Yo Eric!

On Sat, 2 Jun 2018 10:27:05 -0400
"Eric S. Raymond via devel" <devel@ntpsec.org> wrote:

> Hal Murray via devel <devel@ntpsec.org>:
> > One interesting case is the home user.  Roughly, they don't have
> > sysadmins and they only have one interface.  (Laptops might have
> > both WiFi and Ether, but I'll bet somebody turns off WiFi if the
> > Ether gets plugged in.)  
> 
> For them, just defaulting to listen on the wildcard address is OK.
> I think.  Am I missing something?

Yes.  For example, imagine you are serving leap smeared time on yout
ntpd.  You do not want it leaking on the internet.  So instead you lock
your ntpd to serve just your inside interface, and your internal IPs.

The easy way to server your internal IPs is to assign your ntpd to your
internal non-routed local private IPv4 numbers.

You may say that can be duplicate in your firewall settings.  But maybe
you want to run two ntpd, one leap smeared, one normal.  And you want to
put one on one interface/address, and the other on another interface/address.

Both quite common configurations.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
        g...@rellim.com  Tel:+1 541 382 8588

            Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin

Attachment: pgpQvu6byneNa.pgp
Description: OpenPGP digital signature

_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Reply via email to