Lines Matching +full:local +full:- +full:bd +full:- +full:address +full:- +full:broken
1 /* -*- Mode: Text -*- */
7 // We want the synopsis to be "/etc/ntp.conf" but we need the prog-name
8 // to be ntp.conf - the latter is also how autogen produces the output
10 prog-name = "ntp.conf";
11 file-path = "/etc/ntp.conf";
12 prog-title = "Network Time Protocol daemon (ntpd) configuration format";
15 explain = <<- _END_EXPLAIN
18 doc-section = {
19 ds-type = 'DESCRIPTION';
20 ds-format = 'mdoc';
21 ds-text = <<- _END_PROG_MDOC_DESCRIP
48 host addresses written in numeric, dotted-quad form,
64 .Bl -bullet -offset indent
102 type of the required IP address.
105 broadcast address of a local interface, (m) a multicast address (IPv4
106 class D), or (r) a reference clock address (127.127.x.x).
113 If the Basic Socket Interface Extensions for IPv6 (RFC-2553)
114 is detected, support for the IPv6 address family is generated
115 in addition to the default support of the IPv4 address family.
126 in the address field.
140 equivalent classes for that address family.
141 .Bl -tag -width indent
142 .It Xo Ic pool Ar address
151 .It Xo Ic server Ar address
162 .It Xo Ic peer Ar address
171 .It Xo Ic broadcast Ar address
179 .It Xo Ic manycastclient Ar address
189 These five commands specify the time server name or address to
192 .Ar address
194 either a DNS name or an IP address in dotted-quad notation.
201 .Bl -tag -width indent
205 In this mode the local clock can synchronized to the
207 the local clock.
210 client mode association with the specified remote server or local
212 In this mode the local clock can synchronized to the
214 the local clock.
221 persistent symmetric-active mode association with the specified
223 In this mode the local clock can be synchronized to
224 the remote peer or the remote peer can be synchronized to the local
227 various failure scenarios, either the local or remote peer may be
235 commands can be used to specify multiple local broadcast interfaces
237 Note that local
240 In broadcast mode the local server sends periodic broadcast
242 .Ar address
243 specified, which is usually the broadcast address on (one of) the
244 local network(s) or a multicast address assigned to NTP.
246 has assigned the multicast group address IPv4 224.0.1.1 and
247 IPv6 ff05::101 (site local) exclusively to
251 specification applies only to the local server operating as a
260 manycast client mode association for the multicast address
262 In this case a specific address must be supplied which
263 matches the address used on the
267 The NTP multicast address
274 command specifies that the local server
278 client broadcasts a request message to the group address associated
280 .Ar address
292 .Bl -tag -width indent
362 It specifies the time-to-live
375 Versions 1-4 are the choices, with version 4 the
392 .Bl -tag -width indent
395 any local interface (type b) address.
403 server and client should operate using symmetric-key or public-key
406 .It Ic manycastserver Ar address ...
408 the multicast group address(es) (type m) specified.
410 address is required, but the NTP multicast address 224.0.1.1
416 and client should operate using symmetric-key or public-key
419 .It Ic multicastclient Ar address ...
421 the multicast group address(es) (type m) specified.
429 both the server and client should operate using symmetric-key or
430 public-key authentication as described in
452 specification RFC-1305 defines a scheme which provides
457 DES-CBC.
459 5 (MD5) algorithm using a private key, commonly called keyed-MD5.
460 Either algorithm computes a message digest, or one-way hash, which
581 .Ss Symmetric-Key Cryptography
582 The original RFC-1305 specification allows any one of possibly
583 65,535 keys, each distinguished by a 32-bit key identifier, to
631 described in RFC-1305 and in addition the Autokey protocol,
659 All modes use in addition a variant of the S-KEY scheme,
660 in which a pseudo-random key list is generated and used
670 .Xr ntp-keygen 1ntpkeygenmdoc
721 using the host name, network address and public keys,
729 with network address translation schemes is not possible.
