Hello, The handbook seem to give wrong information about ntp and the manual page of ntp.conf is ?old? maybe? The notrust option obviously changed between v4.1 and v4.2... http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ntp.html Can an ntpd guru have a look into that? Thanks, Evren
Quoth Evren Yurtesen on Tue, Nov 23, 2004 at 16:08:21 -0800> The handbook seem to give wrong information about ntp and the manual > page of ntp.conf is ?old? maybe? > > The notrust option obviously changed between v4.1 and v4.2... > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ntp.html > > Can an ntpd guru have a look into that?My set up is as follows and it works fine on 4.10 and 5.3... # cat /etc/ntp.conf driftfile /var/db/ntp.drift server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org # grep ntp /etc/rc.conf ntpd_enable="YES" ntpdate_flags="-b 0.pool.ntp.org" But make sure your clocks are in sink at the start by using date. -- yann@kierun.org -=*=- www.kierun.org PGP: 009D 7287 C4A7 FD4F 1680 06E4 F751 7006 9DE2 6318 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20041123/782e723b/attachment.bin
Yann Golanski wrote:> Quoth Evren Yurtesen on Tue, Nov 23, 2004 at 16:08:21 -0800 > >>The handbook seem to give wrong information about ntp and the manual >>page of ntp.conf is ?old? maybe? >> >>The notrust option obviously changed between v4.1 and v4.2... >>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ntp.html >> >>Can an ntpd guru have a look into that? > > > My set up is as follows and it works fine on 4.10 and 5.3... > > # cat /etc/ntp.conf > driftfile /var/db/ntp.drift > > server 0.pool.ntp.org > server 1.pool.ntp.org > server 2.pool.ntp.org > > # grep ntp /etc/rc.conf > ntpd_enable="YES" > ntpdate_flags="-b 0.pool.ntp.org" > > But make sure your clocks are in sink at the start by using date. >The problem in the manual is different. You do not have any access control in your server, your server is worldwide open to other people changing your runtime configuration etc. (as it seems from your conf file) From ntp handbook page! ---- If you only want to allow machines within your own network to synchronize their clocks with your server, but ensure they are not allowed to configure the server or used as peers to synchronize against, add restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap ---- But if you use notrust in this line no clients are able to connect. I am not sure why. That is why I asked about an ntpd pro having a look. Thanks, Evren
On Tue, Nov 23, 2004 at 04:08:21PM -0800, Evren Yurtesen wrote:> > The handbook seem to give wrong information about ntp and the manual > page of ntp.conf is ?old? maybe? > > The notrust option obviously changed between v4.1 and v4.2... > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ntp.htmlThanks for reporting this. I wrote this part of the Handbook and I'm about to commit a change to reflect this that should show up on the Web site in the next day or so. For more details, see: http://ntp.isc.org/bin/view/Support/ConfRestrict http://www.eecis.udel.edu/~mills/ntp/html/accopt.html Tom
Yann Golanski wrote:> Quoth Evren Yurtesen on Tue, Nov 23, 2004 at 16:08:21 -0800 > >>The handbook seem to give wrong information about ntp and the manual >>page of ntp.conf is ?old? maybe? >> >>The notrust option obviously changed between v4.1 and v4.2... >>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ntp.html >> >>Can an ntpd guru have a look into that? > > > My set up is as follows and it works fine on 4.10 and 5.3... > > # cat /etc/ntp.conf > driftfile /var/db/ntp.drift > > server 0.pool.ntp.org > server 1.pool.ntp.org > server 2.pool.ntp.org > > # grep ntp /etc/rc.conf > ntpd_enable="YES" > ntpdate_flags="-b 0.pool.ntp.org" > > But make sure your clocks are in sink at the start by using date.or add "-g" with the ntpdate_flags, to forcefully adjust time at the very beginning. R.