # now close the door
>> restrict default ignore
>
> I would have done it in the opposite order,
> (default ignore, before allows), perhaps it doesn't matter.
The order does not matter.
--
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/
More information about the questions
mailing list