Bob wrote: > > It's happened again. I disabled auth last night after my previous post, and > let it run overnight with Wireshark capturing I've now got two IP addresses > listed as peers that I did not add. They are listed as "sym_passive". I see
Seems more likely that you've just got W32Time clients. Using peer mode by default is one of the known misfeatures. Of course, disabling authentication may defeat the normal countermeasures for such clients (treating them as though they had you configured as a server, rather than peer). The associations don't represent configuration in the normal sense; they are not the result of management actions, but simply the result of using peer type time exchanges; even then, they do represent a risk to the time integrity. Incidentally, you appear to have a local clock configured at an inappropriate stratum. The only time it is appropriate to configure it at 5 is when your clock is being disciplined, but not by NTP (it's never appropriate to configure one for a pure client). The fact that you have other servers configured is a contraindication for the presumption that you are being disciplined by non-NTP means. _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
