[clug] Local NTP server?

Daniel Pittman daniel at rimspace.net
Wed Dec 24 00:32:47 GMT 2008

Glen Cunningham <glen at exemail.com.au> writes:
> On Tuesday 23 December 2008 09:28, Chris Smart wrote:
> <snip>
>> Sure.. the whole network is completely isolated from the Internet so
>> I'll have to use my trusted memory stick.
>> Essentially I want to tell server to look to itself for the time.
>> Then I want it to broadcast it's time to the network. Then I want
>> clients on the network to broadcast the fact that they are clients,
>> pick up the server's time broadcast and update their time.

Oh.  I missed this bit of the OP's comments.  How silly.

These fragments are needed to get ntpd to broadcast and accept secure
NTP updates on the local LAN:

# NOTE: We don't trust the entire subnet, and have enabled authentication with
# broadcast; our servers share the appropriate key, even if they might trust
# an unauthenticated upstream service for their time.
enable     auth
keys       /etc/ntp.keys
trustedkey 1

# Enable broadcast time service on the local network, with shared key auth.
# We also use burst mode to enable our client machines to sync faster.
broadcast  key 1

# We are also a broadcast client, so any other good time service on the
# network should help keep the clock disciplined.

# the tos orphan 12 setting from my previous post on the matter

# Allow the local network to establish broadcast relationships
restrict mask kod notrap nomodify noquery

Simply remove the 'broadcast ...' stanza on the client.


More information about the linux mailing list