Major Clock Drift
Josh Pollak
pardsbane at offthehill.org
Mon Aug 30 08:48:18 EDT 2004
Thanks, I'll use this. I would still like to know what's up with my
clock though. This much drift is not normal.
On Aug 26, 2004, at 8:08 PM, Timothy M. Lyons wrote:
> The following is a fairly benign ntpd.conf config which will restrict
> all access then allow limited
> access from your timeservers.
>
> Replace the timeservers below with whatever you Use (you can use IP or
> name).
>
> --Tim
>
> ----- Original Message ----- >
>> I think ntp.conf can include directives to make the server daemon
>> (ntpd) ignore requests from other machines, so it is possible to run
>> it and be confident about its safety.
>
> # Prohibit general access to this service.
> restrict default ignore
>
> # Permit all access over the loopback interface. This could
> # be tightened as well, but to do so would effect some of
> # the administrative functions.
> restrict 127.0.0.1
>
> # --- OUR TIMESERVERS ----- # or remove the default restrict line
> # Permit time synchronization with our time source, but do not
> # permit the source to query or modify the service on this system.
>
> #FORMAT
> # restrict mytrustedtimeserverip mask 255.255.255.255 nomodify notrap
> noquery
> # server mytrustedtimeserverip
>
> restrict 18.145.0.30 mask 255.255.255.255 nomodify notrap noquery
> restrict 132.163.4.100 mask 255.255.255.255 nomodify notrap noquery
> restrict 192.5.41.41 mask 255.255.255.255 nomodify notrap noquery
> restrict 192.5.41.40 mask 255.255.255.255 nomodify notrap noquery
>
> server 192.5.41.41
> server 192.5.41.40
> server 192.43.244.18
> server 18.145.0.30
>
> #
> # Drift file. Put this in a directory which the daemon can write to.
> # No symbolic links allowed, either, since the daemon updates the file
> # by creating a temporary in the same directory and then rename()'ing
> # it to the file.
> #
> driftfile /var/lib/ntp/drift
> broadcastdelay 0.008
>
>
>
More information about the Discuss
mailing list