RE: -EXT-Re: [chrony-users] Using symbolic network names in /etc/chrony.conf file?

["Parker, Michael D." <Michael.D.Parker@xxxxxx>]

OOPS...strike that, I did the following:

In /etc/hosts:	10.10.0.0	netx

In /etc/chrony.conf:	allow	nets/16	

THAT is what didn't work.

***** ***** *****
Michael D. Parker
General Atomics ? ElectroMagnetics Systems Division (EMS)
Michael.d.parker@xxxxxx  <<<<< NOTE: Remember to include my middle initial
>>>>>
+1 858 964 6675 / Office 86-1319 / Cell +1 858 376 7474
16969 Mesamint Street / San Diego / CA / 92127

************************************************************************
CONFIDENTIALITY NOTICE: This communication is intended to be confidential to
the 
person(s) to whom it is addressed.  If you are not the intended recipient or
the agent of the 
intended recipient or if you are unable to deliver this communication to the
intended 
recipient, you must not read, use or disseminate this information.  If you
have received 
this communication in error,please advise the sender immediately by
telephone and delete 
this messageand any attachments without retaining a copy.
*************************************************************************



-----Original Message-----
From: Parker, Michael D. 
Sent: Monday, July 24, 2017 4:14 PM
To: 'chrony-users@xxxxxxxxxxxxxxxxxxxx' <chrony-users@xxxxxxxxxxxxxxxxxxxx>
Subject: RE: -EXT-Re: [chrony-users] Using symbolic network names in
/etc/chrony.conf file?

BTW, to answer your suggestion directly, I did try using 10.10.0.0/16 and
that did not work.



-----Original Message-----
From: Bill Unruh [mailto:unruh@xxxxxxxxxxxxxx] 
Sent: Monday, July 24, 2017 2:06 PM
To: chrony-users@xxxxxxxxxxxxxxxxxxxx
Subject: -EXT-Re: [chrony-users] Using symbolic network names in
/etc/chrony.conf file?



William G. Unruh __| Canadian Institute for|____ Tel: +1(604)822-3273
Physics&Astronomy _|___ Advanced Research _|____ Fax: +1(604)822-5324 UBC,
Vancouver,BC _|_ Program in Cosmology |____ unruh@xxxxxxxxxxxxxx Canada V6T
1Z1 ____|____ and Gravity ______|_ www.theory.physics.ubc.ca/

On Mon, 24 Jul 2017, Parker, Michael D. wrote:

> 
> The chrony allow directive allows the addition of a symbolic hostname 
> in its specification. However, I took a leap in entering the following
directive:
> 
> allow hostname/16
> 
> which failed to do what I expected but no configuration file error was 
> flagged. If hostname is 10.10.10.10, my expectation was that the allow
statement would apply to the entire 10.10.x.x network.

That is not how a netmask ever works. If you have IP/n That means you have a
netmask with the first n bits 1 and the rest 0. Another ip passes if ip AND
netmask equals IP. 
But your example IT has 10.10 as the lower 32-16 bits. and ip AND
255.255.0.0 ALWAYS has the lower 16 bits equal to 0.0 and can never have
them equal 10.10

Had you used 10.10.0.0/16 it might well have worked. but 10.10.10.10/16 can
never ever be satisfied by any address.


> 
> In this context, apparently the '/16' is ignored. Is there some way 
> that I could put basically a symbolic name in the /etc/chrony.conf file
instead of IP numbers in a network context? The documentation gives no hint
if this is possible.
> 
If the hostnameip AND netmask=hostnameip then it would have a chance. Now I
do not know if chrony accepts  hostname/n as a valid network spec, but it
would have to obey the above if it were to work.

AFAIK.


>  
> 
>  
> 
> 
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature