Bye bye xntpd.

1 files changed, 0 insertions, 1075 deletions

diff --git a/usr.sbin/xntpd/doc/xntpd.8 b/usr.sbin/xntpd/doc/xntpd.8
deleted file mode 100644
index a4a290c77e5a..000000000000
--- a/usr.sbin/xntpd/doc/xntpd.8
+++ /dev/null
@@ -1,1075 +0,0 @@
-.\"
-.\" $FreeBSD$
-.\"
-.Dd December 21, 1993
-.Dt XNTPD 8
-.Os
-.Sh NAME
-.Nm xntpd
-.Nd Network Time Protocol daemon
-.Sh SYNOPSIS
-.Nm xntpd
-.Op Fl abdm
-.Op Fl c Ar conffile
-.Op Fl e Ar authdelay
-.Op Fl f Ar driftfile
-.Op Fl k Ar keyfile
-.Op Fl p Ar pidfile
-.Op Fl r Ar broadcastdelay
-.Op Fl s Ar statsdir
-.Op Fl t Ar trustedkey
-.Op Fl v Ar variable
-.Op Fl V Ar variable
-.Sh DESCRIPTION
-.Nm Xntpd
-is a daemon which sets and maintains a Unix system time\-of\-day in
-agreement with Internet standard time servers.
-.Nm Xntpd
-is a complete implementation of the Network Time Protocol (NTP) version
-3 standard, as defined by RFC 1305, but also retains compatibility with
-version 1 and 2 servers as defined by RFC 1059 and RFC 1119,
-respectively.
-.Nm Xntpd
-does all computations in fixed point arithmetic and requires no floating
-point code. The computations done in the protocol and clock adjustment
-code are carried out with high precision and with attention to the
-details which might introduce systematic bias into the computations, to
-try to maintain an accuracy suitable for synchronizing with even the
-most precise external time source.
-.Pp
-Ordinarily,
-.Nm
-reads its configuration from a configuration file at startup time. The
-default configuration file name is
-.Pa /etc/ntp.conf ,
-although this may be overridden from the command line. It is also
-possible to specify a working, although limited,
-.Nm
-configuration entirely on the command line, obviating the need for a
-configuration file. This may be particularly appropriate when
-.Nm
-is to be configured as a broadcast or multicast client, with all peers
-being determined by listening to broadcasts at run time. Various
-internal
-.Nm
-variables can be displayed and configuration options altered while the
-daemon is running through use of the
-.Xr ntpq 8
-and
-.Xr xntpdc 8
-programs.
-.Pp
-The daemon can operate in any of several modes, including symmetric
-active/passive, client/server and broadcast/multicast. A
-broadcast/multicast client can automatically discover remote servers,
-compute one-way delay correction factors and configure itself
-automatically. This makes it possible to deploy a fleet of workstations
-without specifying a configuration file or configuration details
-specific to its environment.
-.Pp
-The following command line arguments are understood by
-.Nm
-(see the configuration file description for a more complete functional
-description):
-.Bl -tag -width indent
-.It Fl a
-Run in
-.Qq "authenticate"
-mode.
-.It Fl b
-Listen for broadcast NTP and sync to this if available.
-.It Fl c
-Specify an alternate configuration file.
-.It Fl d
-Specify debugging mode. This flag may occur multiple times, with each
-occurance indicating greater detail of display.
-.It Fl e
-Specify the time (in seconds) it takes to compute the NTP encryption
-field on this computer.
-.It Fl f Ar driftfile
-Specify the location of the drift file.
-.It Fl k
-Specify the location of the file which contains the NTP authentication
-keys.
-.It Fl m
-Listen for multicast messages and synchronize to them if available
-(requires multicast kernel).
-.It Fl p
-Specify the name of the file to record the daemon's process id.
-.It Fl r
-Ordinarily, the daemon automatically compensates for the network delay
-between the broadcast/multicast server and the client; if the
-calibration procedure fails, use the specified the default delay (in
-seconds).
-.It Fl s
-Specify the directory to be used for creating statistics files.
-.It Fl t Ar trustedkey
-Add a key number to the trusted key list.
-.It Fl v
-Add a system variable.
-.It Fl V
-Add a system variable listed by default.
-.El
-.Sh "CONFIGURATION OPTIONS"
-.Nm Xntpd Ns 's
-configuration file format is similar to other Unix configuration files.
-Comments begin with a
-.Qq #
-character and extend to the end of the
-line. Blank lines are ignored. Configuration commands consist of an
-initial keyword followed by a list of arguments, some of which may be
-optional, separated by whitespace. These commands may not be continued
-over multiple lines. Arguments may be host names, host addresses written
-in numeric, dotted\-quad form, integers, floating point numbers (when
-specifying times in seconds) and text strings. Optional arguments are
-delimited by
-.Qq []
-in the following descriptions, while
-alternatives are separated by
-.Qq \&| .
