On 03/03/2008, at 7:58 PM, UNIX admin wrote:
>> Sorry I don't have time to look at this for longer
>> right now, but IIRC
>> in ntp4 by default {broad,multi}casts are not trusted
>
> Does this also apply to NTP V3?
>
>> (any idiot on
>> the net could start broadcasting anything) so you
>> need to either
>> 1. set up keys that are used to broadcast at the
>> server end and
>> trusted at the client end
>> or
>> 2. use "disable auth" to trust anything that is
>> broadcast.
>
> True, however, if I understand correctly, broadcasts and multicasts
> are normally blocked per default by any networking equipment, on
> edge gateways and routers, which would make it a moot point.
Assuming you trust all the machines on the local subnet..
I guess it's worth checking (with snoop) that your client is actually
seeing the multicasts
