Luc Pardon wrote: > Hmmm, yes. And further down it says: > > You may use either a hostname or IP address on the server line. > You must use an IP address on the restrict line. > > This must be a mistake in that page. See the official docs at: >
Yes, that is a mistake. However, due to the current implementation you need to be careful if the name has more than one A or AAAA record, particularly if it has both since the restrict line can pick up a different IP address than the one used on the server line. > http://www.eecis.udel.edu/~mills/ntp/html/accopt.html > > where it says: > > restrict address [mask mask] [flag][...] > The address argument expressed in dotted-quad form is > the address of a host or network. Alternatively, the > address argument can be a valid host DNS name. > > If you couldn't use hostnames, it would render access restrictions > rather useless. Many public servers ask that you use DNS names rather > than IP addresses. It doesn't seem to make sense to query them using the > hostname and "restrict" (allow the replies in) using a (volatile) IP. > > Furthermore, hostnames work just fine, the replies are accepted. Have > been for at least five years or so. > No, you are correct. > That doesn't mean I'm not willing to change it if that helps diagnose > the problem. > It's unrelated. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