-.Pp
-.Bl -tag -width indent
-.It Xo peer
-.Ar host_address
-.Op key Ar #
-.Op version Ar #
-.Op prefer
-.Xc
-.It Xo server
-.Ar host_address
-.Op key Ar #
-.Op version Ar #
-.Op prefer
-.Xc
-.It Xo broadcast
-.Ar host_address
-.Op key Ar #
-.Op version Ar #
-.Op ttl Ar #
-.Xc
-.Pp
-These three commands specify various time servers to be used and/or time
-services to be provided. The
-.Em peer
-command specifies that the local server is to operate in
-.Qq symmetric active
-mode with the remote server
-.Ar host_address
-named in the command. In this mode the local server can be synchronized
-to the remote server and, in addition, the remote server can be
-synchronized by the local server. This is useful in a network of servers
-where, depending on various failure scenarios, either the local or
-remote server host may be the better source of time. The
-.Em server
-command specifies that the local server is to operate in
-.Qq client
-mode with the remote server named in the command. In
-this mode the local server can be synchronized to the remote server, but
-the remote server can never be synchronized to the local server. The
-.Em broadcast
-command specifies that the local server is to operate in
-.Qq broadcast
-mode where the local server sends periodic broadcast
-messages to a client population at the broadcast/multicast address named
-in the command. Ordinarily, this specification applies only to the local
-server operating as a transmitter; for operation as a broadcast client,
-see the
-.Em broadcastclient
-or
-.Em multicastclient
-commands elsewhere in this document. In this mode the
-.Ar host_address
-is usually the broadcast address on [one of] the local network[s] or a
-multicast address assigned to NTP. The Numbers Czar has assigned the
-address 224.0.1.1 to NTP; this is presently the only number that should
-be used. Note that the use of multicast features requires a multicast
-kernel, which is not yet ubiquitous in vendor products.
-.Pp
-The
-.Ar key
-option, when included, indicates that all packets sent to the address
-are to include authentication fields encrypted using the specified key
-number (the range of which is that of an unsigned 32 bit integer). The
-default is to not include an encryption field. The
-.Ar version
-option allows one to specify the version number to be used for outgoing
-NTP packets. Versions 1, 2, and 3 are the choices, version 3 is the
-default. The
-.Ar prefer
-option marks the host as a preferred host. All other things being equal,
-this host will be chosen for synchronization among a set of correctly
-operating hosts. The
-.Ar ttl
-option is used only with the broadcast mode. It specifies the time-to-live
-(TTL) to use on multicast packets. Selection of the proper value,
-which defaults to 127, is something of a black art and must be
-coordinated with the network admistrator(s).
-.It broadcastclient
-This directs the local server to listen for broadcast messages on the
-local network, in order to discover other servers on the same subnet.
-Upon hearing a broadcast message for the first time, the local server
-measures the nominal network delay using a brief client/server exchange
-with the remote server, then enters the
-.Qq broadcastclient
-mode,
-in which it listens for and synchronizes to succeeding broadcast
-messages. Note that, in order to avoid accidental or malicious
-disruption in this mode, both the local and remote servers must operate
-using authentication with the same trusted key and key identifier.
-.It multicastclient Op Ar IP address ...
-This command is used in the same way as the
-.Em broadcastclient
-command, but operates using IP multicasting. Support for this function
-requires a multicast kernel and the use of authentication. If one or
-more IP addresses are given, the server joins the respective multicast
-group(s). If none are given, the IP address assigned to NTP (224.0.1.1)
-is assumed.
-.It driftfile Ar filename
-This command specifies the name of the file used to record the frequency
-offset of the local clock oscillator. If the file exists, it is read at
-startup in order to set the initial frequency offset and then updated
-once per hour with the current offset computed by the daemon. If the
-file does not exist or this command is not given, the initial frequency
-offset is assumed zero. In this case, it may take some hours for the
-frequency to stabilize and the residual timing errors to subside. The
-file contains a single floating point value equal to the offset in
-parts-per-million (ppm). Note that the file is updated by first writing
-the current drift value into a temporary file and then using
-.Xr rename 2
-to replace the old version. This implies that
-.Nm
-must have write permission for the directory the drift file is located
-in, and that file system links, symbolic or otherwise, should probably
-be avoided.
-.It enable Ar auth|bclient|pll|monitor|stats Op Ar ...
