[system-administrators-guide] Improvements and corrections to description of rate limiting and the discard option. Thanks to mlich

stephenw stephenw at fedoraproject.org
Tue Nov 12 09:22:31 UTC 2013 

commit af016b4fa16cf5138bf13608fe206f98769c378a
Author: Stephen Wadeley <swadeley at redhat.com>
Date:   Tue Nov 12 10:14:01 2013 +0100

    Improvements and corrections to description of rate limiting and the
    discard option. Thanks to mlichvar for the feedback.
    en-US/Configuring_NTP_Using_ntpd.xml

 en-US/Configuring_NTP_Using_ntpd.xml |   30 ++++++++++++++++--------------
 1 files changed, 16 insertions(+), 14 deletions(-)
---
diff --git a/en-US/Configuring_NTP_Using_ntpd.xml b/en-US/Configuring_NTP_Using_ntpd.xml
index c05a1d6..3771121 100644
--- a/en-US/Configuring_NTP_Using_ntpd.xml
+++ b/en-US/Configuring_NTP_Using_ntpd.xml
@@ -421,7 +421,7 @@ synchronised to NTP server (10.5.26.10) at stratum 2
       </listitem>
       <listitem>
         <para>
-         <option>limited</option> &mdash; do not respond to time service requests if the packet violates the rate limit specified by the <command>discard</command> command. <systemitem class="protocol">ntpq</systemitem> and <systemitem class="protocol">ntpdc</systemitem> queries are not affected.</para>
+         <option>limited</option> &mdash; do not respond to time service requests if the packet violates the rate limit default values or those specified by the <command>discard</command> command. <systemitem class="protocol">ntpq</systemitem> and <systemitem class="protocol">ntpdc</systemitem> queries are not affected. For more information on the <command>discard</command> command and the default values, see <xref linkend="s2_Configure_Rate_Limiting_Access_to_an_NTP_Service"/>.</para>
       </listitem>
       <listitem>
         <para>
@@ -461,23 +461,20 @@ synchronised to NTP server (10.5.26.10) at stratum 2
       </listitem>
     </itemizedlist>
 
- </para>
+  </para>
+   <para>
+   To configure rate limit access to not respond at all to a query, the respective <command>restrict</command> command has to have the <option>limited</option> option. If <systemitem class="daemon">ntpd</systemitem> should reply with a <literal>KoD</literal> packet, the <command>restrict</command> command needs to have both <option>limited</option> and <option>kod</option> options.
+   </para>
  </section>
 
  <section id="s2_Configure_Rate_Limiting_Access_to_an_NTP_Service">
    <title>Configure Rate Limiting Access to an NTP Service</title>
- <para>
-   To rate limit access to the <systemitem class="protocol">NTP</systemitem> service running on a system, make use of the <command>discard</command> command in the <filename>ntp.conf</filename> file. See the commented out example:<screen>
-# Hosts on local network are less restricted.
-#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap</screen>
-</para>
-
+   <para>
+     To enable rate limiting access to the <systemitem class="protocol">NTP</systemitem> service running on a system, add the <option>limited</option> option to the <command>restrict</command> command as explained in <xref linkend="s2-Configure_Access_Control_to_an_NTP_service"/>. If you do not want to use the default discard parameters, then also use the <command>discard</command> command as explained here.
+   </para>
  <para>
    The <command>discard</command> command takes the following form:</para>
- <synopsis><command>discard</command> <replaceable>option</replaceable> <replaceable>argument</replaceable></synopsis>
-      <para>
-      where <replaceable>option</replaceable> is one or more of:
-    </para>
+ <synopsis><command>discard</command> <optional><option>average</option> <replaceable>value</replaceable></optional> <optional><option>minimum</option> <replaceable>value</replaceable></optional> <optional><option>monitor</option> <replaceable>value</replaceable></optional></synopsis>
 
    <itemizedlist>
       <listitem>
@@ -496,6 +493,11 @@ synchronised to NTP server (10.5.26.10) at stratum 2
  </para>
  </listitem>
  </itemizedlist>
+ <para>
+   Examples of the <command>discard</command> command are as follows:
+   <synopsis>discard average 4</synopsis>
+<synopsis>discard average 4 minimum 2</synopsis>
+ </para>
 </section>
 
 <section id="s2_Adding_a_Peer_Address">
@@ -814,7 +816,7 @@ The NTP Documentation Archive
 <term><ulink url="http://www.eecis.udel.edu/~mills/ntp.html"/></term>
 <listitem>
 <para>
-Network Time Synchronization Research Project. 
+Network Time Synchronization Research Project.
 </para>
 </listitem>
 </varlistentry>
@@ -822,7 +824,7 @@ Network Time Synchronization Research Project.
 <term><ulink url="http://www.eecis.udel.edu/~mills/ntp/html/manyopt.html"/></term>
 <listitem>
 <para>
-Information on Automatic Server Discovery in <systemitem class="protocol">NTPv4</systemitem>. 
+Information on Automatic Server Discovery in <systemitem class="protocol">NTPv4</systemitem>.
 </para>
 </listitem>
 </varlistentry>

More information about the docs-commits mailing list