1 # $NetBSD: ntp.conf,v 1.23 2021/10/28 07:24:40 kim Exp $ 2 # 3 # NetBSD default Network Time Protocol (NTP) configuration file for ntpd 4 5 # This file is intended to be both a usable default, and a Quick-Start 6 # Guide. The directives and options listed here are not at all complete. 7 # A great deal of additional documentation, including links to FAQS and 8 # other guides, may be found on the official NTP web site, in particular 9 # 10 # http://www.ntp.org/documentation.html 11 12 # Process ID file, so that the daemon can be signalled from scripts 13 14 pidfile /var/run/ntpd.pid 15 16 # Don't give up even if the reference time is hugely different. This can 17 # happen if the system was suspended and resumed. 18 19 #tinker panic 0 20 21 # The correction calculated by ntpd(8) for the local system clock's 22 # drift is stored here. 23 24 driftfile /var/db/ntp.drift 25 26 # Suppress the syslog(3) message for each peer synchronization change. 27 28 logconfig -syncstatus 29 30 # Refuse to set the local clock if there are too few good peers or servers. 31 # This may help minimize disruptions due to network congestion. Don't 32 # do this if you configure only one server! 33 34 tos minsane 2 35 36 # Set the target and limit for adding servers configured via pool statements 37 # or discovered dynamically via mechanisms such as broadcast and manycast. 38 # Ntpd automatically adds maxclock-1 servers from configured pools, and may 39 # add as many as maxclock*2 if necessary to ensure that at least minclock 40 # servers are providing good consistent time. 41 42 tos minclock 3 maxclock 6 43 44 # Set the number of tries to register with mdns. 0 means never 45 46 mdnstries 0 47 48 # New ntpd disables the ntpdc protocol by default, to re-enable uncomment 49 # the following line 50 51 #enable mode7 52 53 # Allow hasty ntpdate clients to avoid rate limiting / kod responses. 54 # The default is 2 seconds between packets from the client. 55 56 #discard minimum 1 57 58 # Access control restrictions. 59 # See /usr/share/doc/html/ntp/accopt.html for syntax. 60 # See <http://support.ntp.org/bin/view/Support/AccessRestrictions> for advice. 61 # Last match wins. 62 # 63 # Some of the more common keywords are: 64 # ignore Deny packets of all kinds. 65 # limited Deny time service if the packet violates the rate limits 66 # established by the discard command. Does not affect ntpq or 67 # ntpdc queries. 68 # kod Send "kiss-o'-death" packets if clients exceed rate limits. 69 # No effect without the limited flag. 70 # nomodify Deny attempts to modify the state of the server via ntpq or 71 # ntpdc queries. 72 # noquery Deny all ntpq and ntpdc queries. Does not affect time 73 # synchronisation. 74 # nopeer Prevent establishing new peer associations. 75 # Does not affect peers configured using "peer" lines. 76 # Does not affect client/server time synchronisation. 77 # noserve Deny all time synchronisation. Does not affect ntpq or 78 # ntpdc queries. 79 # notrap Deny the trap subset of the ntpdc control message protocol. 80 # notrust Deny packets that are not cryptographically authenticated. 81 # 82 # By default, allow client/server time exchange without prior 83 # arrangement, but deny configuration changes, queries, and peer 84 # associations that were not explicitly configured. 85 86 restrict default limited kod nomodify notrap nopeer noquery 87 88 # Restrictions used for associations (peer, server, pool). 89 90 restrict source nomodify notrap noquery 91 92 # Fewer restrictions for the local subnet. 93 # (Uncomment and adjust as appropriate.) 94 95 #restrict 192.0.2.0 mask 255.255.255.0 limited kod nomodify notrap nopeer 96 #restrict 2001:db8:: mask ffff:ffff:: limited kod nomodify notrap nopeer 97 98 # No restrictions for localhost. 99 100 restrict 127.0.0.1 101 restrict ::1 102 103 # Hereafter should be "server", "peer", or "pool" statements to configure 104 # other hosts to exchange NTP packets with. 105 # 106 # See <http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork> 107 # and <http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers> 108 # for advice. 109 # 110 # Peers or servers should be selected in such a way that the network 111 # path to them is short, uncongested, and symmetric (that is, the series 112 # of links and routers used to get to the peer is the same one that 113 # the peer uses to get back). The best place to start looking for NTP 114 # peers for your system is within your own network, or at your Internet 115 # Service Provider (ISP). 116 # 117 # Ideally, you should select at least three other systems to talk NTP 118 # with, for an "what I tell you three times is true" effect. 119 120 #peer an.ntp.peer.goes.here iburst 121 #server an.ntp.server.goes.here iburst 122 123 # The pool.ntp.org project coordinates public time servers provided by 124 # volunteers. See <http://www.pool.ntp.org>. The *.netbsd.pool.ntp.org 125 # servers are intended to be used by default on NetBSD hosts. 126 # 127 # The following pool statement will give you a random set of NTP servers 128 # geographically close to you. A single pool statement adds multiple 129 # servers from the pool, according to the tos minclock/maxclock targets. 130 # The "2" host is used to obtain both IPv4 and IPv6 addresses. 131 # 132 # The pool.ntp.org project needs more volunteers! The only criteria to 133 # join are a nailed-up connection and a static IP address. For details, 134 # see the web page <http://www.pool.ntp.org/join.html> 135 136 pool 2.netbsd.pool.ntp.org iburst 137
Indexes created Mon Sep 29 21:09:56 GMT 2025