-----Original Message----- From: "<Lawrence K. Chen>", "P.Eng." <lkc...@ksu.edu> Date: Wednesday, September 18, 2013 10:08 AM To: bind-users <bind-users@lists.isc.org> Subject: filter-aaaa-on-v4
>I finally turned this feature on when I built bind-9.9.3-P2 > >Had only gotten the occasional user complaints that some browser/client >tries to connect to IPv6 and fails. Because our IT Security group >doesn't allow IPv6 and is/was blocking tunneling protocols on campus. > >As a side effect, my NTP servers are happier....since all #.pool.ntp.org >(where # is 0-3) now resolve to usable addresses. > >Why 4? If you only have one NTP server, you know what the time is, but >you don't know if it is correct. If you have two servers, you won't know >what time it is. With 3, you can have a pretty good idea of the correct >time, until one breaks. So, 4 gives you a good idea of what the correct >time is, even if one breaks. Though I had seen another article >suggesting the sets of 3's (3,6,9,12....) > >Only 0-3 are defined with the pools, so that's what I go with. Problem >is that they have been putting all the IPv6 NTP servers in pool 2, along >with some IPv4 ones. And, most of the time when I start ntpd, it picks >an IPv6 one from 2. > >Had a server where one of the others was intermittent, so it was going >between 2 or 3 servers (and, of course, I put my NTP servers in >Nagios...so I get alerted when this happens....which had been fine for >months, until the system got rebooted for OS updates.... > >Just restarted it again, and saw it found 4 servers... wish I had thought >of this sooner. Wonder if I should do this at home? Guessing its not >enabled in the system bind, so I'll have to switch to using ports. FWIW, you could also add -4 to ntpd args or use -4 prefix in ntpd.conf. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