-Provide a way to enable various server options. Flags not mentioned are
-unaffected. The
-.Ar auth
-flag causes the server to synchronize
-with unconfigured peers only if the peer has been correctly
-authenticated using a trusted key and key identifier. The default for
-this flag is disable (off). The
-.Ar bclient
-flag causes the server
-to listen for a message from a broadcast or multicast server, following
-which an association is automatically instantiated for that server. The
-default for this flag is disable (off). The
-.Ar pll
-flag enables
-the server to adjust its local clock, with default enable (on). If not
-set, the local clock free-runs at its intrinsic time and frequency
-offset. This flag is useful in case the local clock is controlled by
-some other device or protocol and NTP is used only to provide
-synchronization to other clients. The
-.Ar monitor
-flag enables the
-monitoring facility (see elsewhere), with default enable (on). The
-.Ar stats
-flag enables statistics facility filegen (see
-description elsewhere.), with default enable (on).
-.It disable Ar auth|bclient|pll|monitor|stats Op Ar ...
-Provide a way to disable various server options. Flags not mentioned
-are unaffected. The flags presently available are described under the
-enable command.
-.El
-.Sh "AUTHENTICATION OPTIONS"
-.Bl -tag -width indent
-.It keys Ar filename
-This command specifies the name of a file which contains the encryption
-keys and key identifiers used by
-.Nm
-when operating in authenticated mode. The format of this file is
-described later in this document.
-.It trustedkey Ar # Op Ar # ...
-This command is used to specify the encryption key identifiers which are
-trusted for the purposes of authenticating peers suitable for
-sychonization. The authentication procedures require that both the local
-and remote servers share the same key and key identifier for this
-purpose, although different keys can be used with different servers. The
-arguments are 32 bit unsigned integers. Note, however, that NTP key 0 is
-fixed and globally known. If meaningful authentication is to be
-performed the 0 key should not be trusted.
-.It requestkey Ar #
-This command specifies the key identifier to use with the
-.Xr xntpdc 8
-program, which is useful to diagnose and repair problems that affect
-.Nm
-operation. The operation of the
-.Nm xntpdc
-program are specific to this particular implementation of
-.Nm
-and can
-be expected to work only with this and previous versions of the daemon.
-Requests from a remote
-.Nm xntpdc
-program which affect the state of the
-local server must be authenticated, which requires bot the remote
-program and local server share a common key and key identifier. The
-argument to this command is a 32 bit unsigned integer. If no
-.Em controlkey
-command is included in the configuration file, or if the keys don't
-match, such requests will be ignored.
-.It controlkey Ar #
-This command specifies the key identifier to use with the
-.Xr ntpq 8
-program, which is useful to diagnose and repair problems that affect
-.Nm
-operation. The operation of the
-.Nm ntpq
-program and
-.Nm
-conform to those specified in RFC 1305. Requests from a remote
-.Nm ntpq
-program which affect the state of the local server must be
-authenticated, which requires bot the remote program and local server
-share a common key and key identifier. The argument to this command is a
-32 bit unsigned integer. If no
-.Em requestkey
-command is included in the configuration file, or if the keys don't
-match, such requests will be ignored.
-.It authdelay Ar seconds
-Indicate the amount of time it takes to encrypt an NTP authentication
-field on the local computer. This value is used to correct transmit
-timestamps when the authentication is used on outgoing packets. The
-value usually lies somewhere in the range 0.0001 seconds to 0.003
-seconds, though it is very dependent on the CPU speed of the host
-computer. The value is usually computed using the
-.Em authspeed
-program included with the distribution.
-.El
-.Sh "ACCESS CONTROL OPTIONS"
-.Bl -tag -width indent
-.It Xo restrict
-.Ar address
-.Op mask Ar numeric_mask
-.Op Ar flag
-.Op Ar ...
-.Xc
-.Nm Xntpd
-implements a general purpose address\-and\-mask based restriction list.
-The list is sorted by address and by mask, and the list is searched in
-this order for matches, with the last match found defining the
-restriction flags associated with the incoming packets. The source
-address of incoming packets is used for the match, with the 32 bit
-address being and'ed with the mask associated with the restriction entry
-and then compared with the entry's address (which has also been and'ed
-with the mask) to look for a match. The
-.Em mask
-argument defaults
-to 255.255.255.255, meaning that the
-.Em address
-is treated as the
-address of an individual host. A default entry (address 0.0.0.0, mask
-0.0.0.0) is always included and, given the sort algorithm, is always the
-first entry in the list. Note that, while
-.Em address
-is normally
-given in dotted\-quad format, the text string
-.Em default ,
-with no
-mask option, may be used to indicate the default entry.
