[ntp:questions] forcing ntpd to query from a restricted interface or subnet
hart at ntp.org
Sun May 6 19:49:12 UTC 2012
On Fri, May 4, 2012 at 3:04 PM, Anton Melser <melser.anton at gmail.com> wrote:
> I am cross-posting this from the CentOS list - there have been plenty
> of views but no answers and I'm not sure exactly where to post...
> So I have CentOS 6 (x64) - apparently nptd "Ver. 4.2.4p8". My problem
> is that I have too many IPs for ntpd to do a listen on every one. So I
> tried restricting both with adding -I eth0 on the command line
> parameters (in /etc/sysconf/ntpd) and with the interface instruction
> in /etc/ntp.conf. Neither works, and ntpd refuses to start.
> May 3 09:40:57 MyHost ntpd: Listening on interface #1005
> eth1:132235, 10.132.235.1#123 Enabled
> May 3 09:40:57 MyHost ntpd: Listening on interface #1006
> eth1:132236, 10.132.236.1#123 Enabled
> May 3 09:40:57 MyHost ntpd: Listening on interface #1007
> eth1:132237, 10.132.237.1#123 Enabled
> May 3 09:40:57 MyHost ntpd: Too many sockets in use, FD_SETSIZE
> 1024 exceeded
This is fixed in newer versions, I suggest you try 4.2.6p5 or ntp-dev.
Support for truly restricting listening interfaces with "interface"
(AKA "nic") in ntp.conf was introduced late in the 4.2.5 cycle.
Something like the following should work for you:
interface ignore all
interface listen eth0
That should result in ntpd using only v4/v6 localhost and eth0's v4/v6
More information about the questions