| NTPD.CONF(5) | File Formats Manual | NTPD.CONF(5) |
ntpd.conf —
Network Time Protocol daemon configuration file
This manual page describes the format of the ntpd(8) configuration file.
ntpd.conf has the following format:
Empty lines and lines beginning with the ‘#’ character are ignored.
Keywords may be specified multiple times within the configuration file. The basic configuration options are as follows:
listen
on address [rtable
table-id]rtable keyword will specify
which routing table to listen on. By default
ntpd(8) will listen using the current
routing table. For example:
listen on *
or
listen on 127.0.0.1
listen on ::1
listen on 127.0.0.1 rtable 4
query
from address
query from 192.0.2.1
query from 2001:db8::1
sensor
device [correction
microseconds] [weight
weight-value] [refid
string] [stratum
stratum-value]
sensor *
sensor nmea0
An optional correction in microseconds can be given to compensate for the sensor's offset. The maximum correction is 127 seconds. For example, if a DCF77 receiver is lagging 70ms behind actual time:
sensor udcf0 correction 70000
The optional weight keyword permits
finer control over the relative importance of time sources (servers or
sensor devices). Weights are specified in the range 1 to 10; if no
weight is given, the default is 1. A server with a weight of 5, for
example, will have five times more influence on time offset calculation
than a server with a weight of 1.
An optional reference ID string - up to 4 ASCII characters - can be given to publish the sensor type to clients. RFC 2030 suggests some common reference identifiers, but new identifiers "can be contrived as appropriate." If an ID string is not given, ntpd(8) will use a generic reference ID. For example:
sensor nmea0 refid GPS
A stratum value other than the default of 1 can be assigned
using the stratum keyword.
server
address [weight
weight-value]
server 10.0.0.2 weight 5
server ntp.example.org weight 1
To provide redundancy, it is good practice to configure multiple servers. In general, best accuracy is obtained by using servers that have a low network latency.
servers
address [weight
weight-value]server, specify the IP address or hostname
of an NTP server to synchronize to. If it appears multiple times,
ntpd(8) will try to synchronize to all of
the servers specified. Should the hostname resolve to multiple IP
addresses, ntpd(8) will try to
synchronize to all of them. For example:
servers pool.ntp.org
servers pool.ntp.org weight 5
ntpd(8) can be configured to query the ‘Date’ from trusted HTTPS servers via TLS. This time information is not used for precision but acts as an authenticated constraint, thereby reducing the impact of unauthenticated NTP man-in-the-middle attacks. Received NTP packets with time information falling outside of a range near the constraint will be discarded and such NTP servers will be marked as invalid.
constraint
from urlconstraint from is used more than
once, ntpd(8) will calculate a median
constraint from all the servers specified.
server ntp.example.org
constraint from www.example.com
constraints
from urlconstraint from, specify the URL, IP
address or the hostname of an HTTPS server to provide a constraint. Should
the hostname resolve to multiple IP addresses,
ntpd(8) will calculate a median
constraint from all of them. For example:
servers pool.ntp.org
constraints from "https://www.google.com/"
The ntpd.conf file format first appeared
in OpenBSD 3.6.
| August 10, 2017 | OpenBSD-current |