800 Bob sends Cathy a thing called a crypto-NAK, which tells her
824 .Xr ntp-keygen 1ntpkeygenmdoc
857 .Bl -tag -width indent
872 protocol defined in RFC-1305.
901 .Pa /usr/local/etc .
903 .Bl -tag -width indent
961 .Pa /usr/local/etc/ .
974 Specifies the interval between re-randomization of certain
978 deflect brute-force attacks on the algorithms of the scheme;
992 The authentication procedures require that both the local
998 arguments are 32-bit unsigned
1004 .Bl -tag -width indent
1074 .Bl -tag -width indent
1080 .Bl -tag -width indent
1087 .Bd -literal
1094 clock address in dotted-quad notation.
1109 .Bd -literal
1116 address in dotted-quad notation, The final message field includes the
1124 update of the local clock outputs a line of the following form to
1127 .Bd -literal
1134 show time offset (seconds), frequency offset (parts per million -
1146 .Bd -literal
1147 48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674
1153 show the peer address in dotted-quad notation and status,
1160 Enables recording of raw-timestamp statistics information.
1168 .Bd -literal
1175 show the remote peer or clock address followed by the local address
1176 in dotted-quad notation.
1188 .Bd -literal
1197 .Bl -tag -width indent
1253 .Bl -tag -width indent
1266 .Bl -tag -width indent
1274 server, usually specified as a compile-time constant.
1308 .Bl -tag -width indent
1340 is a 4-digit year number (e.g., 1992).
1352 The term week is defined by computing day-of-year
1356 filename base: A dot, a 4-digit year number, the letter
1358 and a 2-digit week number.
1365 file name suffix consists of a dot, a 4-digit year number, and
1366 a 2-digit month.
1377 and an 8-digit number.
1379 running at the start of the corresponding 24-hour period.
1415 daemon implements a general purpose address/mask based restriction
1417 The list contains address/match entries sorted first
1418 by increasing address values and and then by increasing mask values.
1420 source address is equal to the bitwise AND of the mask and
1421 address in the list.
1438 be useful for keeping unwanted or broken or malicious clients
1441 Source address based restrictions are easily circumvented
1461 .Ss The Kiss-of-Death Packet
1469 for this purpose called the "kiss-of-death" (KoD) packet.
1471 to zero and the reference identifier field set to a four-byte
1497 .Bl -tag -width indent
1515 and a kiss-o'-death packet returned if enabled.
1532 .Ar address
1538 .Ar address
1540 numeric form is the address of a host or network.
1542 .Ar address
1545 address the hostname resolves to, and any provided
1553 .Ar address
1554 is treated as the address of an individual host.
1555 A default entry with address and mask all zeroes
1565 where a value of -1 means "unlimited", the current default.
1580 restrict informational queries and attempts to do run-time
1584 .Bl -tag -width indent
1592 If this flag is set when a rate violation occurs, a kiss-o'-death
1631 to become the default in ntp-4.4.
1687 There can be two restriction entries with the same IP address if
1704 ntpport, for each of the local host's interface addresses are
1710 is also specified with the same multicast address.
1717 .Ar address
1719 Remove a previously-set restriction. This is useful for
1746 with the anycast paradigm described in RFC-1546,
1773 group address.
1774 The IANA has designated IPv4 address 224.1.1.1
1775 and IPv6 address FF05::101 (site local) for NTP.
1777 client messages to this address at the minimum feasible rate
1778 and minimum feasible time-to-live (TTL) hops, depending
1781 as different group address, each one serving as a template
1786 command listen on the specified group address for manycast
1804 Then, the client polls the server at its unicast address
1808 in a volley of eight client/server at 2-s intervals
1821 and the effects of implosion due to near-simultaneous
1950 group address will automatically organize themselves
1961 commands using, for instance, multicast group address
1989 re-associate accordingly.
2006 The program wakes up, scans the local landscape looking
2014 to a multicast group address, all manycast servers
2022 but the certificates remain in the local cache.
