Difference between revisions of "Redhat:NTS config"

Latest revision as of 19:38, 28 August 2013

The ntp.conf file is also used to configure a Time server.

The first directive is "driftfile". This defines the file used to monitor errors in the local system clock.

The "restict" directive can help protect the NTP server. By default it works on ipv4, but the -6 flag works on ipv6 networks.

restrict  default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

restrictions
default	refers to default connections from other systems
kod	sends the "kiss of death" to systems that violate access restrictions. Only works with limited flag, otherwise it can be removed in a breach
nomodify	denies attempts to change the server
notrap	denies the control message trap server
nopeer	stops access from other time servers
noquery	ipgnores infomation and configuration requests

When all of these restrictions are combined they will not work for a Time Server.

Specifically a time server has to synchronize with peers. So obviously 'nopeers' should be removed.

To allow other systems to syncronise with your server 'noquery' should be revolved.

@@ Line 17: / Line 17: @@
 restrict -6 default kod nomodify notrap nopeer noquery
 </syntaxhighlight>
+{| class="wikitable"
+|+ restrictions
+|-
+|default || refers to default connections from other systems
+|-
+| kod || sends the "kiss of death" to systems that violate access restrictions. Only works with limited flag, otherwise it can be removed in a breach
+|-
+| nomodify || denies attempts to change the server
+|-
+| notrap || denies the control message trap server
+|-
+| nopeer || stops access from other time servers
+|-
+| noquery || ipgnores infomation and configuration requests
+|-
+|}
@@ Line 26: / Line 44: @@
 To allow other systems to syncronise with your server 'noquery' should be revolved.
-==== restrict server ====