1# $NetBSD: ntp.conf,v 1.14.16.1 2014/01/06 19:12:23 bouyer Exp $ 2# 3# NetBSD default Network Time Protocol (NTP) configuration file for ntpd 4 5# This file is intended to be both a usable default, and a Quick-Start 6# Guide. The directives and options listed here are not at all complete. 7# A great deal of additional documentation, including links to FAQS and 8# other guides, may be found on the official NTP web site, in particular 9# 10# http://www.ntp.org/documentation.html 11# 12 13# Process ID file, so that the daemon can be signalled from scripts 14 15pidfile /var/run/ntpd.pid 16 17# The correction calculated by ntpd(8) for the local system clock's 18# drift is stored here. 19 20driftfile /var/db/ntp.drift 21 22# Suppress the syslog(3) message for each peer synchronization change. 23 24logconfig -syncstatus 25 26# Refuse to set the local clock if there are too few good peers or servers. 27# This may help minimize disruptions due to network congestion. Don't 28# do this if you configure only one server! 29 30tos minsane 2 31 32# Set the number of tries to register with mdns. 0 means never 33# 34mdnstries 0 35 36# Access control restrictions. 37# See /usr/share/doc/html/ntp/accopt.html for syntax. 38# See <http://support.ntp.org/bin/view/Support/AccessRestrictions> for advice. 39# Last match wins. 40# 41# Some of the more common keywords are: 42# ignore Deny packets of all kinds. 43# kod Send "kiss-o'-death" packets if clients exceed rate 44# limits. 45# nomodify Deny attempts to modify the state of the server via 46# ntpq or ntpdc queries. 47# noquery Deny all ntpq and ntpdc queries. Does not affect time 48# synchronisation. 49# nopeer Prevent establishing an new peer association. 50# Does not affect preconfigured peer associations. 51# Does not affect client/server time synchronisation. 52# noserve Deny all time synchronisation. Does not affect ntpq or 53# ntpdc queries. 54# notrap Deny the trap subset of the ntpdc control message protocol. 55# notrust Deny packets that are not cryptographically authenticated. 56# 57# By default, either deny everything, or allow client/server time exchange 58# but deny configuration changes, queries, and peer associations that were not 59# explicitly configured. 60# (Uncomment one of the following "restrict default" lines.) 61# 62#restrict default ignore 63restrict default kod nopeer noquery 64 65# Fewer restrictions for the local subnet. 66# (Uncomment and adjust as appropriate.) 67# 68#restrict 192.0.2.0 mask 255.255.255.0 kod nomodify notrap nopeer 69#restrict 2001:db8:: mask ffff:ffff:: kod nomodify notrap nopeer 70 71# No restrictions for localhost. 72# 73restrict 127.0.0.1 74restrict ::1 75 76# Hereafter should be "server" or "peer" statements to configure other 77# hosts to exchange NTP packets with. 78# 79# See <http://support.ntp.org/bin/view/Support/DesigningYourNTPNetwork> 80# and <http://support.ntp.org/bin/view/Support/SelectingOffsiteNTPServers> 81# for advice. 82# 83# Peers should be selected in such a way that the network path to them 84# is short, uncongested, and symmetric (that is, the series of links 85# and routers used to get to the peer is the same one that the peer 86# uses to get back). The best place to start looking for NTP peers for 87# your system is within your own network, or at your Internet Service 88# Provider (ISP). 89# 90# Ideally, you should select at least three other systems to talk NTP 91# with, for an "what I tell you three times is true" effect. 92# 93 94#peer an.ntp.peer.goes.here 95#server an.ntp.server.goes.here 96#restrict an.ntp.server.goes.here nomodify notrap 97 98# The pool.ntp.org project coordinates public time servers provided by 99# volunteers. See <http://www.pool.ntp.org>. The *.netbsd.pool.ntp.org 100# servers are intended to be used by default on NetBSD hosts, but 101# servers that are closer to you are likely to be better. Consider 102# using servers specific to your country, a nearby country, or your 103# continent. 104# 105# The pool.ntp.org project needs more volunteers! The only criteria to 106# join are a nailed-up connection and a static IP address. For details, 107# see the web page: 108# 109# http://www.pool.ntp.org/join.html 110# 111 112server 0.netbsd.pool.ntp.org 113restrict 0.netbsd.pool.ntp.org nomodify notrap 114server 1.netbsd.pool.ntp.org 115restrict 1.netbsd.pool.ntp.org nomodify notrap 116server 2.netbsd.pool.ntp.org 117restrict 2.netbsd.pool.ntp.org nomodify notrap 118server 3.netbsd.pool.ntp.org 119restrict 3.netbsd.pool.ntp.org nomodify notrap 120