2043 .Bl -tag -width indent
2063 .Bl -tag -width indent
2080 .Bl -tag -width indent
2131 in an expanding-ring search.
2137 satellite and modem reference clocks plus a special pseudo-clock
2157 .Qq Pulse-per-second (PPS) Signal Interfacing
2195 correct but invalid IP address, in order to distinguish them from
2207 number in the range 0-3.
2216 .Ar address
2218 is the clock address.
2258 .Ar address
2259 argument specifies the clock address.
2267 device-dependent time offsets and four flags that can be included
2284 involving both a reference clock and a pulse-per-second (PPS)
2293 .Bl -tag -width indent
2306 .Bl -tag -width indent
2321 device-specific fashion.
2368 .Bl -tag -width indent
2371 the driver, a fixed-point decimal number in seconds.
2399 Specifies a fixed-point decimal number in seconds, which is
2400 interpreted in a driver-dependent way.
2421 device-specific fashion.
2450 .Bl -tag -width indent
2453 to determine the network delay between the local and remote
2468 record the frequency of the local clock oscillator.
2484 in parts-per-million (PPM).
2495 a 6-bit code.
2523 .Bl -tag -width indent
2535 address.
2551 Enables processing of NTP mode 7 implementation-specific requests
2585 receives a crypto-NAK packet that
2590 a properly forged and appropriately delivered crypto-NAK packet
2633 receives a crypto-NAK packet that
2638 a properly forged and appropriately delivered crypto-NAK packet
2687 .Ar name | Ar address
2701 or an address.
2702 In the address case,
2710 to open the address and drop all received packets without examination.
2714 The last rule which matches a particular address determines the action for it.
2718 .Fl -interface ,
2721 .Fl -novirtualips
2722 command-line options are specified in the configuration file,
2733 .Li https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
2735 .Li ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list .
2750 .Xr update-leap 1update_leapmdoc
2758 .Cm --enable-leap-smear
2765 .Sy DO NOT USE THIS OPTION ON PUBLIC-ACCESS SERVERS!
2781 .Ql - ,
2789 .Ql -
2833 .Bd -literal
2842 .Bd -literal
2870 .Bl -tag -width indent
2919 (frequency file) will be written, with a default value of 1e-7 (0.1 PPM).
2931 or the JJY driver (type 40, mode 100 - 180).
2935 For the JJY driver (type 40 mode 100 - 180), the argument is
2958 The next two numbers must be between 0 and one-half of the poll interval,
3002 .Bl -tag -width indent
3010 The default is 32 megabytes on non-Linux machines, and -1 under Linux.
3011 -1 means "do not lock the process into memory".
3039 .Cm config-from-file
3056 .Cm saveconfig\ ntp-%Y%m%d-%H%M%S.conf .
3133 .Bl -tag -width indent
3145 parts-per-million.
3150 huff-n'-puff filter span, which determines the most recent interval
3208 address and port number for sending messages with the specified
3209 local interface address.
3212 If the interface address is not specified, the
3213 message is sent with a source address of the local interface the
3222 mode these values are used in-turn in an expanding-ring search.
3235 an expanding-ring search.
3242 doc-section = {
3243 ds-type = 'FILES';
3244 ds-format = 'mdoc';
3245 ds-text = <<- _END_MDOC_FILES
3246 .Bl -tag -width /etc/ntp.drift -compact
3256 Diffie-Hellman agreement parameters
3261 doc-section = {
3262 ds-type = 'SEE ALSO';
3263 ds-format = 'mdoc';
3264 ds-text = <<- _END_MDOC_SEE_ALSO
3283 doc-section = {
3284 ds-type = 'BUGS';
3285 ds-format = 'mdoc';
3286 ds-text = <<- _END_MDOC_BUGS
3300 doc-section = {
3301 ds-type = 'NOTES';
3302 ds-format = 'mdoc';
3303 ds-text = <<- _END_MDOC_NOTES