Restrict accepts also hostname ?! - NTP

This is a discussion on Restrict accepts also hostname ?! - NTP ; I tried to add into my ntp.conf this line: restrict ntp1.inrim.it nomodify noquery notrap nopeer likes to work ! I found into this group that "restrict" requires only ipaddress but also with hostname I had no problems. I'm using fedora ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Restrict accepts also hostname ?!

  1. Restrict accepts also hostname ?!

    I tried to add into my ntp.conf this line:

    restrict ntp1.inrim.it nomodify noquery notrap nopeer

    likes to work !
    I found into this group that "restrict" requires only ipaddress but
    also with hostname I had no problems. I'm using fedora Core 4 and I
    installed ntp-4.2.0.a.20050816-0.FC4


  2. Re: Restrict accepts also hostname ?!

    On 2007-03-14, RICCARDO wrote:

    > restrict ntp1.inrim.it nomodify noquery notrap nopeer
    >
    > [works]
    >
    > I found into this group that "restrict" requires only ipaddress but
    > also with hostname I had no problems.


    You _can_ use a host-name on a restrict line only _if_ that host-name
    resolves to _one_ IP address.

    You _can_ _not_ use a host-name that resolves to _multiple_ IP addresses
    on a restrict line.

    This is because the restrict line uses only the first IP address that is
    returned.

    This obviously rules out the use of pool.ntp.org host-names in restrict
    lines.

    --
    Steve Kostecke
    NTP Public Services Project - http://ntp.isc.org/

  3. ***SPAM*** Re: Restrict accepts also hostname ?!

    RICCARDO wrote:
    > I tried to add into my ntp.conf this line:
    >
    > restrict ntp1.inrim.it nomodify noquery notrap nopeer
    >
    > likes to work !
    > I found into this group that "restrict" requires only ipaddress but
    > also with hostname I had no problems. I'm using fedora Core 4 and I
    > installed ntp-4.2.0.a.20050816-0.FC4


    You can currently only rely on restrict matching the server address if
    the DNS only has one A or AAAA IP address but not both. I regard this as
    a bug, but currently the code does not remember the name in order to
    accomplish the matching between the server line and the restrict line.

    Danny
    _______________________________________________
    questions mailing list
    questions@lists.ntp.isc.org
    https://lists.ntp.isc.org/mailman/listinfo/questions


  4. Re: Restrict accepts also hostname ?!

    >You _can_ use a host-name on a restrict line only _if_ that host-name
    >resolves to _one_ IP address.


    Here's a possibly crazy suggestion...

    Suppose that ntpd remembered the results of any DNS lookups. The
    server line would load the cache and the restrict line would
    use the same answer.

    I see lots of variations on the details.

    --
    These are my opinions, not necessarily my employer's. I hate spam.


  5. ***SPAM*** Re: Restrict accepts also hostname ?!

    Hal Murray wrote:
    >> You _can_ use a host-name on a restrict line only _if_ that host-name
    >> resolves to _one_ IP address.

    >
    > Here's a possibly crazy suggestion...
    >
    > Suppose that ntpd remembered the results of any DNS lookups. The
    > server line would load the cache and the restrict line would
    > use the same answer.
    >
    > I see lots of variations on the details.
    >


    It should. It's one of the items on my list to fix. It's also
    complicated by the fact that we SHOULD be remembering ALL of the IP
    addresses returned by the lookup and not just the first one.

    Danny
    _______________________________________________
    questions mailing list
    questions@lists.ntp.isc.org
    https://lists.ntp.isc.org/mailman/listinfo/questions


+ Reply to Thread