116 lines
4.2 KiB
Plaintext
116 lines
4.2 KiB
Plaintext
# $NetBSD: ntp.conf,v 1.20 2017/01/09 20:05:29 christos Exp $
|
|
#
|
|
# NetBSD default Network Time Protocol (NTP) configuration file for ntpd
|
|
|
|
# This file is intended to be both a usable default, and a Quick-Start
|
|
# Guide. The directives and options listed here are not at all complete.
|
|
# A great deal of additional documentation, including links to FAQS and
|
|
# other guides, may be found on the official NTP web site, in particular
|
|
#
|
|
# http://www.ntp.org/documentation.html
|
|
#
|
|
|
|
# Process ID file, so that the daemon can be signalled from scripts
|
|
|
|
pidfile /var/run/ntpd.pid
|
|
|
|
# The correction calculated by ntpd(8) for the local system clock's
|
|
# drift is stored here.
|
|
|
|
driftfile /var/db/ntp.drift
|
|
|
|
# Suppress the syslog(3) message for each peer synchronization change.
|
|
|
|
logconfig -syncstatus
|
|
|
|
# Refuse to set the local clock if there are too few good peers or servers.
|
|
# This may help minimize disruptions due to network congestion. Don't
|
|
# do this if you configure only one server!
|
|
|
|
tos minsane 2
|
|
|
|
# Set the number of tries to register with mdns. 0 means never
|
|
#
|
|
mdnstries 0
|
|
|
|
# New ntpd disables the ntpdc protocol by default, to re-enable uncomment
|
|
# the following line
|
|
# enable mode7
|
|
|
|
# Access control restrictions.
|
|
# See /usr/share/doc/html/ntp/accopt.html for syntax.
|
|
# See <http://support.ntp.org/bin/view/Support/AccessRestrictions> for advice.
|
|
# Last match wins.
|
|
#
|
|
# Some of the more common keywords are:
|
|
# ignore Deny packets of all kinds.
|
|
# kod Send "kiss-o'-death" packets if clients exceed rate
|
|
# limits.
|
|
# nomodify Deny attempts to modify the state of the server via
|
|
# ntpq or ntpdc queries.
|
|
# noquery Deny all ntpq and ntpdc queries. Does not affect time
|
|
# synchronisation.
|
|
# nopeer Prevent establishing new peer associations.
|
|
# Does not affect peers configured using "peer" lines.
|
|
# Does not affect client/server time synchronisation.
|
|
# noserve Deny all time synchronisation. Does not affect ntpq or
|
|
# ntpdc queries.
|
|
# notrap Deny the trap subset of the ntpdc control message protocol.
|
|
# notrust Deny packets that are not cryptographically authenticated.
|
|
#
|
|
# By default, allow client/server time exchange without prior
|
|
# arrangement, but deny configuration changes, queries, and peer
|
|
# associations that were not explicitly configured.
|
|
#
|
|
restrict default kod limited nopeer noquery
|
|
|
|
# Fewer restrictions for the local subnet.
|
|
# (Uncomment and adjust as appropriate.)
|
|
#
|
|
#restrict 192.0.2.0 mask 255.255.255.0 kod limited nomodify notrap nopeer
|
|
#restrict 2001:db8:: mask ffff:ffff:: kod limited nomodify notrap nopeer
|
|
|
|
# No restrictions for localhost.
|
|
#
|
|
restrict 127.0.0.1
|
|
restrict ::1
|
|
|
|
# Hereafter should be "server" or "peer" statements to configure other
|
|
# hosts to exchange NTP packets with.
|
|
#
|
|
# See <http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork>
|
|
# and <http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers>
|
|
# for advice.
|
|
#
|
|
# Peers or servers should be selected in such a way that the network
|
|
# path to them is short, uncongested, and symmetric (that is, the series
|
|
# of links and routers used to get to the peer is the same one that
|
|
# the peer uses to get back). The best place to start looking for NTP
|
|
# peers for your system is within your own network, or at your Internet
|
|
# Service Provider (ISP).
|
|
#
|
|
# Ideally, you should select at least three other systems to talk NTP
|
|
# with, for an "what I tell you three times is true" effect.
|
|
|
|
#peer an.ntp.peer.goes.here
|
|
#server an.ntp.server.goes.here
|
|
|
|
# The pool.ntp.org project coordinates public time servers provided by
|
|
# volunteers. See <http://www.pool.ntp.org>. The *.netbsd.pool.ntp.org
|
|
# servers are intended to be used by default on NetBSD hosts, but
|
|
# servers that are closer to you are likely to be better. Consider
|
|
# using servers specific to your country, a nearby country, or your
|
|
# continent.
|
|
#
|
|
# The pool.ntp.org project needs more volunteers! The only criteria to
|
|
# join are a nailed-up connection and a static IP address. For details,
|
|
# see the web page:
|
|
#
|
|
# http://www.pool.ntp.org/join.html
|
|
#
|
|
|
|
server 0.netbsd.pool.ntp.org
|
|
server 1.netbsd.pool.ntp.org
|
|
server 2.netbsd.pool.ntp.org
|
|
server 3.netbsd.pool.ntp.org
|