- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- NTP listening for all network interfaces
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2007 03:53 AM
тАО01-22-2007 03:53 AM
NTP listening for all network interfaces
I am detecting that my xntpd daemon has an active LISTEN socket created for every network interface in my server... even for virtual interfaces! As this could be a potential security bridge, is there any way to restrict xntpd to just opening a socket for the interface which is used for comunications with NTP server? Thanks in advance for your comments
Jose Enrique
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2007 04:09 AM
тАО01-22-2007 04:09 AM
Re: NTP listening for all network interfaces
According to the ntpd FAQ, ntpd listens on all interfaces:
6.2.6.1. My NTP Server has a number of IP Addresses for different Nets. Is there any way to request ntpd to attach to a specific Interface?
As far as I know, ntpd attaches to all interfaces. What happens if you have virtual adresses (interface aliases) depends on the operating system. For some operating systems ntpd listens to all adresses.
It is known that the issue is handled sub-optimal, and it's being worked on it...
http://www.eecis.udel.edu/~ntp/ntpfaq/NTP-s-config.htm
PCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2007 07:43 AM
тАО01-22-2007 07:43 AM
Re: NTP listening for all network interfaces
regards,
ivan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2007 07:47 AM
тАО01-22-2007 07:47 AM
Re: NTP listening for all network interfaces
On Linux I've discovered that NTP does not by default listen on all interfaces. I've also not found any configuration changes that can be made to force it to do so.
We discovered this the hard way when we implemented a cluster on our ftp/dns/ntp server pair. To do the switch with no downtime we took one of the server names, the primary service provider and made it the floating ip address.
Soon after our internal ntp clients started to have sync problems.
netstat -an | grep 123
These results will show you what daemons are listening on port 123 and if you see an ip address of 0.0.0.0 then all interfaces are listening as well as floating ip addresses. if you see anything else, all interfaces and floating ip addresses are not listening.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2007 08:09 AM
тАО01-22-2007 08:09 AM
Re: NTP listening for all network interfaces
-L : Do not listen to virtual IPs.
You can modify ntpd startup options in /etc/sysconfig/ntpd if you are using redhat/fedora.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-22-2007 12:34 PM
тАО01-22-2007 12:34 PM