// Miscellaneous options.  Gets included twice.

[[driftfile]]+driftfile+ _driftfile_::
  This command specifies the complete path and name of the file used to
  record the frequency of the local clock oscillator; this is the same
  operation as the +-f+ command line option. If the file exists, it is
  read at startup to set the initial frequency and then updated
  once per hour with the current frequency computed by the daemon. If
  the file name is specified, but the file itself does not exist, +ntpd+
  starts with an initial frequency of zero and creates the file when
  writing it for the first time. If this command is not given, the
  daemon will always start with an initial frequency of zero.
+
The file format consists of a single line containing a single floating
point number, which records the frequency offset measured in
parts-per-million (PPM). The file is updated by first writing the
current drift value into a temporary file and then renaming this file
to replace the old version; this implies that {ntpdman} must
have write permission for the directory the drift file is located in,
and that file system links, symbolic or otherwise, should be avoided.

[[enable]]+enable+ [+auth+ | +calibrate+ | +kernel+ | +monitor+ | +ntp+ | +stats+]; +disable+ [+auth+ | +calibrate+ | +kernel+ | +monitor+ | +ntp+ | +stats+]::
  Provides a way to enable or disable various server options. Flags not
  mentioned are unaffected. Note that all of these flags can be
  controlled remotely using the {ntpqman} utility program.

  +auth+;;
    Enables the server to synchronize with unconfigured peers only if
    the peer has been correctly authenticated. The default for this
    flag is +enable+.
  +calibrate+;;
    Enables the calibrate feature for reference clocks. The default for
    this flag is +disable+.
  +kernel+;;
    Enables the kernel time discipline, if available. The default for
    this flag is +enable+ if support is available, otherwise +disable+.
  +monitor+;;
    Enables the monitoring facility. See the {ntpqman} program
    and the monlist command for further information. The default for this
    flag is +enable+.
  +ntp+;;
    Enables time and frequency discipline. In effect, this switch opens
    and closes the feedback loop, which is useful for testing. The
    default for this flag is +enable+.
  +stats+;;
    Enables the statistics facility. See the "Monitoring Options"
    section for further information. The default for this flag is
    +disable+.

[[includefile]]+includefile+ _includefile_::
  This command allows additional configuration commands to be included
  from a separate file. Include files may be nested to a depth of
  five; upon reaching the end of any include file, command processing
  resumes in the previous configuration file. Relative pathnames are
  evaluated not with respect to the current working directory but with
  respect to the directory name of the last pushed file in the
  stack. This option is useful for sites that run {ntpdman} on
  multiple hosts, with (mostly) common options (e.g., a restriction
  list).

[[interface]]+interface+ [+listen+ | +ignore+ | +drop+] [+all+ | +ipv4+ | +ipv6+ | +wildcard+ | 'name' | 'address'[/'prefixlen']]::
  This command controls which network addresses +ntpd+ opens, and
  whether the input is dropped without processing. The first parameter
  determines the action on addresses which match the second parameter.
  That parameter specifies a class of addresses, or a specific interface
  name, or an address. In the address case, _prefixlen_ determines how
  many bits must match for this rule to apply. +ignore+ prevents opening
  matching addresses, +drop+ causes +ntpd+ to open the address and drop
  all received packets without examination. Multiple +interface+
  commands can be used. The last rule which matches a particular address
  determines the action for it. +interface+ commands are disabled if any
  of the +-I+, +--interface+,+-L+, or +--novirtualips+ command-line options
  are used. If none of those options are used, and no +interface+ actions
  are specified in the configuration file, all available network
  addresses are opened. The +nic+ command is an alias for +interface+.

[[leapfile]]+leapfile+ 'leapfile'::
  This command loads the NIST leap seconds file and initializes the
  leapsecond values for the next leap second time, expiration time and
  TAI offset. The file can be obtained using +ntpleapfetch+.
+
The _leapfile_ is scanned when +ntpd+ processes the +leapfile+
directive or when +ntpd+ detects that _leapfile_ has changed. +ntpd+
checks once a day to see if the _leapfile_ has changed.

+leapsmearinterval+ 'interval'::
  This *experimental* option is only available if ntpd was built
  with the +--enable-leap-smear+ option, It specifies the interval
  over which a leap second correction will be applied.  Recommended
  values for this option are between 7200 (2 hours) and 86400 (24
  hours).  DO NOT USE THIS OPTION ON PUBLIC-ACCESS SERVERS!  See
  http://bugs.ntp.org/2855 for more information.

[[logconfig]]+logconfig+ _configkeyword_::
  This command controls the amount and type of output written to the
  system _syslog(3)_ facility or the alternate log file. By
  default, all output is turned on. All _configkeyword_ keywords can be
  prefixed with ‘=’, ‘+’ and ‘-’, where ‘=’ sets the syslog(3) priority
  mask, ‘+’ adds and ‘-’ removes messages. syslog(3) messages can be
  controlled in four classes (clock,peer,sys and sync). Within these
  classes four types of messages can be controlled: informational
  messages (info), event messages (events), statistics messages
  (statistics) and status messages (status).
+
Configuration keywords are formed by concatenating the message class
with the event class. The _all_ prefix can be used instead of a
message class. A message class may also be followed by the _all_
keyword to enable/disable all messages of the respective message
class. Thus, a minimal log configuration could look like this:
+
--------------------------------
logconfig =syncstatus +sysevents
--------------------------------
+
This would just list the synchronizations state of
{ntpdman} and the major system events. For a simple reference
server, the following minimum message configuration could be useful:
+
----------------------------
logconfig =syncall +clockall
----------------------------
+
This configuration will list all clock information and synchronization
information. All other events and messages about peers, system events
and so on is suppressed.