-.Pp
-In the current implementation, flags always restrict access, i.e. an
-entry with no flags indicates that free access to the server is to be
-given. The flags are not orthogonal, in that more restrictive flags will
-often make less restrictive ones redundant. The flags can generally be
-classed into two catagories, those which restrict time service and those
-which restrict informational queries and attempts to do run time
-reconfiguration of the server. One or more of the following flags may be
-specified:
-.Bl -tag -width indent
-.It ignore
-Ignore all packets from hosts which match this entry. If this flag is
-specified neither queries nor time server polls will be responded to.
-.It noquery
-Ignore all NTP mode 6 and 7 packets (i.e. information queries and
-configuration requests) from the source. Time service is not affected.
-.It nomodify
-Ignore all NTP mode 6 and 7 packets which attempt to modify the state of
-the server (i.e. run time reconfiguration). Queries which return
-information are permitted.
-.It notrap
-Decline to provide mode 6 control message trap service to matching
-hosts. The trap service is a subsystem of the mode 6 control message
-protocol which is intended for use by remote event logging programs.
-.It lowpriotrap
-Declare traps set by matching hosts to be low priority. The number of
-traps a server can maintain is limited (the current limit is 3). Traps
-are usually assigned on a first come, first served basis, with later
-trap requestors being denied service. This flag modifies the assignment
-algorithm by allowing low priority traps to be overridden by later
-requests for normal priority traps.
-.It noserve
-Ignore NTP packets whose mode is other than 6 or 7. In effect, time
-service is denied, though queries may still be permitted.
-.It nopeer
-Provide stateless time service to polling hosts, but do not allocate
-peer memory resources to these hosts even if they otherwise might be
-considered useful as future synchronization partners.
-.It notrust
-Treat these hosts normally in other respects, but never use them as
-synchronization sources.
-.It limited
-These hosts are subject to limitation of number of clients from the same
-net. Net in this context refers to the IP notion of net (class A, class
-B, class C, etc.). Only the first
-.Qq client_limit
-hosts that have
-shown up at the server and that have been active during the last
-.Qq client_limit_period
-seconds are accepted. Requests from other
-clients from the same net are rejected. Only time request packets are
-taken into account.
-.Qq Private ,
-.Qq control ,
-and
-.Qq broadcast
-packets are not subject to client limitation and
-therefore are not contributing to client count. History of clients is
-kept using the monitoring capability of
-.Nm Ns .
-Thus, monitoring is active as long as there is a restriction entry with
-the
-.Qq limited
-flag. The default value for
-.Qq client_limit
-is 3. The default value for
-.Qq client_limit_period
-is 3600 seconds.
-.It ntpport
-This is actually a match algorithm modifier, rather than a restriction
-flag. Its presence causes the restriction entry to be matched only if
-the source port in the packet is the standard NTP UDP port (123). Both
-.Qq ntpport
-and
-.Pf non\- Qq ntpport
-may be specified. The
-.Qq ntpport
-is considered more specific and is sorted later in the
-list.
-.El
-.Pp
-Default restriction list entries, with the flags
-.Qq ignore ,
-.Qq ntpport ,
-for each of the local host's interface addresses are
-inserted into the table at startup to prevent the server from attempting
-to synchronize to its own time. A default entry is also always present,
-though if it is otherwise unconfigured no flags are associated with the
-default entry (i.e. everything besides your own NTP server is
-unrestricted).
-.Pp
-The restriction facility was added to allow the current access policies
-of the time servers running on the NSFnet backbone to be implemented
-with
-.Nm
-as well. While this facility may be otherwise useful for keeping
-unwanted or broken remote time servers from affecting your own, it
-should not be considered an alternative to the standard NTP
-authentication facility. Source address based restrictions are easily
-circumvented by a determined cracker.
-.It clientlimit Ar limit
-Set
-.Qq client_limit
-to
-.Ar limit ,
-allow configuration of
-client limitation policy. This variable defines the number of clients
-from the same network that are allowed to use the server.
-.It clientperiod Ar period
-Set
-.Qq client_limit_period ,
-allow configuration of client
-limitation policy. This variable specifies the number of seconds after
-which a client is considered inactive and thus no longer is counted for
-client limit restriction.
-.El
-.Sh "MONITORING OPTIONS"
-.Bl -tag -width indent 
-.It statsdir Ar /directory path/
-Indicate the full path of a directory where statistics files should be
-created (see below). This keyword allows the (otherwise constant)
-filegen filename prefix to be modified for file generation sets used for
-handling statistics logs (see
-.Em filegen
-statement below).
-.It statistics Ar name Ns ...
-Enable writing of statistics records. Currently, three kinds of
-statistics are supported:
-.Bl -tag -width indent
-.It loopstats
-Enable recording of loop filter statistics information. Each update of
-the local clock outputs a line of the following form to the file
-generation set named
-.Qq loopstats :
-.Dl 48773 10847.650 0.0001307 17.3478 2
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next three fields show
-time offset in seconds, frequency offset in parts-per-million and time
-constant of the clock-discipline algorithm at each update of the clock.
