On Wed, Aug 13, 2003 at 06:02:54PM +1000, Perry, David J wrote:
> Is setting up NTP time synchronisation just a matter of entering the
> ntp server name in the etc/ntp.conf file and then starting ntpd?
Yes, but it's a good idea to restict what various hosts can do with
your ntp server, e.g. for a server which synchronises with three remote
servers and provides time service to a local subnet:
# servers
server bras.syd.dsl.connect.net.au
server ntp.syd.connect.com.au
server ntp.connect.com.au
# by default, ignore everyone else
restrict default ignore
# trust servers to provide time, but don't allow them to change our config
# (hostnames don't seem to work in restrict)
# bras.syd.connect.net.au
restrict 210.11.39.126 nomodify
# ntp.syd.connect.com.au
restrict 192.189.54.33 nomodify
# ntp.connect.com.au
restrict 192.189.54.17 nomodify
# allow hosts on local subnet to use this host as a time server
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrust
restrict 192.168.254.0 mask 255.255.255.0 nomodify notrust
# allow localhost to do anything
restrict 192.168.1.1
restrict 127.0.0.1
# drift file
driftfile /etc/ntp/drift
# disable authentication
authenticate no
Cheers,
John
--
whois [EMAIL PROTECTED]
GPG key id: 0xD59C360F
http://kirriwa.net/john/
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
