[ntp:questions] problems setting up IFF autokey
Vince
jhary at unsane.co.uk
Wed May 2 15:39:43 UTC 2007
Hi all,
I'm trying to get autokey broadcast working using IFF. I've gone
through the guide at
http://ntp.isc.org/bin/view/Support/ConfiguringAutokey but as yet havent
had any joy. This being the case i thought I would go back to unicast
to test IFF autokey.
My current configs are:
server:
---------------cut------------------------
restrict default nomodify notrap noquery
restrict 127.0.0.1
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
crypto pw SECUREPASS
keysdir /etc/ntp
restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap
---------------cut------------------------
Client:
---------------cut------------------------
keysdir /etc/ntp
crypto pw GROUPPASS
driftfile /var/db/ntpd.drift
server 192.168.10.222 autokey
statsdir /etc/ntp/stats/
statistics cryptostats
---------------cut------------------------
I have the hostkeys and IFF keys created as per the instructions.
After about 5 minute i get
[/etc/ntp](16:19:44)
{root at prawn}#ntpq -p
remote refid st t when poll reach delay offset
jitter
==============================================================================
paste.lon.names 193.225.218.44 3 u 53 64 3 0.354 205748.
0.003
however after about a minute this changes to
[/etc/ntp](16:20:24)
{root at prawn}#ntpq -c pe
remote refid st t when poll reach delay offset
jitter
==============================================================================
paste.lon.names .AUTH. 16 u 57 64 0 0.000 0.000
4000.00
[/etc/ntp](16:21:03)
{root at prawn}#ntpq -c as
ind assID status conf reach auth condition last_event cnt
===========================================================
1 60228 f054 yes yes ok reject reachable 5
and it continues like this never giving me a condition of sys.peer,
sometimes with auth ok sometimes with auth bad.
Any suggestions how i can take this further?
If its of any help, the OS of the server is Centos 4.4 while the client
is FreeBSD 7-CURRENT, the ntpd versions are 4.2.0a at 1.1190-r (server) and
4.2.0-a (client)
Thanks,
Vince
More information about the questions
mailing list