State of the microserver HOWTO

Gary E. Miller gem at rellim.com
Tue Jun 7 02:27:12 UTC 2016 

Yo Eric!

On Mon, 6 Jun 2016 20:32:07 -0400
"Eric S. Raymond" <esr at thyrsus.com> wrote:

> Gary E. Miller <gem at rellim.com>:
> > Yo Eric!
> > 
> > On Mon, 6 Jun 2016 19:54:22 -0400
> > "Eric S. Raymond" <esr at thyrsus.com> wrote:
> >   
> > > 1. How does ordering the refclocks in that way reduce startup
> > > glitches? As written this is a maddening, uninformative tease
> > > equivalent to mumbling "magic happens here".  Please reply via a
> > > config with a better header comment.  
> > 
> > As recently discussed on devel at ntpsec.org  
> 
> Assume I've never read that list, or anything else about NTP other
> than the HOWTO itself.  Remember who we're teaching!

You want me to do all the work?!?  You're the writer.  :-)

> Complete config with improved header comment, please.  Having me edit
> in stuff every time someone needs to correct or amplify an explanation
> will not scale and *will* drive me bugfuck crazy.

See below.  Not sure what you want in the header.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588


# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift


# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


logfile /var/log/ntpd.log  
logconfig =syncall +clockall +peerall +sysall

# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example

# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
# pick a different set every time it starts up.  Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
#server 0.debian.pool.ntp.org iburst
#server 1.debian.pool.ntp.org iburst
#server 2.debian.pool.ntp.org iburst
#server 3.debian.pool.ntp.org iburst


# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
#restrict -4 default kod notrap nomodify nopeer noquery
#restrict -6 default kod notrap nomodify nopeer noquery
#
## Local users may interrogate the ntp server more closely.
#restrict 127.0.0.1
#restrict ::1

restrict default nomodify notrap nopeer noquery
restrict -6 default nomodify notrap nopeer noquery
restrict 127.0.0.1 mask 255.255.255.0
restrict 204.17.205.0 mask 255.255.255.0
restrict -6 [2001:470:e815::]/64
restrict -6 ::1


# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust


# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient

# SHM for PPS and gpsd
server 127.127.28.1 prefer minpoll 4 maxpoll 4
fudge 127.127.28.1 refid PPS

# #20 GPS direct
server 127.127.20.0 mode 16 minpoll 4 maxpoll 4
fudge 127.127.20.0 flag1 1 flag2 0 refid GPS2

peer 204.17.205.1
peer 204.17.205.8 maxpoll 5 # spidey
peer 204.17.205.23 maxpoll 5 # pi3
peer 204.17.205.27
peer 204.17.205.30

# SHM for gpsd
server 127.127.28.0 minpoll 4 maxpoll 4
fudge 127.127.28.0 time1 0.450  refid GPS

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160606/5ee6e6b1/attachment.bin>

More information about the devel mailing list