I'm coming back to this issue because the solution I tried: ntpq> :config restrict 17.253.2.123 ignore ntpq> :config unpeer 17.253.2.123
ultimately doesn't work. The "unpeer" drops the pool peer, but later the pool peer is "rediscovered" despite the "restrict ignore". Apparently the client maintains the association indefinitely. Evidence for this is that "ntpdc -n -c reslist" returns: 17.253.2.123 255.255.255.255 0 ignore 17.253.2.123 255.255.255.255 366 source, noquery, nomodify, notrap, limited, kod The first entry is the "restrict ignore" ACE I entered manually. The second is the "restrict source" ACE that still exists even after the "unpeer". Short of restarting NTP, or adding an entry to my nftables firewall, is there a way to drop the association with the bad peer so it doesn't keep coming back? -- This is questions@lists.ntp.org Subscribe: questions+subscr...@lists.ntp.org Unsubscribe: questions+unsubscr...@lists.ntp.org