-.It peerstats
-Enable recording of peer statistics information. This includes
-statistics records of all peers of a NTP server and of the 1-pps signal,
-where present and configured. Each valid update appends a line of the
-following form to the current element of a file generation set named
-.Qq peerstats :
-.Dl 48773 10847.650 127.127.4.1 9714 -0.001605 0.00000 0.00142
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next two fields show the
-peer address in dotted-quad notation and status, respectively. The
-status field is encoded in hex in the format described in Appendix A of
-the NTP specification RFC 1305. The final three fields show the offset,
-delay and dispersion, all in seconds.
-.It clockstats
-Enable recording of clock driver statistics information. Each update
-received from a clock driver outputs a line of the following form to the
-file generation set named
-.Qq clockstats :
-.Dl 49213 525.624 127.127.4.1 93 226 00:08:29.606 D
-The first two fields show the date (Modified Julian Day) and time
-(seconds and fraction past UTC midnight). The next field shows the clock
-address in dotted-quad notation, The final field shows the last timecode
-received from the clock in decoded
-.Tn ASCII
-format, where meaningful. In
-some clock drivers a good deal of additional information can be gathered
-and displayed as well. See information specific to each clock for
-further details.
-.El
-.Pp
-Statistic files are managed using file generation sets (see
-.Em filegen
-below). The information obtained by enabling statistics recording allows
-analysis of temporal properties of a
-.Nm
-server. It is usually only useful to primary servers or maybe main
-campus servers.
-.It Xo filegen
-.Ar name
-.Op file Ar filename
-.Op type Ar typename
-.Op flag Ar flagval
-.Op link | nolink
-.Op enable | disable
-.Xc
-Configure setting of generation file set
-.Ar name .
-Generation file sets provide a means for handling files that are
-continously growing during the lifetime of a server. Server statistics
-are a typical example for such files. Generation file sets provide
-access to a set of files used to store the actual data. At any time at
-most one element of the set is being written to. The
-.Em type
-given specifies when and how data will be directed to a new element of
-the set. This way, information stored in elements of a file set that are
-currently unused are available for administrational operations without
-the risc of desturbing the operation of
-.Nm Ns .
-(Most important: they can be removed to free space for new data
-produced.) Filenames of set members are built from three elements:
-.Bl -tag -width indent
-.It prefix
-This is a constant filename path. It is not subject to modifications via
-the
-.Em filegen
-statement. It is defined by the server, usually specified as a compile
-time constant. It may, however, be configurable for individual file
-generation sets via other commands. For example, the prefix used with
-.Qq loopstats
-and
-.Qq peerstats
-filegens can be configured using the
-.Em statsdir
-statement explained above.
-.It filename
-This string is directly concatenated to the
-.Em prefix
-mentioned above (no intervening
-.Sq /
-(slash)). This can be
-modified using the
-.Ar file
-argument to the
-.Em filegen
-statement. No
-.Qq ..
-elements are allowed in this component to
-prevent filenames referring to parts outside the filesystem hierarchy
-denoted by
-.Em prefix .
-.It suffix
-This part is reflects individual elements of a file set. It is generated
-according to the
-.Em type
-of a file set as explained below.
-.El
-.Pp
-A file generation set is characterized by its type. The following types
-are supported:
-.Bl -tag -width indent
-.It none
-The file set is actually a single plain file.
-.It pid
-One element of file set is used per incarnation of a
-.Nm
-server. This type does not perform any changes to file set members
-during runtime, however it provides an easy way of seperating files
-belonging to different
-.Nm
-server incarnations. The set member filename is built by appending a dot
-.Pf ( Sq \&. Ns )
-to concatentated
-.Em prefix
-and
-.Em filename
-strings, and appending the decimal representation of the process id of
-the
-.Nm
-server process.
-.It day
-One file generation set element is created per day. The term
-.Em day
-is based on
-.Tn UTC .
-A day is defined as the period between 00:00 and 24:00
-.Tn UTC .
-The file set
-member suffix consists of a dot
-.Pf ( Qq \&. Ns )
-and a day specification in
-the form
-.Aq YYYYMMDD .
-.Em YYYY
-is a 4 digit year number (e.g. 1992).
-.Em MM
-is a two digit month number.
-.Em DD
-is a two digit day number. Thus, all information written at December
-10th, 1992 would end up in a file named
-.Qq <prefix><filename>.19921210 .
-.It week
-Any file set member contains data related to a certain week of a year.
