Gushi wrote: > Hey all, I have two servers in two different datacenters using the same > ntp.conf. > > To wit: > > # Prohibit general access to this service. > restrict default ignore > > # Permit all access over the loopback interface. This could > # be tightened as well, but to do so would effect some of > # the administrative functions. > restrict 127.0.0.1 > > server 0.us.pool.ntp.org > server 1.us.pool.ntp.org > server 2.us.pool.ntp.org > > driftfile /etc/ntp/drift > > The problem is, that the servers keep drifting apart from each other, > to the degree that DNS TSIG transactions break down. Is there anything > obvious to try to fix this? Usually when this happens, killing ntpd > and then running ntpdate will fix it. > > -Dan >
Lose the restrict statements! Unless things have changed really recently, you need to supply an actual numeric IP address in each restrict statement which you cannot do for a pool server. Restrict default ignore told your server to ignore the whole world and you didn't and can't tell it to allow the pool servers!!!!! _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
