Comment 12 for bug 90267

There is a comment in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399905 about this issue, and it refers to an upstream bug (https://ntp.isc.org/bugs/show_bug.cgi?id=51) where it is strongly recommended not to bounce ntpd on I/F status changes.

This is (probably) the reason why /etc/network/ifup.d/ntp is disabled by default: there is a chance the clock will get wildly inaccurate, and the "carefully maintained statistics" will be lost.

Per the comments on https://ntp.isc.org/bugs/show_bug.cgi?id=772 upstream it seems that ntp, once it gives up on root, cannot change the IP (which is correct behaviour, since port 123 is privileged). The fix is either to run NTP as root, or to run Linux with capabilities (so that the correct capability can be given to the 'ntp' userid). Anyway, the fix is on 4.2.4, which has not yet been packaged by Debian.

So it seems there is no real solution right now.

Perhaps one option is not to install ntpd on machines that dynamically and/or frequently change the IP address -- instead, use ntpdate. On the other hand, ntpdate is less reliable (see 'man ntpdate' for example), and it is recommended to be run every hour in order to minimise the chance of large clock changes.

Still digging.