-The term
-.Em week
-is definied by computing
-.Qq day of year
-modulo 7. Elements of
-such a file generation set are distinguished by appending the following
-suffix to the file set filename base: a dot, a four digit year number,
-the letter
-.Qq W ,
-and a two digit week number. For example,
-information from Jamuary, 10th 1992 would end up in a file with suffix
-.Qq .1992W1 .
-.It month
-One generation file set element is generated per month. The file name
-suffix consists of a dot, a four digit year number, and a two digit
-month.
-.It year
-One generation file element is generated per year. The filename suffix
-consists of a dot and a 4 digit year number.
-.It age
-This type of file generation sets changes to a new element of the file
-set every 24 hours of server operation. The filename suffix consists of
-a dot, the letter
-.Qq a ,
-and an eight digit number. This number is
-taken to be the number of seconds the server is running at the start of
-the corresponding 24 hour period.
-.El
-.Pp
-Information is only written to a file generation set when this set is
-.Qq enabled .
-Output is prevented by specifying
-.Qq disabled .
-.Pp
-It is convenient to be able to access the
-.Em current
-element of a file generation set by a fixed name. This feature is
-enabled by specifying
-.Qq link
-and disabled using
-.Qq nolink .
-If
-.Qq link
-is specified, a hard link from the
-current file set element to a file without suffix is created. When there
-is already a file with this name and the number of links of this file is
-one, it is renamed appending a dot, the letter
-.Qq C ,
-and the pid
-of the
-.Nm
-server process. When the number of links is greater than one, the file
-is unlinked. This allows the current file to be accessed by a constant
-name.
-.El
-.Sh "MISCELLANEOUS OPTIONS"
-.Bl -tag -width indent
-.It precision Ar #
-This command specifies the nominal precision of the local clock. The
-value is an integer approximately equal to the base 2 logarithm of the
-local timekeeping precision in seconds. Normally, the daemon determines
-the precision automatically at startup, so this command is necessary
-only in special cases when the precision cannot be determined
-automatically.
-.It broadcastdelay Ar seconds
-The broadcast and multicast modes require a special calibration to
-determine the network delay between the local and remote servers.
-Ordinarily, this is done automatically by the initial protocol exchanges
-between the local and remote servers. In some cases, the calibration
-procedure may fail due to network or server access controls, for
-example. This command specifies the default delay to be used under these
-circumstances. Typically (for Ethernet), a number between 0.003 and
-0.007 seconds is appropriate. The default when this command is not used
-is 0.004 seconds.
-.It Xo trap
-.Ar host_address
-.Op port Ar port_number
-.Op interface Ar interface_addess
-.Xc
-This command configures a trap receiver at the given host address and
-port number for sending messages with the specified local interface
-address. If the port number is unspecified a value of 18447 is used. If
-the interface address is not specified the message is sent with a source
-address which is that of the local interface the message is sent
-through. Note that on a multihomed host the interface used may vary from
-time to time with routing changes.
-.Pp
-The trap receiver will generally log event messages and other
-information from the server in a log file. While such monitor programs
-may also request their own trap dynamically, configuring a trap receiver
-will ensure that no messages are lost when the server is started.
-.It Xo setvar
-.Ar variable
-.Op Ar default
-.Xc
-This command adds an additional system variable. These variables can be
-used to distribute additional information such as the access policy. If
-the variable of the form <name>=<value> is followed by the
-.Em default
-keyword the variable will be listed as part of the default system
-variables
-.Pf ( Nm ntpq
-rv command). These additional variables serve informational purposes only.
-They are not related to the protocol other that they can be listed. The
-known protocol variables will always overide any variables defined via
-the
-.Em setvar
-mechanism.
-.Pp
-There are three special variables that contain the names of all variable
-of the same group. The
-.Em sys_var_list
-holds the names of all system variables. The
-.Em peer_var_list
-holds the names of all peer variables and the
-.Em clock_var_list
-hold the names of the reference clock variables.
-.It monitor Ar yes|no
-.It authenticate Ar yes|no
-These commands have been superseded by the
-.Em enable
-and
-.Em disable
-commands. They are listed here for historical purposes.
-.El
-.Sh "AUTHENTICATION KEY FILE FORMAT"
-The
-.Tn NTP
-standard specifies an extension allowing verification of the
-authenticity of received NTP packets, and to provide an indication of
-authenticity in outgoing packets. This is implemented in
-.Nm
-using the DES or MD5 algorithms to compute a digital signature, or
-message-digest. The specification allows any one of possibly 4 billion
-keys, numbered with 32 bit key identifiers, to be used to authenticate
-an association. The servers involved in an association must agree on the
-key and key identifier used to authenticate their data, though they must
-each learn the key and key identifer independently. In the case of DES,
-the keys are 56 bits long with, depending on type, a parity check on
-each byte. In the case of MD5, the keys are 64 bits (8 bytes).
