Home | History | Annotate | Line # | Download | only in etc
ntp.conf revision 1.14.2.1 
      1  1.14.2.1    bouyer # $NetBSD: ntp.conf,v 1.14.2.1 2014/01/06 19:12:15 bouyer Exp $
      2       1.1      fair #
      3       1.7     fredb # NetBSD default Network Time Protocol (NTP) configuration file for ntpd
      4       1.8     fredb 
      5       1.8     fredb # This file is intended to be both a usable default, and a Quick-Start
      6       1.8     fredb # Guide. The directives and options listed here are not at all complete.
      7       1.9      reed # A great deal of additional documentation, including links to FAQS and
      8       1.8     fredb # other guides, may be found on the official NTP web site, in particular
      9       1.8     fredb #
     10       1.8     fredb #	http://www.ntp.org/documentation.html
     11       1.8     fredb #
     12       1.1      fair 
     13       1.1      fair # Process ID file, so that the daemon can be signalled from scripts
     14       1.1      fair 
     15       1.3     lukem pidfile		/var/run/ntpd.pid
     16       1.1      fair 
     17       1.2    simonb # The correction calculated by ntpd(8) for the local system clock's
     18       1.7     fredb # drift is stored here.
     19       1.1      fair 
     20       1.3     lukem driftfile	/var/db/ntp.drift
     21       1.1      fair 
     22       1.7     fredb # Suppress the syslog(3) message for each peer synchronization change.
     23       1.1      fair 
     24       1.3     lukem logconfig	-syncstatus
     25       1.5     fredb 
     26  1.14.2.1    bouyer # Refuse to set the local clock if there are too few good peers or servers.
     27  1.14.2.1    bouyer # This may help minimize disruptions due to network congestion. Don't
     28       1.5     fredb # do this if you configure only one server!
     29       1.5     fredb 
     30       1.5     fredb tos		minsane 2
     31       1.1      fair 
     32      1.10  christos # Set the number of tries to register with mdns. 0 means never
     33      1.10  christos #
     34      1.10  christos mdnstries	0
     35      1.10  christos 
     36  1.14.2.1    bouyer # Access control restrictions.
     37  1.14.2.1    bouyer # See /usr/share/doc/html/ntp/accopt.html for syntax.
     38  1.14.2.1    bouyer # See <http://support.ntp.org/bin/view/Support/AccessRestrictions> for advice.
     39  1.14.2.1    bouyer # Last match wins.
     40  1.14.2.1    bouyer #
     41  1.14.2.1    bouyer # Some of the more common keywords are:
     42  1.14.2.1    bouyer #   ignore      Deny packets of all kinds.
     43  1.14.2.1    bouyer #   kod         Send "kiss-o'-death" packets if clients exceed rate
     44  1.14.2.1    bouyer #               limits.
     45  1.14.2.1    bouyer #   nomodify    Deny attempts to modify the state of the server via
     46  1.14.2.1    bouyer #               ntpq or ntpdc queries.
     47  1.14.2.1    bouyer #   noquery     Deny all ntpq and ntpdc queries.  Does not affect time
     48  1.14.2.1    bouyer #               synchronisation.
     49  1.14.2.1    bouyer #   nopeer      Prevent establishing an new peer association.
     50  1.14.2.1    bouyer #               Does not affect preconfigured peer associations.
     51  1.14.2.1    bouyer #               Does not affect client/server time synchronisation.
     52  1.14.2.1    bouyer #   noserve     Deny all time synchronisation.  Does not affect ntpq or
     53  1.14.2.1    bouyer #               ntpdc queries.
     54  1.14.2.1    bouyer #   notrap      Deny the trap subset of the ntpdc control message protocol.
     55  1.14.2.1    bouyer #   notrust     Deny packets that are not cryptographically authenticated.
     56  1.14.2.1    bouyer #
     57  1.14.2.1    bouyer # By default, either deny everything, or allow client/server time exchange
     58  1.14.2.1    bouyer # but deny configuration changes, queries, and peer associations that were not
     59  1.14.2.1    bouyer # explicitly configured.
     60  1.14.2.1    bouyer # (Uncomment one of the following "restrict default" lines.)
