Commit Graph

5 Commits

Author SHA1 Message Date
Xin LI
64957baacb Add limited to the default restrictions.
X-MFC-with:	r280849
2015-03-31 19:56:46 +00:00
Xin LI
b2c730e011 Tighten default restrictions for ntpd(8) server and provide a link
to NTP access restriction documentation.

The new default restrictions would allow only time queries from a
remote system and will KoD all other requests, but still allow
localhost to do make all requests.

These restrictions are also recommended for all Internet-facing
public NTP servers.

This changeset is intended for an instant MFC to stable/10 and
releng/10.0.
2013-12-27 23:06:15 +00:00
Xin LI
82607d1ec1 As of r232844 we no longer need the maxpoll 9 workaround.
MFC after:	3 days
2012-08-20 18:45:16 +00:00
David Malone
6b560b8e98 1) Use our vendor domain at the pool.
2) Point people at the pool website and encourage
   people to provide a server in the pool (as a
   courtesy to the pool guys).
3) Fix a spelling.
4) Comment out the local clock and include a link
   to documentation for use of the local clock on
   the ntp.org site.

Approved by:	re (kib)
2009-07-13 05:51:33 +00:00
Edwin Groothuis
e530f4b50d Welcome to a default installed /etc/ntp.conf
This NTP configuration file points to the [012].pool.ntp.org servers,
which will return a list of geographical local NTP servers.
It uses the best-practice options of "iburst" and "maxpoll 9".
It gives examples on how to use the "restrict" commands, which are
unfortunately not working when you use the pool.ntp.org servers.
It sets up a fudge server so any clients syncing against this server
will always be synced even if we lose the master.

The idea of this file was briefly discussed on -net.

PR:		conf/58595
Submitted by:	Chris Stenton <jacs@gnome.co.uk>
MFC after:	1 week
2009-06-07 13:26:57 +00:00