Re: ntpsec as server questions
On Mon, Dec 4, 2023 at 12:09 AM <tomas@tuxteam.de> wrote:
>
> On Sun, Dec 03, 2023 at 07:42:42PM -0500, gene heskett wrote:
> > Greetings all;
> >
> > in the docs (thanks for hiding them & doing away with manpages) it says:
> > -------
> > To make the DHCP server in the Debian package isc-dhcp-server send NTP
> > server
> > information, add a line like the following at an appropriate place:
> >
> > option ntp-servers ntp1.foo.bar, ntp2.foo.bar;
> > ----------
> > now I assume the foo.bar is to be replaced by something unique [...]
>
> The whole thing is supposed to be a resolvable host name for your client,
> i.e. either something your client can look up in the DNS, something in
> its /etc/hosts, possibly even a naked IP address will do. It's quite
> likely the request goes through the resolver (which, BTW, has a man page).
I'm not sure that is correct. According to RFC 2132, Section 8.3, the
NTP time server source option is IP addresses, not hostnames. That
means ISC DHCP docs need to say it resolves a hostname to an IP, or it
needs to tell people to use IP addresses in accordance with the RFC.
See <https://datatracker.ietf.org/doc/html/rfc2132#section-8.3>.
If you try that [using a hostname in NTP server option] with the ISC's
KEA DHCP (KEA is ISC's rewrite of the old DHCP server), then the
server fails to start. You must use an IP address for NTP server
option with KEA DHCP.
Jeff
Reply to: