On 7/18/19 1:14 PM, Miroslav Lichvar wrote:
On Thu, Jul 18, 2019 at 10:59:04AM +0200, Rob Janssen wrote:
The noserve was added for this purpose. According to the documentation this
should reply with KoD to refused traffic (including time requests due to the
noserve).
However, it just drops the requests and sends no reply.
Anyone knowing how to do it? At first I had an "old" ntpd from the
distributor, but I compiled ntpd 4.2.8p13 from source and it does the same
thing.
IIRC ntpd removed support for responding with KoD DENY to hosts
matching the "noserve" restriction a long time ago. Probably for a
good reason.
If you want to try it anyway, here is a simple IPv6-only server in
python that does that.
Thanks! That appears to work OK.
Unfortunately it appears that ntpd fails (also for IPv4) when it cannot
open the IPv6 socket,
which of course it cannot do when the above program is running, but that
does not matter too
much. This server will be down in 4 weeks time, I now will run this for
at least a couple
of days and then go back to normal operation to see who is still there.
(I expect that the NTP users will be gone and the SNTP users will remain)
It is a pity that those routers do the DNS resolution only once after
power-up, they
really should be re-doing that at least once a day. And of course those
providers like
Deutsche Telekom, Versatel etc really should install their own NTP
servers and
have their routers use that instead of the pool.
But it has been like that for years, and complaining about it has not
changed anything.
Rob
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
