1# $NetBSD: ntp.conf,v 1.14.16.1 2014/01/06 19:12:23 bouyer Exp $
2#
3# NetBSD default Network Time Protocol (NTP) configuration file for ntpd
4
5# This file is intended to be both a usable default, and a Quick-Start
6# Guide. The directives and options listed here are not at all complete.
7# A great deal of additional documentation, including links to FAQS and
8# other guides, may be found on the official NTP web site, in particular
9#
10#	http://www.ntp.org/documentation.html
11#
12
13# Process ID file, so that the daemon can be signalled from scripts
14
15pidfile		/var/run/ntpd.pid
16
17# The correction calculated by ntpd(8) for the local system clock's
18# drift is stored here.
19
20driftfile	/var/db/ntp.drift
21
22# Suppress the syslog(3) message for each peer synchronization change.
23
24logconfig	-syncstatus
25
26# Refuse to set the local clock if there are too few good peers or servers.
27# This may help minimize disruptions due to network congestion. Don't
28# do this if you configure only one server!
29
30tos		minsane 2
31
32# Set the number of tries to register with mdns. 0 means never
33#
34mdnstries	0
35
36# Access control restrictions.
37# See /usr/share/doc/html/ntp/accopt.html for syntax.
38# See <http://support.ntp.org/bin/view/Support/AccessRestrictions> for advice.
39# Last match wins.
40#
41# Some of the more common keywords are:
42#   ignore      Deny packets of all kinds.
43#   kod         Send "kiss-o'-death" packets if clients exceed rate
44#               limits.
45#   nomodify    Deny attempts to modify the state of the server via
46#               ntpq or ntpdc queries.
47#   noquery     Deny all ntpq and ntpdc queries.  Does not affect time
48#               synchronisation.
49#   nopeer      Prevent establishing an new peer association.
50#               Does not affect preconfigured peer associations.
51#               Does not affect client/server time synchronisation.
52#   noserve     Deny all time synchronisation.  Does not affect ntpq or
53#               ntpdc queries.
54#   notrap      Deny the trap subset of the ntpdc control message protocol.
55#   notrust     Deny packets that are not cryptographically authenticated.
56#
57# By default, either deny everything, or allow client/server time exchange
58# but deny configuration changes, queries, and peer associations that were not
59# explicitly configured.
60# (Uncomment one of the following "restrict default" lines.)
61#
62#restrict default ignore
63restrict default kod nopeer noquery
64
65# Fewer restrictions for the local subnet.
66# (Uncomment and adjust as appropriate.)
67#
68#restrict 192.0.2.0 mask 255.255.255.0 kod nomodify notrap nopeer
69#restrict 2001:db8:: mask ffff:ffff::  kod nomodify notrap nopeer
70
71# No restrictions for localhost.
72#
73restrict 127.0.0.1
74restrict ::1
75
76# Hereafter should be "server" or "peer" statements to configure other
77# hosts to exchange NTP packets with.
78#
79# See <http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork>
80# and <http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers>
81# for advice.
82#
83# Peers should be selected in such a way that the network path to them
84# is short, uncongested, and symmetric (that is, the series of links
85# and routers used to get to the peer is the same one that the peer
86# uses to get back).  The best place to start looking for NTP peers for
87# your system is within your own network, or at your Internet Service
88# Provider (ISP).
89#
90# Ideally, you should select at least three other systems to talk NTP
91# with, for an "what I tell you three times is true" effect.
92#
93
94#peer		an.ntp.peer.goes.here
95#server		an.ntp.server.goes.here
96#restrict	an.ntp.server.goes.here nomodify notrap
97
98# The pool.ntp.org project coordinates public time servers provided by
99# volunteers.  See <http://www.pool.ntp.org>.  The *.netbsd.pool.ntp.org
100# servers are intended to be used by default on NetBSD hosts, but
101# servers that are closer to you are likely to be better.  Consider
102# using servers specific to your country, a nearby country, or your
103# continent.
104#
105# The pool.ntp.org project needs more volunteers! The only criteria to
106# join are a nailed-up connection and a static IP address. For details,
107# see the web page:
108#
109#       http://www.pool.ntp.org/join.html
110#
111
112server          0.netbsd.pool.ntp.org
113restrict        0.netbsd.pool.ntp.org nomodify notrap
114server          1.netbsd.pool.ntp.org
115restrict        1.netbsd.pool.ntp.org nomodify notrap
116server          2.netbsd.pool.ntp.org
117restrict        2.netbsd.pool.ntp.org nomodify notrap
118server          3.netbsd.pool.ntp.org
119restrict        3.netbsd.pool.ntp.org nomodify notrap
120