freebsd stable - Oct 2015 - bind host service to jail ip?

Hi,

I am moving some hosts from physical to jail environment. I have
dozens of hosts on local lan syncing time with two ntp servers which
also happen to be dns servers. Changing IPs of those hosts would be
major PITA.

If I run openntpd in jail, I get messages such as:

Oct  7 16:05:37 ns1 ntpd[43188]: adjtime failed: Operation not permitted
Oct  7 16:05:37 ns1 ntpd[43188]: ntp_adjtime (3) failed: Operation not permitted

I know jails sync time with host, and are not allowed to adjust time.
However, I'd like to serve ntp clients from these addresses. So my 2
questions are:

- Does openntpd serve (correct) local time from jail even though it
  can't adjust local time?

- If I ran openntpd in host and bound it to jails' ip addresses, would
  clients be able to sync? If so, are there any negative implications
  to this?

Thank you in advance,
-- 
Before enlightenment - chop wood, draw water.
After  enlightenment - chop wood, draw water.

Marko Cupa?
https://www.mimar.rs/

Marko Cupa? wrote on 10/07/2015 16:15:

[...]
> - If I ran openntpd in host and bound it to jails' ip addresses, would
>    clients be able to sync? If so, are there any negative implications
>    to this?
I don't know if somethng has been changed over time, but if you run some 
service in host on IP assigned to jail on port not used in jail, there 
will be no conflict and service will be available to public

e.g: ntpd on host listening on all available IP addresses

# sockstat -4l | grep 123
root     ntpd       1186  20 udp4   *:123                 *:*
root     ntpd       1186  22 udp4   192.168.22.56:123     *:*
root     ntpd       1186  23 udp4   192.168.23.43:123     *:*
root     ntpd       1186  24 udp4   xxx.yyy.zz.27:123     *:*
root     ntpd       1186  25 udp4   xxx.yyy.zz.28:123     *:*
root     ntpd       1186  26 udp4   xxx.yyy.zz.29:123     *:*
root     ntpd       1186  27 udp4   xxx.yyy.zz.30:123     *:*
root     ntpd       1186  28 udp4   xxx.yyy.zz.31:123     *:*
root     ntpd       1186  29 udp4   xxx.yyy.zz.32:123     *:*
root     ntpd       1186  30 udp4   xxx.yyy.zz.33:123     *:*
root     ntpd       1186  31 udp4   xxx.yyy.zz.34:123     *:*
root     ntpd       1186  32 udp4   xxx.yyy.zz.35:123     *:*
root     ntpd       1186  33 udp4   xxx.yyy.zz.119:123    *:*
root     ntpd       1186  36 udp4   127.0.0.1:123         *:*
root     ntpd       1186  38 udp4   10.13.26.1:123        *:*
root     ntpd       1186  39 udp4   10.13.25.1:123

There are 7 jails, each with one or more IP addresses. No problem.

Miroslav Lachman