[ntp:questions] ntpd access restrictions: Server allowed works only with ipaddress

Jochen Bern Jochen.Bern at LINworks.de
Sat Mar 29 22:48:52 UTC 2014

On 29.03.2014 13:00, questions-request at lists.ntp.org digested:
> From: "Witt, Stefan" <stefan.witt at dataglobal.com>
> Hello, looking for an answer of the following misbehaviour:
> Server entries are only valid and accepted if I use ip-address and
> not if I user fqdn of the timeserver1/2!
> Resolving of Timeserver-fqdn is successful!

And what *do* they resolve to? Single A or AAAA RR? Several? CNAME?
Other RR types? Any odd characters or unusually long parts in the FQDNs
that might trigger different implementation limits in different resolver

Does your resolver library support the "search" keyword in
/etc/resolv.conf ? Any chance that your searchlist (if yes) / suffixes
of your local domain as configured in the hostname (if not) lead to an
unintended match when combined with the FQDNs?

> From: David Lord <snews at lordynet.org>
> Ntp works with ip addresses because fqdn can sometimes map to
> more than one ip address.

If that's the case, and assuming that they're *external* servers, it
should be assumed that the server operators *want* clients to
automagically get distributed over those IPs by means of round-robin
DNS, and would frown upon client admins counteracting that (by entering
IPs into ntp.conf and/or /etc/hosts).

								J. Bern
*NEU* - NEC IT-Infrastruktur-Produkte im <http://www.linworks-shop.de/>:
Server--Storage--Virtualisierung--Management SW--Passion for Performance
Jochen Bern, Systemingenieur --- LINworks GmbH <http://www.LINworks.de/>
Postfach 100121, 64201 Darmstadt | Robert-Koch-Str. 9, 64331 Weiterstadt
PGP (1024D/4096g) FP = D18B 41B1 16C0 11BA 7F8C DCF7 E1D5 FAF4 444E 1C27
Tel. +49 6151 9067-231, Zentr. -0, Fax -299 - Amtsg. Darmstadt HRB 85202
Unternehmenssitz Weiterstadt, Geschäftsführer Metin Dogan, Oliver Michel

More information about the questions mailing list