Article Title: Considerations for NTP service configuration in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
In the standard configuration of NTP in Linux, many Synchronization Methods are different. Note the following:
If you do not want any other server to access the local NTP service: This configuration will also cause local NTP to be unable to access the external NTP service:
If you want to deny all machines from accessing your NTP server, add the following line to/etc/ntp. conf:
Restrict default ignore
If the local server is allowed to access the local NTP service, the configuration is as follows:
If you only want to allow machines within your own network to synchronize their clocks with your server, but ensure they are not allowed to configure the server or used as peers to synchronize against, add
Restrict 192.168.1.0 mask limit 255.0 nomodify (restricted modification) notrap (restricted trap) noquery (restricted query) Note: noquery should be removed
The default value is 0.0.0.0/0.
Restrict default nomodify notrap
In some cases, the ntp service in the client segment can work effectively unless notrust/nomodify/notrap configuration is canceled.