[ntp:questions] kod and limited

Marco Marongiu brontolinux at gmail.com
Fri Nov 20 15:40:24 UTC 2015

Hi all

In the document "ntpd access restrictions" it is recommended to use the
restriction "kod"[1]. However, when used as it is there it makes ntpd

> Nov 20 11:54:00 testnode ntpd[40098]: restrict ::: KOD does nothing without LIMITED.

The documentation agrees[2].

Now I have two options:
1. remove "kod" altogether
2. add "limited"

The defaults for discard seem sensible[3] and adding "limited" shouldn't
result in problems. On the other hand, I am worried that (for example)
local clients using burst/iburst or running ntpdate -q repeatedly for
debugging purposes may be denied the service. Am I just worrying too much?

What option would you recommend?

Thanks in advance

-- bronto


[2] http://doc.ntp.org/4.2.6p5/accopt.html#restrict

[3] http://doc.ntp.org/4.2.6p5/accopt.html#discard

More information about the questions mailing list