State of the microserver HOWTO
Gary E. Miller
gem at rellim.com
Tue Jun 7 02:27:12 UTC 2016
On Mon, 6 Jun 2016 20:32:07 -0400
"Eric S. Raymond" <esr at thyrsus.com> wrote:
> Gary E. Miller <gem at rellim.com>:
> > Yo Eric!
> > On Mon, 6 Jun 2016 19:54:22 -0400
> > "Eric S. Raymond" <esr at thyrsus.com> wrote:
> > > 1. How does ordering the refclocks in that way reduce startup
> > > glitches? As written this is a maddening, uninformative tease
> > > equivalent to mumbling "magic happens here". Please reply via a
> > > config with a better header comment.
> > As recently discussed on devel at ntpsec.org
> Assume I've never read that list, or anything else about NTP other
> than the HOWTO itself. Remember who we're teaching!
You want me to do all the work?!? You're the writer. :-)
> Complete config with improved header comment, please. Having me edit
> in stuff every time someone needs to correct or amplify an explanation
> will not scale and *will* drive me bugfuck crazy.
See below. Not sure what you want in the header.
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
# Enable this if you want statistics to be logged.
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
logconfig =syncall +clockall +peerall +sysall
# You do need to talk to an NTP server or two (or three).
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
# pick a different set every time it starts up. Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
#server 0.debian.pool.ntp.org iburst
#server 1.debian.pool.ntp.org iburst
#server 2.debian.pool.ntp.org iburst
#server 3.debian.pool.ntp.org iburst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
#restrict -4 default kod notrap nomodify nopeer noquery
#restrict -6 default kod notrap nomodify nopeer noquery
## Local users may interrogate the ntp server more closely.
restrict default nomodify notrap nopeer noquery
restrict -6 default nomodify notrap nopeer noquery
restrict 127.0.0.1 mask 255.255.255.0
restrict 18.104.22.168 mask 255.255.255.0
restrict -6 [2001:470:e815::]/64
restrict -6 ::1
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
# SHM for PPS and gpsd
server 127.127.28.1 prefer minpoll 4 maxpoll 4
fudge 127.127.28.1 refid PPS
# #20 GPS direct
server 127.127.20.0 mode 16 minpoll 4 maxpoll 4
fudge 127.127.20.0 flag1 1 flag2 0 refid GPS2
peer 22.214.171.124 maxpoll 5 # spidey
peer 126.96.36.199 maxpoll 5 # pi3
# SHM for gpsd
server 127.127.28.0 minpoll 4 maxpoll 4
fudge 127.127.28.0 time1 0.450 refid GPS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 473 bytes
Desc: OpenPGP digital signature
More information about the devel