-.Nm Xntpd
-reads its keys from a file specified using the
-.Fl k
-command line option or the
-.Em keys
-statement in the configuration file. While key number 0 is fixed by the
-.Tn NTP
-standard (as 56 zero bits) and may not be changed, one or more of
-the keys numbered 1 through 15 may be arbitrarily set in the keys file.
-.Pp
-The key file uses the same comment conventions as the configuration
-file. Key entries use a fixed format of the form:
-.Pp
-.Dl keyno type key
-.Pp
-where
-.Em keyno
-is a positive integer,
-.Em type
-is a single
-character which defines the format the key is given in, and
-.Em key
-is the key itself.
-.Pp
-The key may be given in one of three different formats, controlled by
-the
-.Em type
-character. The three key types, and corresponding
-formats, are listed following:
-.Bl -tag -width indent
-.It S
-The
-.Em key
-is a 64 bit hexadecimal number in the format specified
-in the DES document, that is the high order 7 bits of each octet are
-used to form the 56 bit key while the low order bit of each octet is
-given a value such that odd parity is maintained for the octet. Leading
-zeroes must be specified (i.e. the key must be exactly 16 hex digits
-long) and odd parity must be maintained. Hence a zero key, in standard
-format, would be given as
-.Em 0101010101010101 .
-.It N
-The
-.Em key
-is a 64 bit hexadecimal number in the format specified
-in the
-.Tn NTP
-standard. This is the same as the DES format except the bits
-in each octet have been rotated one bit right so that the parity bit is
-now the high order bit of the octet. Leading zeroes must be specified
-and odd parity must be maintained. A zero key in NTP format would be
-specified as
-.Em 8080808080808080 .
-.It A
-The
-.Em key
-is a 1\-to\-8 character
-.Tn ASCII
-string. A key is formed from this by using the lower order 7 bits of the
-.Tn ASCII
-representation of
-each character in the string, with zeroes being added on the right when
-necessary to form a full width 56 bit key, in the same way that
-encryption keys are formed from Unix passwords.
-.It M
-The
-.Em key
-is a 1\-to\-8 character
-.Tn ASCII
-string, using the MD5
-authentication scheme. Note that both the keys and the authentication
-schemes (DES or MD5) must be identical between a set of peers sharing
-the same key number.
-.El
-.Pp
-One of the keys may be chosen,
-by way of the configuration file
-.Em requestkey
-statement, to authenticate run time configuration requests made using
-the
-.Xr xntpdc 8
-program. The latter program obtains the key from the terminal as a
-password, so it is generally appropriate to specify the key chosen to be
-used for this purpose in
-.Tn ASCII
-format.
-.Sh PRIMARY CLOCK SUPPORT
-.Nm Xntpd
-can be optionally compiled to include support for a number of types of
-reference clocks. A reference clock will generally (though not always)
-be a radio timecode receiver which is synchronized to a source of
-standard time such as the services offered by the NRC in Canada and NIST
-in the U.S. The interface between the computer and the timecode receiver
-is device dependent and will vary, but is often a serial port.
-.Pp
-Support for the various reference clock drivers is conditionally
-compiled using the compiler define codes described elsewhere. An attempt
-to configure a reference clock when specific support is not available or
-the hardware port has not been appropriately configured results in a
-scolding remark to the system log file, but is otherwise non hazardous.
-.Pp
-For the purposes of configuration,
-.Nm
-treats reference clocks in a manner analogous to normal
-.Tn NTP
-peers as
-much as possible. Reference clocks are referred to by address, much as a
-normal peer is, though an invalid IP address is used to distinguish them
-from normal peers. Reference clock addresses are of the form
-.Em 127.127.t.u
-where
-.Em t
-is an integer denoting the clock type and
-.Em u
-indicates the type\-specific unit number. Reference clocks are
-configured using a
-.Em server
-statement in the configuration file where the
-.Em host_address
-is the clock address. The
-.Em key,
-.Em version
-and
-.Em ttl
-options are not used for reference clock support; however, the
-.Em prefer
-option can be useful to persuade the server to cherish a reference clock
-with somewhat more enthusiasm than other reference clocks or peers, if
-this is advisable. Clock addresses may generally be used anywhere in the
-configuration file a normal IP address can be used, for example, in
-.Em restrict
-statements, although such use would normally be considered strange.
