Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: > The ntp.conf file "interface" directive is the better choice. > It may not do a "pattern match" but that shouldn't be that hard to > fix, should a volunteer feel like doing that. Not really knowing what I was doing, I have tried this against the dev tarball. It seems to wo

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Rick Jones writes: > Rick Jones wrote: > > > In particular, I have a situation with a system with a Very Large > > (tm) and dynamic number of interfaces, which I think is causing the > > ntpd to become Quite Unhappy (tm) (perhaps running out of > > filedescriptors - 1024 being the current ulimit

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Rick Jones wrote: > In particular, I have a situation with a system with a Very Large > (tm) and dynamic number of interfaces, which I think is causing the > ntpd to become Quite Unhappy (tm) (perhaps running out of > filedescriptors - 1024 being the current ulimit but that is just a > guess). I

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

mike cook wrote: > I plugged "certificates" into the NTF web sites search box > and got no hits. Is there a policy doc on this? > As a comment to lead OL. We are now in a situation where > we can only trust our enemies. CAcert.org is an Australian >based org IIRC. > They are in the same "Tr

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

On 11/21/2013 8:27 AM, John Hasler wrote: mike cook writes: As a comment to lead OL. We are now in a situation where we can only trust our enemies. CAcert.org is an Australian based org IIRC. They are in the same "Trust" league as the US, UK, CAN, all of whom have proved to be woefully lacking i

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

mike cook writes: > As a comment to lead OL. We are now in a situation where we can only > trust our enemies. CAcert.org is an Australian based org IIRC. They > are in the same "Trust" league as the US, UK, CAN, all of whom have > proved to be woefully lacking in probity. Are you afraid that the N

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

David Woolley writes: > Actually I would expect the name on their root certificates, the > generic "Root CA" to send warning bells to anyone who was security > conscious, but not already familiar with them. Anyone who is really serious about security will accept certificates only in person, by han

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

On 21/11/13 00:54, John Hasler wrote: The CAcert certificate is included by Debian, most other Linux distributions, and by OpenBSD. It is at least as trustworthy as most commercial certificates. That's mainly because Microsoft accepts so many obscure certifiers by default and. However, as I s

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

> > Getting a certificate from an entity that alraedy has them in the > browsers costs money. There was one place that didn't charge, and there > were some other issues (that I don't recall offhand) that prevented us > from converting to them. > > If this is a significant deal to enough folks, t

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

The CAcert certificate is included by Debian, most other Linux distributions, and by OpenBSD. It is at least as trustworthy as most commercial certificates. -- John Hasler jhas...@newsguy.com Dancing Horse Hill Elmwood, WI USA __

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

From: E-Mail Sent to this address will be added to the BlackLists I might have sent this by private mail, but the sender is both stating they will ignore replies and being anonymous. Two comments: 1) I think it's impolite to threaten people with blacklisting by replying to a messag

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

David Woolley writes: > On 20/11/13 03:34, Harlan Stenn wrote: > > > > > We use certificates generated and signed by CAcert.org . Their class 1 > > and class 3 certificates are not included by default in many places yet. > > > > You probably just need to install these certificates: > > > > http

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

On 20/11/13 03:34, Harlan Stenn wrote: We use certificates generated and signed by CAcert.org . Their class 1 and class 3 certificates are not included by default in many places yet. You probably just need to install these certificates: https://www.cacert.org/index.php?id=3 Only after cl

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: > So all of the other information (bonded interfaces, etc.) are handled > locally? Does ntpd listen using the address of the local system or > some other address? Bonded versus not is indeed handled locally, so presumably that the system should be using bond0 versus eth0 is s

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: > Rob writes: >> Harlan Stenn wrote: >> > Rick Jones writes: >> >> Harlan Stenn wrote: >> >> > You might want: >> >> >> >> > interface ignore all >> >> > interface listen 127.0.0.1 # if you want localhost ntpq to work >> >> > interface listen a.b.c.d # enumerate

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Rob writes: > Harlan Stenn wrote: > > Rick Jones writes: > >> Harlan Stenn wrote: > >> > You might want: > >> > >> > interface ignore all > >> > interface listen 127.0.0.1 # if you want localhost ntpq to work > >> > interface listen a.b.c.d # enumerate the IPs you want to use > >>

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: How much info that NTP would care about would come from DHCP? http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol#DHCP_options uwe ___ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/que

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: > Rick Jones writes: >> Harlan Stenn wrote: >> > You might want: >> >> > interface ignore all >> > interface listen 127.0.0.1 # if you want localhost ntpq to work >> > interface listen a.b.c.d # enumerate the IPs you want to use >> >> Thanks. I take it then tha

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: > How much info that NTP would care about would come from DHCP? option 42 ntp-servers ntp.conf.dhcp ? -- E-Mail Sent to this address will be added to the BlackLists. ___ questions mailing list questions@lists.ntp.org http://

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Rick Jones writes: > Thanks. For what it is worth, Firefox (25.0 via Ubuntu) seems to be > displeased with the certificate(s) there. Under "Technical Details" > it gives: > > support.ntp.org uses an invalid security certificate. > The certificate is not trusted because no issuer chain wa

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Danny Mayer writes: > I didn't answer your original question. Try here: > https://support.ntp.org/bin/view/Dev/ListenOn I don't believe listen-on is implemented that way - we're using the "interface" directive instead, and we haven't implemented query-on yet. H ___

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Rick Jones writes: > Harlan Stenn wrote: > > You might want: > > > interface ignore all > > interface listen 127.0.0.1 # if you want localhost ntpq to work > > interface listen a.b.c.d # enumerate the IPs you want to use > > Thanks. I take it then that wildcard charaters in matchin

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Danny Mayer wrote: > > You can specify 14.15.16.0/24 for example to specify an address on a > > particular subnet. Does that help? It might. I'll speak with some of the operations people and ask them. > I didn't answer your original question. Try here: > https://support.ntp.org/bin/view/Dev/List

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

On 11/19/2013 1:50 PM, Danny Mayer wrote: > On 11/19/2013 11:36 AM, Rick Jones wrote: >> Harlan Stenn wrote: >>> You might want: >> >>> interface ignore all >>> interface listen 127.0.0.1 # if you want localhost ntpq to work >>> interface listen a.b.c.d # enumerate the IPs you want to

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

On 11/19/2013 11:36 AM, Rick Jones wrote: > Harlan Stenn wrote: >> You might want: > >> interface ignore all >> interface listen 127.0.0.1 # if you want localhost ntpq to work >> interface listen a.b.c.d # enumerate the IPs you want to use > > Thanks. I take it then that wildcard c

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Harlan Stenn wrote: > You might want: > interface ignore all > interface listen 127.0.0.1 # if you want localhost ntpq to work > interface listen a.b.c.d # enumerate the IPs you want to use Thanks. I take it then that wildcard charaters in matching on interface names aren't a go :)

Re: [ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Rick, You might want: interface ignore all interface listen 127.0.0.1 # if you want localhost ntpq to work interface listen a.b.c.d # enumerate the IPs you want to use H ___ questions mailing list questions@lists.ntp.org http://lists.ntp.o

[ntp:questions] Is there something with greater detail on "interface" besides the manpage?

Is there a resource out there with a description of the "interface" configuration file command, beside the text in the ntp.conf manpage? I started at ntp.org, followed a command index link that took me to http://www.eecis.udel.edu/~mills/ntp/html/miscopt.html#interface but all that says is: interf