It seems likely the OP has moved on to other problems, but another solution that should work occurs to me. To control the local IP address used for communication with upstream servers, two NTPD instances could be used on the same host.
One instance would be configured to operate on a non-standard port, say 1123. That instance would be configured to use only the stable IP address. Unfortunately, the reference implementation NTPD does not allow configuring the port it uses. Apparently both crony and openntpd do allow configuring the listening port. So you could hack on the reference implementation source code to build a version that uses the alternate port or use one of the alternative implementations. The second instance would be configured to use all addresses, including the manycast addresses it's sole upstream source would be localhost specifying the alternate port after a colon, e.g. 127.0.0.1:1123. Although I have not tested it, I am pretty sure the reference implementation support specifying the port for its servers. This would of course increase the stratum of public facing instance but it would not noticeably increase its error budget. Cheers, Dave Hart