-.Pp
-Reference clock support provides the
-.Em fudge
-command, which can be used to configure reference clocks in special
-ways. Following is the generic format that applies to this command:
-.Pp
-fudge
-.Ar 127.127.t.u
-.Op time1 Ar secs
-.Op time2 Ar secs
-.Op stratum Ar int
-.Op refid Ar int
-.Op flag1 Ar 0|1
-.Op flag2 Ar 0|1
-.Op flag3 Ar 0|1
-.Op flag4 Ar 0|1
-.Pp
-The
-.Em time1
-and
-.Em time2
-options are specified in fixed point seconds and used in some clock
-drivers as calibration constants. By convention, and unless indicated
-otherwise,
-.Em time1
-is used as a calibration constant to adjust the nominal time offset of a
-particular clock to agree with an external standard, such as a precision
-PPS signal. The specified offset is in addition to the propagation delay
-provided by other means, such as internal DIPswitches. The
-.Em stratum
-option is a number in the range zero to 15 and is used to assign a
-nonstandard operating stratum to the clock. The
-.Em refid
-option is an
-.Tn ASCII
-string in the range one to four characters and is
-used to assign a nonstandard reference identifier to the clock. Finally,
-the four binary flags
-.Em flag1,
-.Em flag2,
-.Em flag3
-and
-.Em flag4
-are used for customizing the clock driver. The interpretation of these
-values, and whether they are used at all, is a function of the needs of
-the particular clock driver. However, by convention, and unless
-indicated otherwise,
-.Em flag3
-is used to attach the ppsclock streams module to the configured driver,
-while
-.Em flag4
-is used to enable recording verbose monitoring data to the clockstats
-file configured with the
-.Em filegen
-command. Further information on the ppsclock streams module is in the
-.Pa README
-file in the
-.Pa ./kernel
-directory in the current xntp3 program
-distribution. Further information on this feature is available in the
-.Pa ./scripts/stats
-directory in the same distribution.
-.Pp
-Ordinarily, the stratum of a reference clock is by default zero. Since
-the
-.Nm
-daemon adds one to the stratum of each peer, a primary server ordinarily
-displays stratum one. In order to provide engineered backups, it is
-often useful to specify the reference clock stratum as greater than
-zero. The
-.Em stratum
-option is used for this purpose. Also, in cases involving both a
-reference clock and a 1-pps discipline signal, it is useful to specify
-the reference clock identifier as other than the default, depending on
-the driver. The
-.Em refid
-option is used for this purpose. Except where noted, these options apply
-to all clock drivers.
-.Pp
-.Nm Xntpd
-on Unix machines currently supports several different types of clock
-hardware plus a special pseudo\-clock used for backup or when no other
-clock source is available. In the case of most of the clock drivers,
-support for a 1-pps precision timing signal is available as described in
-the
-.Pa README
-file in the
-.Pa ./doc
-directory of the xntp3 progam distribution.
-The clock drivers, and the addresses used to configure them, are
-described in the
-.Pa README.refclocks
-in the
-.Pa doc
-directory of the current
-program distribution.
-.Sh VARIABLES
-Most variables used by the
-.Tn NTP
-protocol can be examined with the
-.Nm xntpdc
-(mode 7 messages) and the
-.Nm ntpq
-(mode 6 messages). Currently very few variables can be modified via mode
-6 messages. These variables are either created with the
-.Em setvar
-directive or the leap warning variables. The leap warning bits that can
-be set in the
-.Em leapwarning
-variable (up to one month ahead). Both, the
-.Em leapwarning
-and the
-.Em leapindication
-variable, have a slightly different encoding than the usual
-.Em leap
-bits interpretation:
-.Bl -tag -width indent
-.It 00
-The daemon passes the leap bits of its synchronisation source (usual
-mode of operation).
-.It 01/10
-A leap second is added/deleted (operator forced leap second).
-.It 11
-Leap information from the sychronisation source is ignored (thus
-LEAP_NOWARNING is passed on).
-.El
-.Sh FILES
-.Bl -tag -width /etc/ntp.drift -compact
-.It /etc/ntp.conf
-the default name of the configuration file
-.It /etc/ntp.drift
-the conventional name of the drift file
-.It /etc/ntp.keys
-the conventional name of the key file
-.El
-.Sh SEE ALSO
-.Xr ntpdate 8 ,
-.Xr ntpq 8 ,
-.Xr xntpdc 8
-.Sh HISTORY
-Written by
-.An Dennis Ferguson
-at the University of Toronto. Text amended by
-.An David Mills
-at the University of Delaware.
-.Sh BUGS
-.Nm Xntpd
-has gotten rather fat. While not huge, it has gotten larger than might
-be desireable for an elevated\-priority daemon running on a workstation,
-particularly since many of the fancy features which consume the space
-were designed more with a busy primary server, rather than a high
-stratum workstation, in mind.