diff --git a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
index 96da6f7f68..c30e1cd940 100644
--- a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
@@ -5227,208 +5227,158 @@ Starting smbd.
-->
Clock Synchronization with NTP
- NTP
-
- Over time, a computer's clock is prone to drift. The
- Network Time Protocol (NTP) is one way to ensure the clock
- stays accurate.
-
- Many Internet services rely on, or greatly benefit from,
- computers' clocks being accurate. For example, a web server
- may receive requests to send a file if it has been modified
- since a certain time. In a local area network environment, it
- is essential that computers sharing files from the same file
- server have synchronized clocks so that file timestamps stay
- consistent. Services such as &man.cron.8; also rely on an
- accurate system clock to run commands at the specified
- times.
-
NTP
- ntpd
+ ntpd
- &os; ships with the &man.ntpd.8;
- NTP server
- which can be used to query other
- NTP servers to
- set the clock on the machine or provide time services to
- others.
+ Over time, a computer's clock is prone to drift. This is
+ problematic as many network services require the computers on a network
+ to share the same accurate time. Accurate time is also needed to ensure
+ that file timestamps stay
+ consistent. The
+ Network Time Protocol (NTP) is one way to provide clock
+ accuracy in a network.
-
- Choosing Appropriate NTP Servers
-
-
- NTP
- choosing servers
-
-
- In order to synchronize the clock, one or more
- NTP servers
- must be defined. The network administrator or ISP may have
- set up an NTP server for this purpose—check their
- documentation to see if this is the case. There is an &os; includes &man.ntpd.8;
+ which can be configured to query other
+ NTP servers in order to
+ synchronize the clock on that machine or to provide time services to
+ other computers in the network. The servers which are queried
+ can be local to the network or provided by an ISP.
+ In addition, an online
- list of publicly accessible NTP servers which may be
- referenced to find an NTP server nearest to the system. Take
- care to review the policy for any chosen servers, and ask for
- permission if required.
+ list of publicly accessible NTP servers
+ is available. When choosing a public NTP server, select
+ one that is geographically close and
+ review its usage policy.
- Choosing several unconnected NTP servers is a good idea in
- case one of the servers being used becomes unreachable or
- its clock is unreliable. &man.ntpd.8; uses the responses it
- receives from other servers intelligently—it will favor
- unreliable servers less than reliable ones.
-
+ Choosing several NTP servers is recommended in
+ case one of the servers becomes unreachable or
+ its clock proves unreliable. As ntpd receives responses,
+ it favors
+ reliable servers over the less reliable ones.
+
+ This section describes how to configure ntpd on &os;. Further documentation can be found in
+ /usr/share/doc/ntp/ in HTML
+ format.
- Configuring The Machine
+ <acronym>NTP</acronym> Configuration
-
- NTP
- configuration
+ NTP
+ ntp.conf
+ ntpdate
-
- Basic Configuration
-
- ntpdate
-
- To synchronize the clock only when the machine boots up,
- use &man.ntpdate.8;. This may be appropriate for some
- desktop machines which are frequently rebooted and only
- require infrequent synchronization, but most machines should
- run &man.ntpd.8;.
-
- Using &man.ntpdate.8; at boot time is also a good idea
- for machines that run &man.ntpd.8;. The &man.ntpd.8;
- program changes the clock gradually, whereas &man.ntpdate.8;
+ To only synchronize the clock when a system boots,
+ use &man.ntpdate.8;. This alone can be appropriate for
+ desktops which are frequently rebooted. However,
+ most systems should
+ run ntpdate at boot time as well as configure ntpd.
+ This is because ntpd
+ changes the clock gradually, whereas ntpdate
sets the clock, no matter how great the difference between a
machine's current clock setting and the correct time.
- To enable &man.ntpdate.8; at boot time, add
+ To enable ntpdate at boot time, add
ntpdate_enable="YES" to
- /etc/rc.conf. Also specify all
- synchronization servers and any flags to be passed to
- &man.ntpdate.8; in ntpdate_flags.
-
+ /etc/rc.conf. To also enable
+ ntpd, add the ntpd_enable="YES"
+ entry to /etc/rc.conf. Additional variables can be specified
+ in /etc/rc.conf. Refer to &man.rc.conf.5;,
+ &man.ntpdate.8;, and &man.ntpd.8; for details.
-
- General Configuration
+ Both applications
+ read /etc/ntp.conf to determine
+ which servers to query. Here is a simple example of an
+ /etc/ntp.conf:
-
- NTP
- ntp.conf
-
-
- NTP is configured by the
- /etc/ntp.conf file in the format
- described in &man.ntp.conf.5;. Here is a simple
- example:
+
+ Sample <filename>/etc/ntp.conf</filename>server ntplocal.example.com prefer
server timeserver.example.org
server ntp2a.example.net
driftfile /var/db/ntp.drift
+
- The server option specifies which
- servers are to be used, with one server listed on each line.
