[ntp:questions] binding ntpd to a specific interface does not work.
sprizes at gmail.com
sprizes at gmail.com
Mon Sep 10 13:47:46 UTC 2007
I have a multi-homed gentoo host that needs to run ntpd in client only
mode. For security reasons I need to run this so it will only bind to
a specific interface. I am trying the -I option for ntpd but it doesnt
seem to work. Can someone shed some light into this. I am pasting some
info below for your review. Let me know if I can provide more info.
# ntpd -v v
ntpd 4.2.4p0 at 1.1472
# cat /etc/ntp.conf
server 106.200.17.8 iburst
logfile /var/log/ntpd.log
driftfile /var/lib/misc/ntp.drift
restrict 106.200.17.8
restrict default ignore nomodify
# (This is the command I am running to launch ntpd)
# /usr/sbin/ntpd -I eth1 -g -x -c /etc/ntp.conf
# (this causes the following to be logged)
Sep 10 09:27:30 testntp64 ntpd[8721]: ntpd 4.2.4p0 at 1.1472 Fri Aug 17
11:01:18 UTC 2007 (1)
Sep 10 09:27:30 testntp64 ntpd[8722]: precision = 1.000 usec
Sep 10 09:27:30 testntp64 ntpd[8722]: Listening on interface #0
wildcard, 0.0.0.0#123 Disabled
Sep 10 09:27:30 testntp64 ntpd[8722]: Listening on interface #1 lo,
127.0.0.1#123 Enabled
Sep 10 09:27:30 testntp64 ntpd[8722]: Listening on interface #2
eth0:1, 192.168.70.15#123 Enabled
Sep 10 09:27:30 testntp64 ntpd[8722]: Listening on interface #3
eth0:2, 192.168.70.16#123 Enabled
Sep 10 09:27:30 testntp64 ntpd[8722]: Listening on interface #4 eth1,
172.48.56.209#123 Enabled
Sep 10 09:27:30 testntp64 ntpd[8722]: kernel time sync status 0040
*****************
How come its listening on all those interfaces when I am only specifying eth1?
What's even more strange is the output from netstat -an changes from
immediately after the restart and about 10 minutes later.
*****************
# (immediately after): netstat -an | grep 123
udp 0 0 172.48.56.209:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
# (10 minutes later): netstat -an | grep 123
udp 0 0 192.168.70.16:123 0.0.0.0:*
udp 0 0 192.168.70.15:123 0.0.0.0:*
udp 0 0 172.48.56.209:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
Here's some more info about my setup
# uname -a
Linux testntp64 2.6.20-gentoo-r8 #1 SMP Wed Aug 1 00:31:13 EDT 2007
x86_64 Intel(R) Xeon(TM) CPU 3.80GHz GenuineIntel GNU/Linux
# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:E0:81:48:64:E8
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:169655 errors:0 dropped:0 overruns:0 frame:0
TX packets:2089 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10928206 (10.4 Mb) TX bytes:766572 (748.6 Kb)
Base address:0x2000 Memory:dd100000-dd120000
eth0:1 Link encap:Ethernet HWaddr 00:E0:81:48:64:E8
inet addr:192.168.70.15 Bcast:192.168.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8755053 errors:0 dropped:0 overruns:0 frame:0
TX packets:3740320 errors:1196896 dropped:0 overruns:0 carrier:1196896
collisions:1298926 txqueuelen:1000
RX bytes:729863637 (696.0 Mb) TX bytes:4197601897 (4003.1 Mb)
Base address:0x2000 Memory:dd100000-dd120000
eth0:2 Link encap:Ethernet HWaddr 00:E0:81:48:64:E8
inet addr:192.168.70.16 Bcast:192.168.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8755053 errors:0 dropped:0 overruns:0 frame:0
TX packets:3740320 errors:1196896 dropped:0 overruns:0 carrier:1196896
collisions:1298926 txqueuelen:1000
RX bytes:729863637 (696.0 Mb) TX bytes:4197601897 (4003.1 Mb)
Base address:0x2000 Memory:dd100000-dd120000
eth1 Link encap:Ethernet HWaddr 00:E0:81:48:64:E9
inet addr:172.48.56.209 Bcast:172.48.56.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8755053 errors:0 dropped:0 overruns:0 frame:0
TX packets:3740320 errors:1196896 dropped:0 overruns:0 carrier:1196896
collisions:1298926 txqueuelen:100
RX bytes:729863637 (696.0 Mb) TX bytes:4197601897 (4003.1 Mb)
Base address:0x2040 Memory:dd120000-dd140000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:418 errors:0 dropped:0 overruns:0 frame:0
TX packets:418 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:43944 (42.9 Kb) TX bytes:43944 (42.9 Kb)
More information about the questions
mailing list