On Sat, Mar 26, 2011 at 10:36 AM, "Rob" <ineedtor...@rfcs.example.com> wrote: > Florin Andrei <flo...@andrei.myip.org> wrote: >> ########################################################### >> server 0.us.pool.ntp.org >> server 1.us.pool.ntp.org >> server 2.us.pool.ntp.org >> server 3.us.pool.ntp.org >> >> restrict 0.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery >> restrict 1.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery >> restrict 2.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery >> restrict 3.us.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery > > This does not work! > The names like 0.us.pool.ntp.org return multiple IP adresses and > the "server" and "restrict" lines will not match.
"Rob" is correct with respect to older ntpd. See ChangeLog or other public sources for the timeline, but newer ntpd behaves differently, and will add a restriction for each of the IP addresses a name resolves to, where older ntpd added only one. I predict with such ntpd the above works fine, but it's far from what I'd recommend. As unruh explained, with recent-enough ntpd the low-maintenance way to achieve the same result is to replace the four restrict lines with a single "restrict source", which defines a prototype restriction automatically applied to servers the client is using, particularly handy with the 4.2.7 rework of the "pool" alternative to "server", which can drop and add servers automatically as conditions change. You probably want iburst on each of those server lines, to sync the clock in under 15 seconds instead of a few minutes. _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
