在Linux下NTP的標准配置中,許多關於同步的方式不同,注意以下事項:
如果不想讓其它任何服務器訪問本機的NTP服務:此配置也將造成本地的NTP無法訪問外部的NTP服務:
If you want to deny all machines from accessing your NTP server, add the following line to /etc/ntp.conf:
restrict default ignore
如果允許本地的服務器訪問本機的NTP服務,配置如下:
If you only want to allow machines within your own network to synchronize their clocks with your server, but ensure they are not allowed to configure the server or used as peers to synchronize against, add
restrict 192.168.1.0 mask 255.255.255.0 nomodify(限制修改) notrap(限制trap) noquery(限制查詢) 注:應當解除noquery
其中default為0.0.0.0/0
restrict default nomodify notrap
有些情況下,除非取消notrust/nomodify/notrap配置,client段的ntp服務才能有效工作。