[clug] Local NTP server?

Daniel Pittman daniel at rimspace.net
Wed Dec 24 00:32:47 GMT 2008


Glen Cunningham <glen at exemail.com.au> writes:
> On Tuesday 23 December 2008 09:28, Chris Smart wrote:
> <snip>
>>
>> Sure.. the whole network is completely isolated from the Internet so
>> I'll have to use my trusted memory stick.
>>
>> Essentially I want to tell server to look to itself for the time.
>> Then I want it to broadcast it's time to the network. Then I want
>> clients on the network to broadcast the fact that they are clients,
>> pick up the server's time broadcast and update their time.

Oh.  I missed this bit of the OP's comments.  How silly.

These fragments are needed to get ntpd to broadcast and accept secure
NTP updates on the local LAN:

# NOTE: We don't trust the entire subnet, and have enabled authentication with
# broadcast; our servers share the appropriate key, even if they might trust
# an unauthenticated upstream service for their time.
enable     auth
keys       /etc/ntp.keys
trustedkey 1

# Enable broadcast time service on the local network, with shared key auth.
# We also use burst mode to enable our client machines to sync faster.
broadcast 192.168.10.255  key 1

# We are also a broadcast client, so any other good time service on the
# network should help keep the clock disciplined.
broadcastclient

# the tos orphan 12 setting from my previous post on the matter

# Allow the local network to establish broadcast relationships
restrict 192.168.10.0 mask 255.255.255.0 kod notrap nomodify noquery


Simply remove the 'broadcast ...' stanza on the client.

Regards,
        Daniel


More information about the linux mailing list