-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/01/2020 18.18, James Knott wrote:
On 2020-01-12 12:14 PM, Carlos E. R. wrote:
| That's why I said a peer has to be configured at both ends. With | normal client/server, only the client is configured to use the | server. There is no matching configuration on the server. Also, | IIRC, the client also becomes a server. It least that's the way | it used to be in openSUSE. I haven't checked recently, but I did | that when I was using it as my firewall.
I think the client needs to be told to listen to become a server; otherwise requests would be banging the firewall. I'm unsure if that is the keyword "restrict".
The firewall rules wouldn't apply, as they're on the WAN side and the NTP requests from the firewall would go out just as usual. The LAN side is where the server has to listen for requests. IIRC, the only option for the server was multicast. Unicast just worked.
HAS to. But the LAN network interface is the same one that is connected to the gateway. If I say: Telcontar: server Isengard.valinor iburst Isengard: server telcontar.valinor iburst both are on the lan, and each one has the one as peer. And they get listed: Isengard:~ # ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== LOCAL(0) .LOCL. 10 l 30d 64 0 0.000 0.000 0.000 #Telcontar.valin 85.199.*.* 2 u 1043 1024 377 0.298 -3.923 0.855 cer@Telcontar:~> ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== LOCAL(0) .LOCL. 10 l 7h 64 0 0.000 0.000 0.000 - -Isengard.valino 194.80.*.* 2 u 308 1024 377 0.315 3.890 0.260 All that correct and as intended. Now, I also have: server 0.opensuse.pool.ntp.org iburst and my machine queries that one. Can someone outside query me? Perhaps 0.opensuse.pool.ntp.org? No, they would bang on my firewall. Both on the router firewall and my machine firewall, IIRC. By the way, my ISP time server is stratum 5, worse than me (I am, albeit unintentionally, st 2): Isengard:~ # ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== LOCAL(0) .LOCL. 10 l 30d 64 0 0.000 0.000 0.000 #hora.ngn.rima-t 172.20.47.7 5 u 186 1024 377 12.877 -0.739 0.257 server hora.ngn.rima-tde.net - -- Cheers / Saludos, Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXhtcxwAKCRC1MxgcbY1H 1UKZAKCJctHa+N4xvYNMDMKPlsODB1Cn3gCdGd3/mxyRTEfNNocqvle57WvGvPs= =G8bL -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org