1 1.23 kim # $NetBSD: ntp.conf,v 1.23 2021/10/28 07:24:40 kim Exp $ 2 1.1 fair # 3 1.7 fredb # NetBSD default Network Time Protocol (NTP) configuration file for ntpd 4 1.8 fredb 5 1.8 fredb # This file is intended to be both a usable default, and a Quick-Start 6 1.8 fredb # Guide. The directives and options listed here are not at all complete. 7 1.9 reed # A great deal of additional documentation, including links to FAQS and 8 1.8 fredb # other guides, may be found on the official NTP web site, in particular 9 1.8 fredb # 10 1.8 fredb # http://www.ntp.org/documentation.html 11 1.1 fair 12 1.1 fair # Process ID file, so that the daemon can be signalled from scripts 13 1.1 fair 14 1.21 kim pidfile /var/run/ntpd.pid 15 1.21 kim 16 1.21 kim # Don't give up even if the reference time is hugely different. This can 17 1.21 kim # happen if the system was suspended and resumed. 18 1.21 kim 19 1.21 kim #tinker panic 0 20 1.1 fair 21 1.2 simonb # The correction calculated by ntpd(8) for the local system clock's 22 1.7 fredb # drift is stored here. 23 1.1 fair 24 1.21 kim driftfile /var/db/ntp.drift 25 1.1 fair 26 1.7 fredb # Suppress the syslog(3) message for each peer synchronization change. 27 1.1 fair 28 1.21 kim logconfig -syncstatus 29 1.5 fredb 30 1.17 apb # Refuse to set the local clock if there are too few good peers or servers. 31 1.17 apb # This may help minimize disruptions due to network congestion. Don't 32 1.5 fredb # do this if you configure only one server! 33 1.5 fredb 34 1.21 kim tos minsane 2 35 1.21 kim 36 1.21 kim # Set the target and limit for adding servers configured via pool statements 37 1.21 kim # or discovered dynamically via mechanisms such as broadcast and manycast. 38 1.21 kim # Ntpd automatically adds maxclock-1 servers from configured pools, and may 39 1.21 kim # add as many as maxclock*2 if necessary to ensure that at least minclock 40 1.21 kim # servers are providing good consistent time. 41 1.21 kim 42 1.21 kim tos minclock 3 maxclock 6 43 1.1 fair 44 1.10 christos # Set the number of tries to register with mdns. 0 means never 45 1.21 kim 46 1.21 kim mdnstries 0 47 1.10 christos 48 1.15 christos # New ntpd disables the ntpdc protocol by default, to re-enable uncomment 49 1.15 christos # the following line 50 1.21 kim 51 1.21 kim #enable mode7 52 1.21 kim 53 1.21 kim # Allow hasty ntpdate clients to avoid rate limiting / kod responses. 54 1.21 kim # The default is 2 seconds between packets from the client. 55 1.21 kim 56 1.21 kim #discard minimum 1 57 1.15 christos 58 1.16 apb # Access control restrictions. 59 1.16 apb # See /usr/share/doc/html/ntp/accopt.html for syntax. 60 1.16 apb # See <http://support.ntp.org/bin/view/Support/AccessRestrictions> for advice. 61 1.16 apb # Last match wins. 62 1.16 apb # 63 1.16 apb # Some of the more common keywords are: 64 1.16 apb # ignore Deny packets of all kinds. 65 1.21 kim # limited Deny time service if the packet violates the rate limits 66 1.21 kim # established by the discard command. Does not affect ntpq or 67 1.21 kim # ntpdc queries. 68 1.21 kim # kod Send "kiss-o'-death" packets if clients exceed rate limits. 69 1.23 kim # No effect without the limited flag. 70 1.21 kim # nomodify Deny attempts to modify the state of the server via ntpq or 71 1.21 kim # ntpdc queries. 72 1.16 apb # noquery Deny all ntpq and ntpdc queries. Does not affect time 73 1.16 apb # synchronisation. 74 1.19 apb # nopeer Prevent establishing new peer associations. 75 1.19 apb # Does not affect peers configured using "peer" lines. 76 1.16 apb # Does not affect client/server time synchronisation. 77 1.16 apb # noserve Deny all time synchronisation. Does not affect ntpq or 78 1.16 apb # ntpdc queries. 79 1.16 apb # notrap Deny the trap subset of the ntpdc control message protocol. 80 1.16 apb # notrust Deny packets that are not cryptographically authenticated. 81 1.16 apb # 82 1.19 apb # By default, allow client/server time exchange without prior 83 1.19 apb # arrangement, but deny configuration changes, queries, and peer 84 1.19 apb # associations that were not explicitly configured. 85 1.21 kim 86 1.21 kim restrict default limited kod nomodify notrap nopeer noquery 87 1.21 kim 88 1.21 kim # Restrictions used for associations (peer, server, pool). 89 1.21 kim 90 1.21 kim restrict source nomodify notrap noquery 91 1.16 apb 92 1.16 apb # Fewer restrictions for the local subnet. 93 1.16 apb # (Uncomment and adjust as appropriate.) 94 1.21 kim 95 1.21 kim #restrict 192.0.2.0 mask 255.255.255.0 limited kod nomodify notrap nopeer 96 1.21 kim #restrict 2001:db8:: mask ffff:ffff:: limited kod nomodify notrap nopeer 97 1.16 apb 98 1.16 apb # No restrictions for localhost. 99 1.21 kim 100 1.16 apb restrict 127.0.0.1 101 1.16 apb restrict ::1 102 1.16 apb 103 1.21 kim # Hereafter should be "server", "peer", or "pool" statements to configure 104 1.21 kim # other hosts to exchange NTP packets with. 105 1.17 apb # 106 1.17 apb # See <http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork> 107 1.17 apb # and <http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers> 108 1.17 apb # for advice. 109 1.17 apb # 110 1.19 apb # Peers or servers should be selected in such a way that the network 111 1.19 apb # path to them is short, uncongested, and symmetric (that is, the series 112 1.19 apb # of links and routers used to get to the peer is the same one that 113 1.19 apb # the peer uses to get back). The best place to start looking for NTP 114 1.19 apb # peers for your system is within your own network, or at your Internet 115 1.19 apb # Service Provider (ISP). 116 1.1 fair # 117 1.7 fredb # Ideally, you should select at least three other systems to talk NTP 118 1.7 fredb # with, for an "what I tell you three times is true" effect. 119 1.1 fair 120 1.22 kim #peer an.ntp.peer.goes.here iburst 121 1.22 kim #server an.ntp.server.goes.here iburst 122 1.4 agc 123 1.17 apb # The pool.ntp.org project coordinates public time servers provided by 124 1.17 apb # volunteers. See <http://www.pool.ntp.org>. The *.netbsd.pool.ntp.org 125 1.21 kim # servers are intended to be used by default on NetBSD hosts. 126 1.21 kim # 127 1.21 kim # The following pool statement will give you a random set of NTP servers 128 1.21 kim # geographically close to you. A single pool statement adds multiple 129 1.21 kim # servers from the pool, according to the tos minclock/maxclock targets. 130 1.21 kim # The "2" host is used to obtain both IPv4 and IPv6 addresses. 131 1.17 apb # 132 1.6 fredb # The pool.ntp.org project needs more volunteers! The only criteria to 133 1.6 fredb # join are a nailed-up connection and a static IP address. For details, 134 1.21 kim # see the web page <http://www.pool.ntp.org/join.html> 135 1.6 fredb 136 1.21 kim pool 2.netbsd.pool.ntp.org iburst 137
Indexes created Tue Sep 30 20:09:53 GMT 2025