> It makes no difference. These settings are about ARP (L2->L3,translation) and multiple interfaces in the > same network. So strange. I thought that it is for multiple interfaces ...
> That would make more sense for security. However, it's not a simple thing > to implement as peer associations use the server sockets too, so there > would need to be some code selecting the right socket. Maybe it is worth looking at NTP sources for aspects of the topic. It supports multiple bindings as I know. > My recommendation is to run multiple instances of chronyd, each bound > to a different interface. I will try to use it but as a temporarily solutiononly if I am able to launch it. I believe you will be able to implement correctly the functionality. And will wait for the version to test it. вт, 5 сент. 2023 г. в 15:57, Miroslav Lichvar <mlich...@redhat.com>: > On Tue, Sep 05, 2023 at 03:44:35PM +0300, CpServiceSPb wrote: > > Due to Weak ES mode in Linux OSes, please remake a test but change a > little > > bit test conditions: > > When aiming for Strong ES Model in Linux, you'll first need these sysctl > > settings: > > net.ipv4.conf.all.arp_filter=1 > > net.ipv4.conf.all.arp_ignore=1 # or even 2 > > net.ipv4.conf.all.arp_announce=2 > > It makes no difference. These settings are about ARP (L2->L3 > translation) and multiple interfaces in the same network. > > > *And I see the only way is to implement not bindaddress but binddevice > > available multiple times for listening and receiving requests to.* > > That would make more sense for security. However, it's not a simple thing > to implement as peer associations use the server sockets too, so there > would need to be some code selecting the right socket. > > My recommendation is to run multiple instances of chronyd, each bound > to a different interface. > > -- > Miroslav Lichvar > > > -- > To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with > "unsubscribe" in the subject. > For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the > subject. > Trouble? Email listmas...@chrony.tuxfamily.org. > >
