If I am running ntp (via ntp.conf) heavily restricted, I cannot use a pool for a server. Why? Because the call to restrict (to allow access for the pool) seems to be another DNS Lookup, which returns another IP value than what was used to originally call the server. Please show me that I am wrong/being stupid about this.
Crude Example (portion of ntp.conf):
server 0.debian.pool.ntp.org iburst
restrict default ignore
restrict -6 default ignore
restrict 0.debian.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
This does not work (I think) because DNS calls to 0.debian.pool.ntp.org return different IP addresses and thus the wrong IP address is allowed via the (poorly named) restrict.
Use the builtin
source
alias/directive/whatever:Updatedd to include documentation for
source
:From: http://www.eecis.udel.edu/~mills/ntp/html/accopt.html#restrict