[j-nsp] NTP Reflection
Chris Adams
cma at cmadams.net
Tue Jan 14 09:19:23 EST 2014
Once upon a time, Olivier Benghozi <olivier.benghozi at wifirst.fr> said:
> Because if you don't do it, you'll obtain some nice "Server Timeout" if you want to issue a "show ntp status" or "show ntp associations".
> So:
> - Junos doesn't use 127.0.0.1 to locally communicate with ntpd
> - In you filters you're obliged to manually authorize internal private IP traffic used by the CLI and that doesn't even leave the RE
>
> Another fine design...
Seems like a good case for a commit script to auto-build the filter
rule from configured NTP servers and configured loopback addresses.
--
Chris Adams <cma at cmadams.net>
More information about the juniper-nsp
mailing list