[ntp:questions] ntpd not talking to servers? (was Re: SIGINFO for Portable OpenNTP on Linux)

Steve Kostecke kostecke at ntp.org
Fri Sep 4 16:02:20 UTC 2009


On 2009-09-04, RedGrittyBrick <RedGrittyBrick at spamweary.invalid> wrote:

> # grep "^[^#]" /etc/ntp.conf
> restrict default ignore
> restrict 127.0.0.1
> server 0.uk.pool.ntp.org
> server 1.uk.pool.ntp.org
> server 2.uk.pool.ntp.org
> server 3.uk.pool.ntp.org

The 'restrict default ignore' line is your problem. It tells ntpd to
ignore _all_ NTP packets from _anywhere_.

When 'restrict default ignore' is used one must explicitly allow
packets from authorized addresses (which can be servers or clients).
Unfortunately, this won't work with the pool or any other host name
which can resolve to multiple IP addresses.

A more sensible set of restriction lines is:

restrict default nomodify nopeer notrap noquery
restrict 127.0.0.1

More information about restrictions is available at
http://support.ntp.org/Support/AccessRestrctions.

> driftfile /etc/ntp/drift

These lines aren't  doing anything useful:

> broadcastdelay  0.008
> authenticate yes
> keys            /etc/ntp/keys


-- 
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/




More information about the questions mailing list