From owner-freebsd-security  Sun Jan 30 16:18: 3 2000
Delivered-To: freebsd-security@freebsd.org
Received: from alecto.physics.uiuc.edu (alecto.physics.uiuc.edu [130.126.8.20])
	by hub.freebsd.org (Postfix) with ESMTP id DD811151B0
	for <security@freebsd.org>; Sun, 30 Jan 2000 16:18:00 -0800 (PST)
	(envelope-from igor@alecto.physics.uiuc.edu)
Received: (from igor@localhost)
	by alecto.physics.uiuc.edu (8.9.0/8.9.0) id SAA07833
	for security@freebsd.org; Sun, 30 Jan 2000 18:18:00 -0600 (CST)
From: Igor Roshchin <igor@physics.uiuc.edu>
Message-Id: <200001310018.SAA07833@alecto.physics.uiuc.edu>
Subject: ntpd configuration and strange time "jumps"
To: security@freebsd.org
Date: Sun, 30 Jan 2000 18:17:59 -0600 (CST)
X-Mailer: ELM [version 2.4ME+ PL43 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



Hello!

Two questions regarding xntpd:

1. I've noticed that there were a few rather strange time steps:
(it's the first time I see it changing back and force without any 
visible reason)
Jan 28 19:58:45 <ntp.notice> myhost xntpd[144]: time reset (step) -0.244614 s
Jan 28 21:04:09 <ntp.notice> myhost xntpd[144]: time reset (step) 0.353294 s
Jan 29 19:20:11 <ntp.notice> myhost xntpd[144]: time reset (step) -0.134634 s
Jan 30 03:03:14 <ntp.notice> myhost xntpd[144]: time reset (step) -0.135647 s
Jan 30 15:50:57 <ntp.notice> myhost xntpd[144]: time reset (step) -0.150918 s
Jan 30 16:29:31 <ntp.notice> myhost xntpd[144]: time reset (step) 0.290430 s
Jan 30 17:25:10 <ntp.notice> myhost xntpd[144]: time reset (step) -0.163771 s

I did not see any problems with the network or with the servers, my xntpd
is connecting to.

The version of the xntpd used on a FreeBSD 3.4-STABLE box is reported below.

Jan 30 18:57:27 <ntp.notice> myhost xntpd[75127]: xntpd version=3.4e (beta multicast); Thu Jan  6 20:53:51 EST 2000 (1)
Jan 30 18:57:27 <ntp.notice> myhost xntpd[75127]: tickadj = 5, tick = 10000, tvu_maxslew = 495
Jan 30 18:57:27 <ntp.notice> myhost xntpd[75127]: using xntpd phase-lock loop

Any idea, what might be the reason for such strange resets ?
Is there any reason for worries ?


2. Can somebody give any pointers and/or sample xntpd configuration files 
which would provide  reasonable security of the xntpd server , while
allowing any host on the local network to connect to it ?

Thanks,


Igor







To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message