From owner-freebsd-questions Sat Nov 6 15:34:38 1999 Delivered-To: freebsd-questions@freebsd.org Received: from dorifer.heim3.tu-clausthal.de (dorifer.heim3.tu-clausthal.de [139.174.243.252]) by hub.freebsd.org (Postfix) with ESMTP id CCD5414A16 for ; Sat, 6 Nov 1999 15:34:35 -0800 (PST) (envelope-from olli@dorifer.heim3.tu-clausthal.de) Received: (from olli@localhost) by dorifer.heim3.tu-clausthal.de (8.8.8/8.8.8) id AAA21045 for freebsd-questions@FreeBSD.ORG; Sun, 7 Nov 1999 00:34:34 +0100 (CET) (envelope-from olli) Date: Sun, 7 Nov 1999 00:34:34 +0100 (CET) From: Oliver Fromme Message-Id: <199911062334.AAA21045@dorifer.heim3.tu-clausthal.de> To: freebsd-questions@FreeBSD.ORG Subject: Re: adding xntpd to startup Organization: Administration Heim 3 Reply-To: freebsd-questions@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: TIN [version 1.2 RZTUC(3) PL2] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Marc Wandschneider wrote in list.freebsd-questions: > I'd like to run xntpd. I've set up an /etc/ntp.conf file, and > now the only problem is that I'm not sure how to add something to > "system startup". Add this line to /etc/rc.conf: xntpd_enable="YES" > as a second question, my machine will a. sync time from another > server on the net, and b. hopefully serve NTP requests on my LAN. All i > need then is the following in my ntp.conf: Use "server" lines to specify box to use as servers (i.e. to get time information FROM those machines). Use "restrict" lines for everything else (i.e. for machines that will get time information from you) _and_ for the servers. Here is an example ntp.conf that should get you going: driftfile /var/run/ntp.drift server my.favourite.server prefer server the.second.server server yet.another.server restrict default ignore restrict 10.20.0.0 mask 255.255.0.0 nomodify notrust restrict 192.168.42.42 restrict 172.16.47.11 restrict 10.123.8.15 restrict 127.0.0.1 Note that the order of "restrict" lines is important (the first match for a host is used). "restrict default ignore" should always be the first line, as a catch-all for the rest of the world. Any hosts an networks that you serve should be specified with the "nomodify notrust" options. This means that time service will be provided to those hosts and networks, but your machine will not accept any (possibly bogus) time information from them. All restrict lines without any options specify server from which you accept time information. This should be used for trusted time servers only, of course. Also note that localhost (127.0.0.1) must always be specified this way. xntpd doesn't like host names in "restrict" lines, so you have to use IP numbers. (At least this was the case some time ago, maybe this was changed in newer versions of xntpd.) Regards Oliver -- Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany (Info: finger userinfo:olli@dorifer.heim3.tu-clausthal.de) "In jedem Stück Kohle wartet ein Diamant auf seine Geburt" (Terry Pratchett) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message