commit af016b4fa16cf5138bf13608fe206f98769c378a
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Tue Nov 12 10:14:01 2013 +0100
Improvements and corrections to description of rate limiting and the
discard option. Thanks to mlichvar for the feedback.
en-US/Configuring_NTP_Using_ntpd.xml
en-US/Configuring_NTP_Using_ntpd.xml | 30 ++++++++++++++++--------------
1 files changed, 16 insertions(+), 14 deletions(-)
---
diff --git a/en-US/Configuring_NTP_Using_ntpd.xml b/en-US/Configuring_NTP_Using_ntpd.xml
index c05a1d6..3771121 100644
--- a/en-US/Configuring_NTP_Using_ntpd.xml
+++ b/en-US/Configuring_NTP_Using_ntpd.xml
@@ -421,7 +421,7 @@ synchronised to NTP server (10.5.26.10) at stratum 2
</listitem>
<listitem>
<para>
- <option>limited</option> — do not respond to time service
requests if the packet violates the rate limit specified by the
<command>discard</command> command. <systemitem
class="protocol">ntpq</systemitem> and <systemitem
class="protocol">ntpdc</systemitem> queries are not
affected.</para>
+ <option>limited</option> — do not respond to time service
requests if the packet violates the rate limit default values or those specified by the
<command>discard</command> command. <systemitem
class="protocol">ntpq</systemitem> and <systemitem
class="protocol">ntpdc</systemitem> queries are not affected. For more
information on the <command>discard</command> command and the default values,
see <xref
linkend="s2_Configure_Rate_Limiting_Access_to_an_NTP_Service"/>.</para>
</listitem>
<listitem>
<para>
@@ -461,23 +461,20 @@ synchronised to NTP server (10.5.26.10) at stratum 2
</listitem>
</itemizedlist>
- </para>
+ </para>
+ <para>
+ To configure rate limit access to not respond at all to a query, the respective
<command>restrict</command> command has to have the
<option>limited</option> option. If <systemitem
class="daemon">ntpd</systemitem> should reply with a
<literal>KoD</literal> packet, the <command>restrict</command>
command needs to have both <option>limited</option> and
<option>kod</option> options.
+ </para>
</section>
<section id="s2_Configure_Rate_Limiting_Access_to_an_NTP_Service">
<title>Configure Rate Limiting Access to an NTP Service</title>
- <para>
- To rate limit access to the <systemitem
class="protocol">NTP</systemitem> service running on a system, make use
of the <command>discard</command> command in the
<filename>ntp.conf</filename> file. See the commented out
example:<screen>
-# Hosts on local network are less restricted.
-#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap</screen>
-</para>
-
+ <para>
+ To enable rate limiting access to the <systemitem
class="protocol">NTP</systemitem> service running on a system, add the
<option>limited</option> option to the <command>restrict</command>
command as explained in <xref
linkend="s2-Configure_Access_Control_to_an_NTP_service"/>. If you do not want
to use the default discard parameters, then also use the
<command>discard</command> command as explained here.
+ </para>
<para>
The <command>discard</command> command takes the following
form:</para>
- <synopsis><command>discard</command>
<replaceable>option</replaceable>
<replaceable>argument</replaceable></synopsis>
- <para>
- where <replaceable>option</replaceable> is one or more of:
- </para>
+ <synopsis><command>discard</command>
<optional><option>average</option>
<replaceable>value</replaceable></optional>
<optional><option>minimum</option>
<replaceable>value</replaceable></optional>
<optional><option>monitor</option>
<replaceable>value</replaceable></optional></synopsis>
<itemizedlist>
<listitem>
@@ -496,6 +493,11 @@ synchronised to NTP server (10.5.26.10) at stratum 2
</para>
</listitem>
</itemizedlist>
+ <para>
+ Examples of the <command>discard</command> command are as follows:
+ <synopsis>discard average 4</synopsis>
+<synopsis>discard average 4 minimum 2</synopsis>
+ </para>
</section>
<section id="s2_Adding_a_Peer_Address">
@@ -814,7 +816,7 @@ The NTP Documentation Archive
<term><ulink
url="http://www.eecis.udel.edu/~mills/ntp.html"/></term>
<listitem>
<para>
-Network Time Synchronization Research Project.
+Network Time Synchronization Research Project.
</para>
</listitem>
</varlistentry>
@@ -822,7 +824,7 @@ Network Time Synchronization Research Project.
<term><ulink
url="http://www.eecis.udel.edu/~mills/ntp/html/manyopt.html"/&g...
<listitem>
<para>
-Information on Automatic Server Discovery in <systemitem
class="protocol">NTPv4</systemitem>.
+Information on Automatic Server Discovery in <systemitem
class="protocol">NTPv4</systemitem>.
</para>
</listitem>
</varlistentry>