Thank you very much Dennis for your corrections ! Best regards Cyrille.
On 7 nov, 22:02, "Dennis Hilberg, Jr." <[EMAIL PROTECTED]> wrote: > Cyrille37 wrote: > > Hello > > I've just joined the pool with a server running ntpd 4.2.4p4. > > I would like to have done well, so I post here the configuration for > > comments if needed. > > > 1/ ntpd is lauched with option -g > > > 2/ here is ntpd.conf : > > > statsdir /var/log/ntpstats/ > > statistics loopstats peerstats clockstats > > filegen loopstats file loopstats type day enable > > filegen peerstats file peerstats type day enable > > filegen clockstats file clockstats type day enable > > Since you aren't running a clock driver, clockstats won't generate anything. > > > driftfile /etc/ntp.drift > > I've been told it's bad practice to allow ntpd to write to /etc . You > should use /var/lib/ntp.drift or something similar. > > You also don't have a logfile specified. > > > server ntp.via.ecp.fr iburst dynamic > > server ntp.obspm.fr iburst dynamic > > server ntp1.belbone.be iburst dynamic > > server ntp1.kamino.fr iburst dynamic > > server timeserver.ntp.ch iburst dynamic > > server canon.inria.fr > > server ntp.probe-networks.de > > According to the documentation, the dynamic option isn't supported in the > current implementation. You should use iburst on all your servers. > > > restrict -4 default kod notrap nomodify nopeer noquery > > restrict -6 default kod notrap nomodify nopeer noquery > > You don't specify -4 or -6 with restrict. And don't use the 'noquery' > option as that turns off 'ntpq' and 'ntpdc' queries. A lot of operators > like to know information about their clients. Plus, if you set: > > restrict default kod notrap nomodify nopeer noquery > > You won't be able to query your server from the local machine, unless you > specify a restriction for it. > > Set it up like this: > > # Default access restrictions (applies to all clients, local or not) > restrict default kod nopeer nomodify notrap > > # Allow localhost unrestricted access > restrict 127.0.0.1 > > So to summarize, here is a fixed ntp.conf: > > # Default access restrictions (applies to all clients) > restrict default kod nopeer nomodify notrap > > # Allow localhost unrestricted access > restrict 127.0.0.1 > > server ntp.via.ecp.fr iburst > server ntp.obspm.fr iburst > server ntp1.belbone.be iburst > server ntp1.kamino.fr iburst > server timeserver.ntp.ch iburst > server canon.inria.fr iburst > server ntp.probe-networks.de iburst > > driftfile /var/lib/ntp.drift > > logfile /var/log/ntp/ntp.log > > statsdir /var/log/ntp/ > statistics loopstats peerstats clockstats > filegen loopstats file loopstats type day enable > filegen peerstats file peerstats type day enable > > -- > Dennis Hilberg, Jr. timekeeper(at)dennishilberg(dot)com > NTP Server Information: http://saturn.dennishilberg.com/ntp.php _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
