Differences

This shows you the differences between two versions of the page.

--- requeriments [2015/09/11 03:10]
cbustillo [Configure NTP]
+++ requeriments [2015/09/11 03:15]
cbustillo [Configure NTP]
@@ Line 350: / Line 350: @@
  # Local clock
  server 127.127.1.0
- fudge 127.127.1.0  stratum 12
+ fudge 127.127.1.0  stratum 8
  # For signed NTP
@@ Line 364: / Line 364: @@
 # Default restriction: Only allow querying time (incl. ms-sntp) from this machine
 restrict default kod nomodify notrap nopeer mssntp</code>
+A suitable configuration for ntp.conf maybe:
+<code>
+# Local clock (Note: This is not the localhost address!)
+server 127.127.1.0
+fudge  127.127.1.0 stratum 10
+# The source, where we are receiving the time from
+server 0.pool.ntp.org     iburst prefer
+driftfile       /var/lib/ntp/ntp.drift
+logfile         /var/log/ntp
+ntpsigndsocket  /usr/local/samba/var/lib/ntp_signd/
+# Access control
+# Default restriction: Only allow querying time (incl. ms-sntp) from this machine
+restrict default kod nomodify notrap nopeer mssntp
+# Allow everything from localhost
+restrict 127.0.0.1
+# Allow that our time source can only provide time and do nothing else
+restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer noquery
+</code>
 Finally check that the socket permissions are set correct. It must be readable by the account your ntpd uses and should not be accessable by other:

ICT Network Project