     61  1.14.2.1    bouyer #
     62  1.14.2.1    bouyer #restrict default ignore
     63  1.14.2.1    bouyer restrict default kod nopeer noquery
     64  1.14.2.1    bouyer 
     65  1.14.2.1    bouyer # Fewer restrictions for the local subnet.
     66  1.14.2.1    bouyer # (Uncomment and adjust as appropriate.)
     67  1.14.2.1    bouyer #
     68  1.14.2.1    bouyer #restrict 192.0.2.0 mask 255.255.255.0 kod nomodify notrap nopeer
     69  1.14.2.1    bouyer #restrict 2001:db8:: mask ffff:ffff::  kod nomodify notrap nopeer
     70  1.14.2.1    bouyer 
     71  1.14.2.1    bouyer # No restrictions for localhost.
     72  1.14.2.1    bouyer #
     73  1.14.2.1    bouyer restrict 127.0.0.1
     74  1.14.2.1    bouyer restrict ::1
     75  1.14.2.1    bouyer 
     76       1.7     fredb # Hereafter should be "server" or "peer" statements to configure other
     77  1.14.2.1    bouyer # hosts to exchange NTP packets with.
     78  1.14.2.1    bouyer #
     79  1.14.2.1    bouyer # See <http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork>
     80  1.14.2.1    bouyer # and <http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers>
     81  1.14.2.1    bouyer # for advice.
     82  1.14.2.1    bouyer #
     83  1.14.2.1    bouyer # Peers should be selected in such a way that the network path to them
     84  1.14.2.1    bouyer # is short, uncongested, and symmetric (that is, the series of links
     85  1.14.2.1    bouyer # and routers used to get to the peer is the same one that the peer
     86  1.14.2.1    bouyer # uses to get back).  The best place to start looking for NTP peers for
     87  1.14.2.1    bouyer # your system is within your own network, or at your Internet Service
     88  1.14.2.1    bouyer # Provider (ISP).
     89       1.1      fair #
     90       1.7     fredb # Ideally, you should select at least three other systems to talk NTP
     91       1.7     fredb # with, for an "what I tell you three times is true" effect.
     92       1.1      fair #
     93       1.1      fair 
     94       1.3     lukem #peer		an.ntp.peer.goes.here
     95       1.3     lukem #server		an.ntp.server.goes.here
     96  1.14.2.1    bouyer #restrict	an.ntp.server.goes.here nomodify notrap
     97       1.4       agc 
     98  1.14.2.1    bouyer # The pool.ntp.org project coordinates public time servers provided by
     99  1.14.2.1    bouyer # volunteers.  See <http://www.pool.ntp.org>.  The *.netbsd.pool.ntp.org
    100  1.14.2.1    bouyer # servers are intended to be used by default on NetBSD hosts, but
    101  1.14.2.1    bouyer # servers that are closer to you are likely to be better.  Consider
    102  1.14.2.1    bouyer # using servers specific to your country, a nearby country, or your
    103  1.14.2.1    bouyer # continent.
    104  1.14.2.1    bouyer #
    105       1.6     fredb # The pool.ntp.org project needs more volunteers! The only criteria to
    106       1.6     fredb # join are a nailed-up connection and a static IP address. For details,
    107       1.6     fredb # see the web page:
    108       1.6     fredb #
    109  1.14.2.1    bouyer #       http://www.pool.ntp.org/join.html
    110       1.6     fredb #
    111       1.6     fredb 
    112  1.14.2.1    bouyer server          0.netbsd.pool.ntp.org
    113  1.14.2.1    bouyer restrict        0.netbsd.pool.ntp.org nomodify notrap
    114  1.14.2.1    bouyer server          1.netbsd.pool.ntp.org
    115  1.14.2.1    bouyer restrict        1.netbsd.pool.ntp.org nomodify notrap
    116  1.14.2.1    bouyer server          2.netbsd.pool.ntp.org
    117  1.14.2.1    bouyer restrict        2.netbsd.pool.ntp.org nomodify notrap
    118  1.14.2.1    bouyer server          3.netbsd.pool.ntp.org
    119  1.14.2.1    bouyer restrict        3.netbsd.pool.ntp.org nomodify notrap
    120