- If a server is specified with the prefer
- argument, as with
- ntplocal.example.com,
+ The format of this file is
+ described in &man.ntp.conf.5;. The server option specifies which
+ servers to query, with one server listed on each line.
+ If a server entry includes prefer,
that server is preferred over other servers. A response
from a preferred server will be discarded if it differs
- significantly from other servers' responses, otherwise it
- will be used without any consideration to other responses.
- The prefer argument is normally used for
- NTP servers that are known to be highly accurate, such as
+ significantly from responses; otherwise it
+ will be used.
+ The prefer argument should only be used for
+ NTP servers that are known to be highly accurate, such as
those with special time monitoring hardware.
- The driftfile option specifies which
+ The driftfile entry specifies which
file is used to store the system clock's frequency offset.
- The &man.ntpd.8; program uses this to automatically
+ ntpd uses this to automatically
compensate for the clock's natural drift, allowing it to
maintain a reasonably correct setting even if it is cut off
- from all external time sources for a period of time.
+ from all external time sources for a period of time. This
+ file also stores information about previous responses
+ from NTP servers. Since this file contains
+ internal information for NTP, it should not be modified.
- The driftfile option specifies which
- file is used to store information about previous responses
- from the NTP servers being used. This file contains
- internal information for NTP. It should not be modified by
- any other process.
-
-
-
- Controlling Access to Your Server
-
- By default, the NTP server will be accessible to all
- hosts on the Internet. The restrict
- option in /etc/ntp.conf
- controls which machines can access the server.
-
- To deny all machines from accessing the NTP
+ By default, an NTP server is accessible to any
+ network host. The restrict
+ option in /etc/ntp.conf can be used to
+ control which systems can access the server. For example,
+ to deny all machines from accessing the NTP
server, add the following line to
/etc/ntp.conf:restrict default ignore
- This will also prevent access from the server to any
- servers listed in the local configuration. If there is a
- need to synchronise the NTP server with an external NTP
+ This will also prevent access from other NTP servers.
+ If there is a
+ need to synchronize with an external NTP
server, allow only that specific server. Refer to
&man.ntp.conf.5; for more information.To allow machines within the network to synchronize
their clocks with the server, but ensure they are not
- allowed to configure the server or used as peers to
- synchronize against, add
+ allowed to configure the server or be used as peers to
+ synchronize against, instead use:restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
- instead, where
- 192.168.1.0 is an
- IP address on the network and
+ where
+ 192.168.1.0 is the
+ local network address and
255.255.255.0 is
- the network's netmask.
+ the network's subnet mask.
- The /etc/ntp.conf file can contain
- multiple restrict options. For more
- details, see the Access Control Support
+ Multiple restrict entries are supported.
+ For more
+ details, refer to the Access Control Support
subsection of &man.ntp.conf.5;.
-
+
+ Once
+ ntpd_enable="YES" has been added to
+ /etc/rc.conf, ntpd
+ can be started now without rebooting the system by typing:
+
+ &prompt.root; service ntpd start
- Running the NTP Server
+ Using <acronym>NTP</acronym> with a <acronym>PPP</acronym>
+ Connection
- To ensure the NTP server is started at boot time, add the
- line ntpd_enable="YES" to
- /etc/rc.conf. To pass
- additional flags to &man.ntpd.8;, edit the
- ntpd_flags parameter in
- /etc/rc.conf.
-
- To start the server without rebooting the machine, run
- ntpd being sure to specify any additional
- parameters from ntpd_flags in
- /etc/rc.conf. For example:
-
- &prompt.root; ntpd -p /var/run/ntpd.pid
-
-
-
- Using <application>ntpd</application> with a Temporary
- Internet Connection
-
- The &man.ntpd.8; program does not need a permanent
+ ntpd does not need a permanent
connection to the Internet to function properly. However, if
- there is a temporary connection that is configured to dial out
- on demand, it is a good idea to prevent NTP traffic from
- triggering a dial out or keeping the connection alive. PPP
- users can use the filter
+ a PPP connection is configured to dial out
+ on demand, NTP traffic should be prevented from
+ triggering a dial out or keeping the connection alive. This can be configured
+ with filter
directives in /etc/ppp/ppp.conf. For
example:
@@ -5441,7 +5391,7 @@ driftfile /var/db/ntp.drift
# Prevent outgoing NTP traffic from keeping the connection open
set filter alive 2 permit 0/0 0/0
- For more details see the
+ For more details, refer to the
PACKET FILTERING section in &man.ppp.8; and
the examples in
/usr/share/examples/ppp/.
@@ -5452,14 +5402,6 @@ driftfile /var/db/ntp.drift
reach the machine.
-
-
- Further Information
-
- Documentation for the NTP server can be found in
- /usr/share/doc/ntp/ in HTML
- format.
-