Hi Tom,
On Tue, Nov 16, 2010 at 8:53 AM, Tom Kacprzynski <tom.kac_at_gmail.com> wrote:
>
> Now if you would like to apply any NTP access control like who can query
> this ntp server, who can this server sync time with...etc.. in your ACL you
> have to specify 127.127.1.1 or else it won't be able to talk to that
> internal server. This takes a while to expire but eventually no
> communication occurs and it's not synced.
I'd never seen the local clock reference loopback IP referenced in an
ACL before. I mustn't have come across a scenario where a router was a
clock source AND had an ACL applied. Or I was just lucky and my IOS
still used 127.127.1.1, which seems to be treated specially and
bypasses the ACL.
Thanks for taking the time to post your findings -- GroupStudy needs more of it!
Cheers,
Dale
Blogs and organic groups at http://www.ccie.net
Received on Tue Nov 16 2010 - 09:46:15 ART
This archive was generated by hypermail 2.2.0 : Sun Dec 05 2010 - 22:14:56 ART