aboutsummaryrefslogtreecommitdiff
path: root/ntpd/ntp.conf.5mdoc
diff options
context:
space:
mode:
Diffstat (limited to 'ntpd/ntp.conf.5mdoc')
-rw-r--r--ntpd/ntp.conf.5mdoc106
1 files changed, 50 insertions, 56 deletions
diff --git a/ntpd/ntp.conf.5mdoc b/ntpd/ntp.conf.5mdoc
index 951f33da4faa..b950e92cdeb9 100644
--- a/ntpd/ntp.conf.5mdoc
+++ b/ntpd/ntp.conf.5mdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd May 25 2024
.Dt NTP_CONF 5mdoc File Formats
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc)
.\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:37:32 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed May 25, 2024 at 12:03:50 AM by AutoGen 5.18.16
.\" From the definitions ntp.conf.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@@ -294,27 +294,15 @@ include authentication fields encrypted using the autokey scheme
described in
.Sx Authentication Options .
.It Cm burst
-when the server is reachable, send a burst of eight packets
-instead of the usual one.
-The packet spacing is normally 2 s;
-however, the spacing between the first and second packets
-can be changed with the
-.Ic calldelay
-command to allow
-additional time for a modem or ISDN call to complete.
-This is designed to improve timekeeping quality
-with the
+when the server is reachable, send a burst of six packets
+instead of the usual one. The packet spacing is 2 s.
+This is designed to improve timekeeping quality with the
.Ic server
command and s addresses.
.It Cm iburst
When the server is unreachable, send a burst of eight packets
instead of the usual one.
-The packet spacing is normally 2 s;
-however, the spacing between the first two packets can be
-changed with the
-.Ic calldelay
-command to allow
-additional time for a modem or ISDN call to complete.
+The packet spacing is 2 s.
This is designed to speed the initial synchronization
acquisition with the
.Ic server
@@ -889,7 +877,6 @@ range 1 to 65,535, inclusive.
.Op Cm leap Ar file
.Op Cm randfile Ar file
.Op Cm host Ar file
-.Op Cm sign Ar file
.Op Cm gq Ar file
.Op Cm gqpar Ar file
.Op Cm iffpar Ar file
@@ -952,14 +939,6 @@ encrypted.
Specifies the location of the random seed file used by the OpenSSL
library.
The defaults are described in the main text above.
-.It Cm sign Ar file
-Specifies the location of the optional sign key file.
-This overrides
-the link
-.Pa ntpkey_sign_ Ns Ar hostname
-in the keys directory.
-If this file is
-not found, the host key is also the sign key.
.El
.It Ic keys Ar keyfile
Specifies the complete path and location of the MD5 key file
@@ -1546,7 +1525,8 @@ by default the probability of replacing it with an
entry representing the client request being processed
now is 10%. Conversely, if the oldest entry is more
than 3000 seconds old, the probability is 100%.
-.It Xo Ic restrict address
+.It Xo Ic restrict
+.Ar address
.Op Cm mask Ar mask
.Op Cm ippeerlimit Ar int
.Op Ar flag ...
@@ -1554,21 +1534,22 @@ than 3000 seconds old, the probability is 100%.
The
.Ar address
argument expressed in
-dotted\-quad form is the address of a host or network.
+numeric form is the address of a host or network.
Alternatively, the
.Ar address
-argument can be a valid host DNS name.
+argument can be a valid hostname. When a hostname
+is provided, a restriction entry is created for each
+address the hostname resolves to, and any provided
+.Ar mask
+is ignored and an individual host mask is
+used for each entry.
The
.Ar mask
-argument expressed in dotted\-quad form defaults to
-.Cm 255.255.255.255 ,
-meaning that the
+argument expressed in numeric form defaults to
+all bits lit, meaning that the
.Ar address
is treated as the address of an individual host.
-A default entry (address
-.Cm 0.0.0.0 ,
-mask
-.Cm 0.0.0.0 )
+A default entry with address and mask all zeroes
is always included and is always the first entry in the list.
Note that text string
.Cm default ,
@@ -1605,12 +1586,12 @@ and
.Xr ntpdc 1ntpdcmdoc
queries.
.It Cm kod
-If this flag is set when an access violation occurs, a kiss\-o'\-death
-(KoD) packet is sent.
-KoD packets are rate limited to no more than one
-per second.
-If another KoD packet occurs within one second after the
-last one, the packet is dropped.
+If this flag is set when a rate violation occurs, a kiss\-o'\-death
+(KoD) packet is sometimes sent.
+KoD packets are rate limited to no more than one per minimum
+average interpacket spacing, set by
+.Cm discard average
+defaulting to 8s. Otherwise, no response is sent.
.It Cm limited
Deny service if the packet spacing violates the lower limits specified
in the
@@ -1700,15 +1681,13 @@ restriction flag.
Its presence causes the restriction entry to be
matched only if the source port in the packet is the standard NTP
UDP port (123).
-Both
+There can be two restriction entries with the same IP address if
+one specifies
.Cm ntpport
-and
-.Cm non\-ntpport
-may
-be specified.
+and the other does not.
The
.Cm ntpport
-is considered more specific and
+entry is considered more specific and
is sorted later in the list.
.It Ic "serverresponse fuzz"
When reponding to server requests,
@@ -1720,12 +1699,31 @@ Deny packets that do not match the current NTP version.
.Pp
Default restriction list entries with the flags ignore, interface,
ntpport, for each of the local host's interface addresses are
-inserted into the table at startup to prevent the server
-from attempting to synchronize to its own time.
+inserted into the table at startup to prevent ntpd
+from attempting to synchronize to itself, such as with
+.Cm manycastclient
+when
+.Cm manycast
+is also specified with the same multicast address.
A default entry is also always present, though if it is
otherwise unconfigured; no flags are associated
with the default entry (i.e., everything besides your own
NTP server is unrestricted).
+.It Xo Ic delrestrict
+.Op source
+.Ar address
+.Xc
+Remove a previously\-set restriction. This is useful for
+runtime configuration via
+.Xr ntpq 1ntpqmdoc
+. If
+.Cm source
+is specified, a dynamic restriction created from the
+.Cm restrict source
+template at the time
+an association was added is removed. Without
+.Cm source
+a static restriction is removed.
.El
.Sh Automatic NTP Configuration Options
.Ss Manycasting
@@ -2462,10 +2460,6 @@ Typically (for Ethernet), a
number between 0.003 and 0.007 seconds is appropriate.
The default
when this command is not used is 0.004 seconds.
-.It Ic calldelay Ar delay
-This option controls the delay in seconds between the first and second
-packets sent in burst or iburst mode to allow additional time for a modem
-or ISDN call to complete.
.It Ic driftfile Ar driftfile
This command specifies the complete path and name of the file used to
record the frequency of the local clock oscillator.
@@ -3302,7 +3296,7 @@ A snapshot of this documentation is available in HTML format in
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The syntax checking is not picky; some combinations of
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 16:56:42 +0000