> Uh, no. You can get easily get the FQDN from the IP.
That adds DNS to the security chain. Doesn't sound good to me. It might work
if you are using DNSSEC. Complicated.
> Also, since there is no way to specify IPv4 or IPv6, the only way I can make
> this work is by IP.
> You need to add a option to force IPv4 or IPv6.
There is a -4 and -6 option to the server command. I don't think I check that
yet. Should be easy to fix, but it will have to wait until late tonight.
If you want a quick hack fix, in ntpd/nts_client.c, change the
hints.ai_family = AF_UNSPEC;
to
hints.ai_family = AF_INET; or AF_INET6
That will get all of the NTS-KE connections on that system.
> So how about you try to connect to one of them?
remote refid st t when poll reach delay offset jitter
===============================================================================
-kong.rellim.com 204.17.205.17 2 8 11 64 373 55.0190 1.1430 3.7460
-spidey.rellim.c 204.17.205.17 2 8 18 64 373 55.2070 1.0170 1.2171
-glypnod4 192.168.1.33 2 8 9 64 377 0.3929 -0.0821 0.0187
-shuksan .PPS. 1 u 3 64 377 0.2266 0.0779 0.0478
+mon 192.168.1.33 2 u 12 64 377 0.3805 0.0496 0.0622
-tom .PPS. 1 u 8 64 377 0.4343 0.0137 0.0473
...
Looks good from here. Note the 8 in the t column.
--
These are my opinions. I hate spam.
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
