Re: [chrony-dev] Multihomed (multiple) network interfaces support !

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ] 

On Wed, Aug 30, 2023 at 10:19:56AM +0300, CpServiceSPb wrote:
> There are some multihomed computers which have several network interfaces,
> for example lan, wif1i, wifi2, dmz,  wan.
> At the time chrony are binded either to 0.0.0.0 address, which is meaning "
> listen on every available network interface " or only once specified
> interface/address by "bind..." directives.
> Yes, there is "allow" directive as well.
> But  anyway there is listening to all the interfaces remaining, that is not
> good.

Why is it not good? Is it meant to be a security measure? Would
firewall not work better?

> Dear developers, please add availability of binding to several interfaces
> specified in conf file may be  by specifying multiple times of binddevice
> or bindaddress, for example:
> bindaddress192.168.0.0/24 # lan
> bindaddress172.10.0.0/24 # dmz

For compatibility with current configuration, which effectively
applies only the last occurence per IPv4/IPv6, I think it would need
to be specified on one line like this

bindaddress 192.168.0.0/24 172.10.0.0/24

It can be implemented, but there should be a good use case for it.

-- 
Miroslav Lichvar


-- 
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/