| Re: [chrony-dev] Multihomed (multiple) network interfaces support ! |
[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]
I couldn' t launch multiple instances of chrony..I added lan.conf to the conf.d folder additionally to the main config file:server lan_IP port 123 minpoll 0 maxpoll 0 copy
allow
cmdport 123
bindcmdaddress /var/run/cc/chronyd-server1.sock
pidfile /var/run/cc/chronyd-server1.pid
driftfile /var/lib/cc/drift-server1I even made /var/run/cc folder.But there isсен 05 22:55:07 key chronyd[152706]: chronyd version 4.3 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +NTS +SECHASH +IPV6 -DEBUG)
сен 05 22:55:07 key chronyd-starter.sh[152704]: Could not open /var/run/cc/chronyd-server1.pid : Permission denied
сен 05 22:55:07 key chronyd[152706]: Wrong permissions on /var/run/cc
сен 05 22:55:07 key chronyd[152706]: Disabled command socket /var/run/cc/chronyd-server1.sock
сен 05 22:55:07 key chronyd[152706]: Fatal error : Could not open /var/run/cc/chronyd-server1.pid : Permission denied
сен 05 22:55:07 key systemd[1]: chrony.service: Control process exited, code=exited, status=1/FAILURE
сен 05 22:55:07 key systemd[1]: chrony.service: Failed with result 'exit-code'.
сен 05 22:55:07 key systemd[1]: Failed to start chrony, an NTP client/server.вт, 5 сент. 2023 г. в 17:46, CpServiceSPb <cpservicespb@xxxxxxxxx>:Adding this way of packet handling will bring a huge competition advantage for chrony.I think.Here is some onfi about netlink practical usgee, in Russian, but you can read it via Google translator.Anyway, thanks in advance.вт, 5 сент. 2023 г. в 17:03, Miroslav Lichvar <mlichvar@xxxxxxxxxx>:On Tue, Sep 05, 2023 at 04:33:11PM +0300, CpServiceSPb wrote:
> > That would make more sense for security. However, it's not a simple thing
> > to implement as peer associations use the server sockets too, so there
> > would need to be some code selecting the right socket.
> Maybe it is worth looking at NTP sources for aspects of the topic.
> It supports multiple bindings as I know.
The ntpd I/O code was designed around having a separate socket for
each interface. It monitors changes in network configuration (on Linux
using netlink socket). It needs that to be able to respond from the
right address on multihomed hosts. The amount of code needed for that
is huge and lot of it is system-specific.
chronyd relies on the IP_PKTINFO socket option to get the destination
address of requests. This is much simpler, but probably not available
on all systems that ntpd currently supports.
> I believe you will be able to implement correctly the functionality.
> And will wait for the version to test it.
I added it to my todo list, but don't get your hopes up.
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.
| Mail converted by MHonArc 2.6.19+ | http://listengine.tuxfamily.org/ |