Paul wrote: > Harlan Stenn wrote: >> You need 'restrict source ...' to allow pool connections. > > Did you mean that you literally have to have "restrict source ..." to use the > pool directive?
yes. > If so where's that documented? <http://bit.ly/1Ewh9Vh> ... ntp-dev-4.2.7p464/html/accopt.html <doc.ntp.org/dev/accopt.html> <http://www.eecis.udel.edu/~mills/ntp/html/accopt.html> ... <http://lists.ntp.org/pipermail/questions/2010-April/026304.html> <http://lists.ntp.org/pipermail/questions/2010-April/026305.html> <BlockQuote> "restrict source" establishes a prototype restriction automatically added for each association's IP address. Previously using the pool interfered with some locked-down restriction scenarios because the IP addresses of the pool servers used for a given run of ntpd were not predictable, so the default restriction had to be loose enough to allow retrieving time. "restrict source" allows the operator to configure looser restrictions automatically applied to each association address and tighter "restrict default". </BlockQuote> ... <http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ChangeLog-dev> <BlockQuote> "restrict source ..." configures override restrictions for time sources, allows tight default restrictions to be used with the pool directive (where server addresses are not known in advance). </BlockQuote> e.g. ntp-dev-4.2.7p464/ntpd/complete.conf.in ntp-dev-4.2.7p464/ntpd/ntp_restrict.c -- E-Mail Sent to this address <[email protected]> will be added to the BlackLists. _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
