Rob writes: > Rob <[email protected]> wrote: > > Harlan Stenn <[email protected]> wrote: > >> Rob writes: > >>> I compiled ntp-dev 4.2.7p448 on the CubieBoard2 (ARM processor) and added > >>> a "pool pool.ntp.org" line to the config. It does not work. Output > >>> of ntpq -pn is: > >>> > >>> pool.ntp.org .POOL. 16 p - 64 0 0.000 0.000 > 0.00 > >>> 2 > >>> > >>> When I change "pool" to "server" it works OK, but of course it is hardwir > ed > >>> to a single server selected at boottime. > >>> > >>> Is there any known problem with this? > >> > >> Not that I'm aware of. I do similar things at a few sites and it works > >> for me. > >> > >> Do you have "restrict" lines in your ntp.conf file? > > > > Yes I have the now default "restrict" lines, to remedy the DDOS problem. > > There are no specific restrict lines for my other servers. > > Do I need a specific one for the pool directive? > > For completeness: > > restrict -4 default kod notrap nomodify nopeer noquery > restrict -6 default kod notrap nomodify nopeer noquery
See http://doc.ntp.org/4.2.6p5/accopt.html (there is similar documentation for other versions of NTP). KOD does nothing without 'limited'. And reading the docs about this and thinking about more bug reports I recall seeing I want to dig in to this deeper. Regardless, this will not affect pool servers. notrap prohibits mode 6 trap service - will not affect pool servers. nomodify prohibits others from modifying your server config - will not affect pool servers. nopeer denys unauthenticated packets that would mobilize an association. This *should* not be an issue, but I have a recollection of a bug report... noquery prohibits ntpq/ntpdc queries - will not affect pool servers. So try adding: restrict source notrap nomodify noquery and see if that helps. > restrict 127.0.0.1 > restrict ::1 Good, this means that any DNS resolution responses from the local lookups of pool servers will be seen. H _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
