On 2007-09-30, Rob <[EMAIL PROTECTED]> wrote:
> ... my Linux box gets a Kiss of Death (kod) packet (".INIT.") when trying
> to connect or sync to time.nrc.ca. (I can connect and sync to
> time.chu.nrc.ca).
> Here is my /etc/ntp.conf file:
The comment lines have been elided ...
> [EMAIL PROTECTED] ~]$ cat /etc/ntp.conf
>
> server time.nrc.ca iburst
> server time.chu.nrc.ca iburst
> server ntp2.cmc.ec.gc.ca iburst
>
> driftfile /var/lib/ntp/ntp.drift
>
> restrict default ignore
> restrict 127.0.0.1
> restrict time.nrc.ca nomodify noquery nopeer
That restrict line is your problem because time.nrc.ca resolves to
multiple IP addresses. Replace that line with the following two lines:
restrict 132.246.168.148 nomodify noquery nopeer
restrict 132.246.168.164 nomodify noquery nopeer
You will need to restart ntpd.
> restrict time.chu.nrc.ca nomodify noquery nopeer
> restrict ntp2.cmc.ec.gc.ca nomodify noquery nopeer
>
> logfile /var/log/ntp.log
If you have not done so already please take a look at
http://support.ntp.org/Support/AccessRestrictions. Depending on your
network architecture you may be able to greatly simply your access
restrictions.
Finally, it is not necessary to segregate the server and restrict lines.
I find it easier to manage servers and restrictions when the restrict
lines are listed below the matching server lines. Especially when a
server hostname resolves to multiple IP addresses. In your case it would
look like:
server time.nrc.ca iburst
restrict 132.246.168.148 nomodify noquery nopeer
restrict 132.246.168.164 nomodify noquery nopeer
server time.chu.nrc.ca iburst
restrict time.chu.nrc.ca nomodify noquery nopeer
server ntp2.cmc.ec.gc.ca iburst
restrict ntp2.cmc.ec.gc.ca nomodify noquery nopeer
--
Steve Kostecke <[EMAIL PROTECTED]>
NTP Public Services Project - http://support.ntp.org/
_______________________________________________
questions mailing list
[email protected]
https://lists.ntp.org/mailman/listinfo/questions
