ntp.conf revision 290001
1178172Simp# 2178172Simp# $FreeBSD: releng/9.3/etc/ntp.conf 290001 2015-10-26 11:42:25Z glebius $ 3178172Simp# 4178172Simp# Default NTP servers for the FreeBSD operating system. 5178172Simp# 6178172Simp# Don't forget to enable ntpd in /etc/rc.conf with: 7178172Simp# ntpd_enable="YES" 8178172Simp# 9178172Simp# The driftfile is by default /var/db/ntpd.drift, check 10178172Simp# /etc/defaults/rc.conf on how to change the location. 11178172Simp# 12178172Simp 13178172Simp# 14178172Simp# The following three servers will give you a random set of three 15178172Simp# NTP servers geographically close to you. 16178172Simp# See http://www.pool.ntp.org/ for details. Note, the pool encourages 17178172Simp# users with a static IP and good upstream NTP servers to add a server 18178172Simp# to the pool. See http://www.pool.ntp.org/join.html if you are interested. 19178172Simp# 20178172Simp# The option `iburst' is used for faster initial synchronization. 21178172Simp# 22178172Simpserver 0.freebsd.pool.ntp.org iburst 23178172Simpserver 1.freebsd.pool.ntp.org iburst 24178172Simpserver 2.freebsd.pool.ntp.org iburst 25178172Simp#server 3.freebsd.pool.ntp.org iburst 26178172Simp 27178172Simp# 28178172Simp# If you want to pick yourself which country's public NTP server 29178172Simp# you want sync against, comment out the above servers, uncomment 30178172Simp# the next ones and replace CC with the country's abbreviation. 31178172Simp# Make sure that the hostnames resolve to a proper IP address! 32178172Simp# 33178172Simp# server 0.CC.pool.ntp.org iburst 34178172Simp# server 1.CC.pool.ntp.org iburst 35178172Simp# server 2.CC.pool.ntp.org iburst 36178172Simp 37178172Simp# 38178172Simp# Security: 39178172Simp# 40178172Simp# By default, only allow time queries and block all other requests 41178172Simp# from unauthenticated clients. 42178172Simp# 43178172Simp# See http://support.ntp.org/bin/view/Support/AccessRestrictions 44178172Simp# for more information. 45249523Simp# 46178172Simprestrict default limited kod nomodify notrap nopeer noquery 47178172Simprestrict -6 default limited kod nomodify notrap nopeer noquery 48249523Simp# 49178172Simp# Alternatively, the following rules would block all unauthorized access. 50178172Simp# 51178172Simp#restrict default ignore 52178172Simp#restrict -6 default ignore 53178172Simp# 54178172Simp# In this case, all remote NTP time servers also need to be explicitly 55178172Simp# allowed or they would not be able to exchange time information with 56178172Simp# this server. 57178172Simp# 58249523Simp# Please note that this example doesn't work for the servers in 59249523Simp# the pool.ntp.org domain since they return multiple A records. 60249523Simp# 61249523Simp#restrict 0.pool.ntp.org nomodify nopeer noquery notrap 62249523Simp#restrict 1.pool.ntp.org nomodify nopeer noquery notrap 63249523Simp#restrict 2.pool.ntp.org nomodify nopeer noquery notrap 64249523Simp# 65249523Simp# The following settings allow unrestricted access from the localhost 66249523Simprestrict 127.0.0.1 67249523Simprestrict -6 ::1 68178172Simprestrict 127.127.1.0 69178172Simp 70178172Simp# 71178172Simp# If a server loses sync with all upstream servers, NTP clients 72249790Simp# no longer follow that server. The local clock can be configured 73249790Simp# to provide a time source when this happens, but it should usually 74249790Simp# be configured on just one server on a network. For more details see 75249790Simp# http://support.ntp.org/bin/view/Support/UndisciplinedLocalClock 76249523Simp# The use of Orphan Mode may be preferable. 77178172Simp# 78178172Simp#server 127.127.1.0 79178172Simp#fudge 127.127.1.0 stratum 10 80178172Simp