ntp4xen.conf

1.  
2. # Permit time synchronization with our time source, but do not
3. # permit the source to query or modify the service on this system.
4. #===# this restricts who can talk to this server to obtain NTP information
5. restrict default kod nomodify notrap nopeer noquery
6. restrict -6 default kod nomodify notrap nopeer noquery
7.  
8. # Permit all access over the loopback interface. This could
9. # be tightened as well, but to do so would effect some of
10. # the administrative functions.
11. #===# self-explanatory
12. restrict 127.0.0.1
13. restrict -6 ::1
14.  
15.  
16. # Use Xen's public servers.
17. #===# This is in case your organization does not have its own internal NTP servers.
18. broadcast 192.168.0.255 key 42 # broadcast server
19. broadcastclient # broadcast client
20. #broadcast 224.0.1.1 key 42 # multicast server
21. #multicastclient 224.0.1.1 # multicast client
22. #manycastserver 239.255.254.254 # manycast server
23. #manycastclient 239.255.254.254 key 42 # manycast client
24.  
25. # Undisciplined Local Clock. This is a fake driver intended for backup
26. # and when no outside source of synchronized time is available.
27. #server 127.127.1.0 # local clock
28. #===# I add this to force the local machine to have a low stratum compared to external NTP servers.
29. fudge 127.127.1.0 stratum 10
30.  
31. # Drift file. Put this in a directory which the daemon can write to.
32. # No symbolic links allowed, either, since the daemon updates the file
33. # by creating a temporary in the same directory and then rename()'ing
34. # it to the file.
35. #===# This is where your machine stores its drift file, which is the estimated clock frequency error
36. driftfile /var/lib/ntp/drift
37.  
38. # Enable public key cryptography.
39. #crypto
40.  
41. includefile /etc/ntp/crypto/pw
42.  
43. # Key file containing the keys and key identifiers used when operating
44. # with symmetric key cryptography.
45. keys /etc/ntp/keys
46.  
47. # Specify the key identifiers which are trusted.
48. #trustedkey 4 8 42
49.  
50. # Specify the key identifier to use with the ntpdc utility.
51. #requestkey 8
52.  
53. # Specify the key identifier to use with the ntpq utility.
54. #controlkey 8
55.  
56. ### our local specifics ###
57. #===# This deals with how self-modifying the local server can be to its own settings, as well
58. #===# as not permitting external queries.
59. #restrict X.Y.0.0 mask 255.255.0.0 nomodify notrap
60. restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
61.  
62. #===# A list of your local (organizational) NTP servers
63. server 212.244.36.232 iburst
64. server 0.centos.pool.ntp.org iburst
65. server 1.centos.pool.ntp.org iburst
66. server 2.centos.pool.ntp.org iburst
67. server 3.centos.pool.ntp.org iburst
68. #server 0.europe.pool.ntp.org iburst
69. #server 1.europe.pool.ntp.org iburst
70. #server 2.europe.pool.ntp.org iburst
71. #server 3.europe.pool.ntp.org iburst
72.  
73. #===# Here is the option to add local peers (within a subnet, server pool, etc.)
74. # peers in case the standard NTP servers cannot be reached. These are the three XenServers in the pool.
75. peer 192.168.0.177 burst iburst minpoll 4 maxpoll 4
76. peer 192.168.0.178 burst iburst minpoll 4 maxpoll 4
77. peer 192.168.0.179 burst iburst minpoll 4 maxpoll 4
78. peer 192.168.0.180 burst iburst minpoll 4 maxpoll 4