Eric M. Hopper wrote: >> What is the format for the ntp.conf "restrict" lines for ipv6 >> addresses? I couldn't find it in the http "man" pages and these two >> guesses both got gripes syslog-ed. >> >> restrict 2001:05a8:0004:07d0::/48 >> restrict 2001:05a8:0004:07d0:: mask >> fffff:fffff:fffff:ffff0:0000:0000:0000:0000 > > Here is what does work, and this is based on a very light reading of the > source: > > restrict -6 2001:05a8:0004:07d0:: mask fffff:fffff:fffff:ffff:: > > Your line may also have worked, but the -6 is safer. I'm not positive > that the address family information is propagated properly in all cases > if it's discovered by parsing the main address rather then set > explicitly with -6. > > Even though it's what works, the mask is a really bad way to do this on > IPv6. The /48 syntax is what should be supported and used. In fact, I > think the mask is largely not the right way to do it on IPv4. It > provides a degree of flexibility and control that's both unnecessary and > potentially confusing. > > Have fun (if at all possible), >
You're lucky if any of this works. It's on my list of things to deal with. We would like to support a prefixlen option as that makes a lot more sense but that will need some additional work. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
