| 1 | # Permit time synchronization with our time source, but do not |
|---|
| 2 | # permit the source to query or modify the service on this system. |
|---|
| 3 | #restrict default kod nomodify notrap nopeer noquery |
|---|
| 4 | #restrict -6 default kod nomodify notrap nopeer noquery |
|---|
| 5 | |
|---|
| 6 | # Permit all access over the loopback interface. This could |
|---|
| 7 | # be tightened as well, but to do so would effect some of |
|---|
| 8 | # the administrative functions. |
|---|
| 9 | restrict 127.0.0.1 |
|---|
| 10 | restrict -6 ::1 |
|---|
| 11 | |
|---|
| 12 | # Hosts on local network are less restricted. |
|---|
| 13 | restrict 10.30.1.0 mask 255.255.255.0 nomodify notrap |
|---|
| 14 | #restrict -6 2001:db8:3:331:: mask ffff:ffff:ffff:ffff:: nomodify notrap |
|---|
| 15 | restrict 10.30.130.0 mask 255.255.255.0 nomodify notrap |
|---|
| 16 | #restrict -6 2001:db8:3:2:: mask ffff:ffff:ffff:ffff:: nomodify notrap |
|---|
| 17 | restrict 10.30.2.1 mask 255.255.255.255 nomodify notrap |
|---|
| 18 | #restrict -6 2001:db8:3:336::1 mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff nomodify notrap |
|---|
| 19 | |
|---|
| 20 | # Use public servers from the pool.ntp.org project. |
|---|
| 21 | # Please consider joining the pool (http://www.pool.ntp.org/join.html). |
|---|
| 22 | #server 0.centos.pool.ntp.org |
|---|
| 23 | #server 1.centos.pool.ntp.org |
|---|
| 24 | #server 2.centos.pool.ntp.org |
|---|
| 25 | |
|---|
| 26 | #broadcast 192.168.1.255 key 42 # broadcast server |
|---|
| 27 | #broadcastclient # broadcast client |
|---|
| 28 | #broadcast 224.0.1.1 key 42 # multicast server |
|---|
| 29 | #multicastclient 224.0.1.1 # multicast client |
|---|
| 30 | #manycastserver 239.255.254.254 # manycast server |
|---|
| 31 | #manycastclient 239.255.254.254 key 42 # manycast client |
|---|
| 32 | |
|---|
| 33 | # Undisciplined Local Clock. This is a fake driver intended for backup |
|---|
| 34 | # and when no outside source of synchronized time is available. |
|---|
| 35 | server 127.127.1.0 # local clock |
|---|
| 36 | fudge 127.127.1.0 stratum 3 |
|---|
| 37 | |
|---|
| 38 | # Drift file. Put this in a directory which the daemon can write to. |
|---|
| 39 | # No symbolic links allowed, either, since the daemon updates the file |
|---|
| 40 | # by creating a temporary in the same directory and then rename()'ing |
|---|
| 41 | # it to the file. |
|---|
| 42 | driftfile /var/lib/ntp/drift |
|---|
| 43 | |
|---|
| 44 | # Key file containing the keys and key identifiers used when operating |
|---|
| 45 | # with symmetric key cryptography. |
|---|
| 46 | keys /etc/ntp/keys |
|---|
| 47 | |
|---|
| 48 | # Specify the key identifiers which are trusted. |
|---|
| 49 | #trustedkey 4 8 42 |
|---|
| 50 | |
|---|
| 51 | # Specify the key identifier to use with the ntpdc utility. |
|---|
| 52 | #requestkey 8 |
|---|
| 53 | |
|---|
| 54 | # Specify the key identifier to use with the ntpq utility. |
|---|
| 55 | #controlkey 8 |
|---|
