RHEL4 and ntpd

Bohmer, Andre ten Andre.tenBohmer at wur.nl
Thu Apr 13 08:56:19 UTC 2006


Hi, 

> Ok, I have a crazy problem here.  I have a server here which, among
> other things, is going to be an ntpd service for all the machines
> in its network.  I have a similar setup in another network 
> running RHEL
> 3.  That all works fine, but what Im finding with RHEL4 is
> if I have the line in the ntp.conf file that goes : 
> 
> restrict 192.168.0.0 mask 255.255.255.0 notrust nomodify notrap
> 
> 
> Nothing in the network can get nameservice, and debug shows me that in
> fact the ntpd packets are being ignored by the server.
> (ntpdate -d -d <server>)
> 
> If I change the line to  :
> 
> restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
> 
> My servers (all running some form of redhat) sync fine.  Is there a
> reason why notrust doesn't seem to work? 
> Did I miss press release?  Just curious if anyone has any ideas about
> this.
A nice resource I stumbled up on when configuring our ntp servers : http://ntp.isc.org/bin/view/Support/TroubleshootingNTP

<quote>
The behavior of NOTRUST changed between versions 4.1 and 4.2. 

In 4.1 (and earlier) NOTRUST meant "Don't trust this host/subnet for time". 

In 4.2 (and later) NOTRUST means "Ignore all NTP packets that are not cryptographically authenticated." This forces remote time servers to authenicate themselves to your (client) ntpd. See ConfiguringAutokey for information about configuring NTP Authentication.
<end quote>

You indeed missed a "press release" ;-) 

Cheers,
André

> Wayner
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 




More information about the redhat-list mailing list