[ntp:questions] Use ntpd as a daemon so that it continuously disciplines clock, no

RICCARDO ric.castellani at alice.it
Sat Jan 15 10:42:23 UTC 2011


On 14 Gen, 22:24, Steve Kostecke <koste... at ntp.org> wrote:
> "ric.castell... at alice.it" said:
>
> > I want to use ntpd as a daemon on client to synchronize to my NTP
> > server of company lan.
> > Can I avoid ntpd service doesn't listen to port 123 on this client ?
> > I'd like using only this service for synchronizing to ntp server, but
> > no listen port !
>
> ntpd has to bind to an interface on your LAN so that it can poll your
> LAN time server.  Recent versions of NTP provide a way for you to
> control which interfaces ntpd will use.
>
> If you don't want your ntpd serving time to others (e.g.  on your LAN)
> then you will need configure the access restrictions to meet your
> requirements (seehttp://support.ntp.org/Support/AccessRestrictionsor
> search for 'restrict' athttp://doc.ntp.org/your.ntp.version).
>
> --
> Steve Kostecke <kostecke.ntp.org>

I used until 6 moths ago 'ntpd -qd' command, which I run twice a day
by crond.
Smoetimes it occurs to see 5-6 'ntpd' processes as this following one
(ps -aux) :
root     23495  0.0  1.2  3068 3060 ?        SL    2010   0:00 /usr/
sbin/ntpd -qg

So I'm going to configure ' ntp daemon' but,
 I'd like knowing what advantages I can take from this service vs
'ntpd -qg' command in crond.

I thought:
1- by 'ntpd -qg' port is opened for necessary time to synchronization,
then port will be closed.
There are few risks to attack this service, while using service 'ntp'
the port 123 is always opened on client.
2- Furthermore running service for all time, you spend more resources
while scheduling task 1-2 a day (ntpd -qg) you could save it.

There are no firewall problems and others problems.

What do you think about my observations ?




More information about the questions mailing list