State of the microserver HOWTO
Gary E. Miller
gem at rellim.com
Tue Jun 7 02:27:12 UTC 2016
Yo Eric!
On Mon, 6 Jun 2016 20:32:07 -0400
"Eric S. Raymond" <esr at thyrsus.com> wrote:
> Gary E. Miller <gem at rellim.com>:
> > Yo Eric!
> >
> > On Mon, 6 Jun 2016 19:54:22 -0400
> > "Eric S. Raymond" <esr at thyrsus.com> wrote:
> >
> > > 1. How does ordering the refclocks in that way reduce startup
> > > glitches? As written this is a maddening, uninformative tease
> > > equivalent to mumbling "magic happens here". Please reply via a
> > > config with a better header comment.
> >
> > As recently discussed on devel at ntpsec.org
>
> Assume I've never read that list, or anything else about NTP other
> than the HOWTO itself. Remember who we're teaching!
You want me to do all the work?!? You're the writer. :-)
> Complete config with improved header comment, please. Having me edit
> in stuff every time someone needs to correct or amplify an explanation
> will not scale and *will* drive me bugfuck crazy.
See below. Not sure what you want in the header.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
logfile /var/log/ntpd.log
logconfig =syncall +clockall +peerall +sysall
# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
# pick a different set every time it starts up. Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
#server 0.debian.pool.ntp.org iburst
#server 1.debian.pool.ntp.org iburst
#server 2.debian.pool.ntp.org iburst
#server 3.debian.pool.ntp.org iburst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
#restrict -4 default kod notrap nomodify nopeer noquery
#restrict -6 default kod notrap nomodify nopeer noquery
#
## Local users may interrogate the ntp server more closely.
#restrict 127.0.0.1
#restrict ::1
restrict default nomodify notrap nopeer noquery
restrict -6 default nomodify notrap nopeer noquery
restrict 127.0.0.1 mask 255.255.255.0
restrict 204.17.205.0 mask 255.255.255.0
restrict -6 [2001:470:e815::]/64
restrict -6 ::1
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
# SHM for PPS and gpsd
server 127.127.28.1 prefer minpoll 4 maxpoll 4
fudge 127.127.28.1 refid PPS
# #20 GPS direct
server 127.127.20.0 mode 16 minpoll 4 maxpoll 4
fudge 127.127.20.0 flag1 1 flag2 0 refid GPS2
peer 204.17.205.1
peer 204.17.205.8 maxpoll 5 # spidey
peer 204.17.205.23 maxpoll 5 # pi3
peer 204.17.205.27
peer 204.17.205.30
# SHM for gpsd
server 127.127.28.0 minpoll 4 maxpoll 4
fudge 127.127.28.0 time1 0.450 refid GPS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160606/5ee6e6b1/attachment.bin>
More information about the devel
mailing list