Yo Hal! On Sat, 02 Jun 2018 12:39:39 -0700 Hal Murray via devel <devel@ntpsec.org> wrote:
> Gary said:
> > You may say that can be duplicate in your firewall settings. But
> > maybe you want to run two ntpd ...
>
> I assume firewalls are smart enough to allow different rules for
> different servers.
Yes, but not smart enough to allow two servers, each on the wild card
address, to server different IP ranges.
> "firewall" is potentially ambiguous in this discussion.
Yup. And asking it to split appart wild card servers is asking too much.
> My "different rules" comment was for a box. If you are talking about
> software running on the local system you may need different rules for
> each system.
You got you use cases, I got mine. We need to server them all.
> > Almost, but not quite, sufficient. ntpd still needs a way to bind
> > to some IP addresses and not others.
>
> If you can enumerate the IP Addresses that you want or the ones you
> don't want, then I think the restrict stuff will work. The default
> entry handles the others.
Yes, ntpd needs to be able to bind to specific IPs, then my use cases
are handled. With current restrict functionality.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpNQ1JAoeW9X.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
