[ntp:questions] ntp configuration and restrict issue
Steve Kostecke
kostecke at ntp.org
Mon Jun 14 12:08:24 UTC 2010
On 2010-06-14, J. Bakshi <joydeep at infoservices.in> wrote:
> I have already setuo a few ntp servers on suse box. All are running
> well. This time I have set a ntp on debian box ( squeeze) and ntp
> version is 1:4.2.4p4+dfsg-8
>
> But when debuggibg "ntpq -p" reports
>
> ` ` ` `
> localhost: timed out, nothing received
> ***Request timed out
> ` ` ` `
>
> It only works with
>
> restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
>
> But do I really need it on that machine with local host ? At least it
> was not required before. Could any on give me a clue ?
You are using 'restrict default ignore'; this blocks _all_ NTP packets
globally.
Please take a look at http://support.ntp.org/Support/AccessRestrictions
and see if you really need that default restriction.
> restrict default ignore
You should also have:
restrict 127.0.0.1
> restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
> restrict 0.asia.pool.ntp.org notrap noquery
> restrict 1.asia.pool.ntp.org notrap noquery
You should be using at least 3 remote time servers (4, really) so that
ntpd can detect if one of your time sources becomes a false ticker.
--
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/
More information about the questions
mailing list