[ntp:questions] ntp configuration and restrict issue

Steve Kostecke kostecke at ntp.org
Mon Jun 14 12:08:24 UTC 2010


On 2010-06-14, J. Bakshi <joydeep at infoservices.in> wrote:

> I have already setuo a few ntp servers on suse box. All are running
> well. This time I have set a ntp on debian box ( squeeze) and ntp
> version is  1:4.2.4p4+dfsg-8
>
> But when debuggibg "ntpq -p" reports
>
> ` ` ` `
> localhost: timed out, nothing received
> ***Request timed out
> ` ` ` `
>
> It only works with 
>
> restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
>
> But do I really need it on that machine with local host ? At least it
> was not required before. Could any on give me a clue ?

You are using 'restrict default ignore'; this blocks _all_ NTP packets
globally.

Please take a look at http://support.ntp.org/Support/AccessRestrictions
and see if you really need that default restriction.

> restrict default ignore

You should also have:

restrict 127.0.0.1

> restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
> restrict 0.asia.pool.ntp.org  notrap noquery
> restrict 1.asia.pool.ntp.org  notrap noquery

You should be using at least 3 remote time servers (4, really) so that
ntpd can detect if one of your time sources becomes a false ticker.

-- 
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/




More information about the questions mailing list