+logfile+ _logfile_::
  This command specifies the location of an alternate log file to be
  used instead of the default system _syslog(3)_ facility; this is the
  same operation as the -l command line option.

If your ntpd runs for a long time, you probably want to use logrotate or
newsyslog to switch to a new log file occasionally.  SIGHUP will reopen
the log file.

[[mru]]+mru+ [+maxdepth+ 'count' | +maxmem+ 'kilobytes' | +mindepth+ 'count' | +maxage+ 'seconds' | +minage+ 'seconds' | +initalloc+ 'count' | +initmem+ 'kilobytes' | +incalloc+ 'count' | +incmem+ 'kilobytes']::
  Controls size limits of the monitoring facility Most Recently Used
  (MRU) list of client addresses, which is also
  used by the rate control facility.
  +maxdepth+ 'count';;
  +maxmem+ 'kilobytes';;
    Equivalent upper limits on the size of the MRU list, in terms of
    entries or kilobytes. The actual limit will be up to +incalloc+
    entries or +incmem+ kilobytes larger. As with all of the +mru+
    options offered in units of entries or kilobytes, if both +maxdepth+
    and +maxmem+ are used, the last one used controls. The default is
    1024 kilobytes.
  +mindepth+ 'count';;
    The lower limit on the MRU list size. When the MRU list has fewer than
    +mindepth+ entries, existing entries are never removed to make room
    for newer ones, regardless of their age. The default is 600 entries.
  +maxage+ 'seconds';;
  +minage+ 'seconds';;
    If an address is not in the list, there are several possible ways
    to find a slot for it.
    . If the list has fewer than +mindepth+ entries, a slot is
    allocated from the free list; this is the normal case for a
    server without a lot of clients.  If clients come and go, for
    example, laptops going between home and work, the default setup
    shows only the long term average.
    . If the age of the oldest slot is greater than +maxage+, the oldest
    slot is recycled (default 3600 seconds).
    . If the freelist is not empty, a slot is allocated from the
    free list.
    . If the freelist is empty but not full (see maxmem), more memory
    is allocated (see incmem) and, a new slot is used.
    . If the age of the oldest slot is more than +minage+, the oldest
    slot is recycled (default 64 seconds).
    . Otherwise, no slot is available.
  +initalloc+ 'count';;
  +initmem+ 'kilobytes';;
    Initial memory allocation at the time the monitoring facility is
    first enabled, in terms of entries or kilobytes. The default is 4
    kilobytes.
  +incalloc+ 'count';;
  +incmem+ 'kilobytes';;
    Size of additional memory allocations when growing the MRU list, in
    entries or kilobytes. The default is 4 kilobytes.

+nonvolatile+ 'threshold'::
  Specify the _threshold_ in seconds to write the frequency file, with
  a default of 1e-7 (0.1 PPM). The frequency file is inspected each hour.
  If the difference between the current frequency and the last value
  written exceeds the threshold, the file is written, and the +threshold+
  becomes the new threshold value. If the threshold is not exceeded, it
  is reduced by half; this is intended to reduce the frequency of
  unnecessary file writes for embedded systems with nonvolatile memory.

[[phone]]+phone+ 'dial ...'::
  This command is used in conjunction with the ACTS modem driver (type
  modem) or the JJY driver (type jjy). For ACTS, the arguments consist
  of a maximum of 10 telephone numbers used to dial USNO, NIST or
  European time services. For the jjy driver in modes 100-180, the
  argument is one telephone number used to dial the telephone JJY
  service. The Hayes command ATDT is normally prepended to the number,
  which can contain other modem control codes as well.

[[reset]]+reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]+::
  Reset one or more groups of counters maintained by ntpd and exposed by
  +ntpq+.

[[setvar]]+setvar+ _variable_ [_default_]::
  This command adds a system variable. These variables can
  be used to distribute additional information such as the access
  policy. If the variable of the form _name=value_ is followed by the
  +default+ keyword, the variable will be listed as part of the default
  system variables ({ntpqman} rv command). These additional
  variables serve informational purposes only. They are not related to
  the protocol other that they can be listed. The known protocol
  variables will always override any variables defined via
  the +setvar+ mechanism. There are three special variables that contain the
  names of all variable of the same group. The +sys_var_list+ holds the
  names of all system variables. The +peer_var_list+ holds the names of all
  peer variables and the +clock_var_list+ holds the names of the reference
  clock variables.

[[tinker]]+tinker+ [+allan+ _allan_ | +dispersion+ _dispersion_ | +freq+ _freq_ | +huffpuff+ _huffpuff_ | +panic+ _panic_ | +step+ _step_ | +stepback+ _stepback_ | +stepfwd+ _stepfwd_ | +stepout+ _stepout_]::
  This command can be used to alter several system variables in very
  exceptional circumstances. It should occur in the configuration file
  before any other configuration options. The default values of these
  variables have been carefully optimized for a wide range of network
  speeds and reliability expectations. In general, they interact in
  intricate ways that are hard to predict, and some combinations can
  result in some very nasty behavior. Very rarely is it necessary to
  change the default values; but, some folks cannot resist twisting the
  knobs anyway, and this command is for them. Emphasis added: twisters
  are on their own and can expect no help from the support group.
+
The variables operate as follows:
+
  +allan+ _allan_;;
    The argument becomes the new value for the minimum Allan intercept,
    which is a parameter of the PLL/FLL clock discipline algorithm. The
    value in log2 seconds defaults to 11 (2048 s), which is also the
    lower limit.
  +dispersion+ _dispersion_;;
    The argument becomes the new value for the dispersion increase rate,
    normally .000015 s/s.
  +freq+ _freq_;;
    The argument becomes the initial value of the frequency offset in
    parts-per-million; this overrides the value in the frequency file,
    if present, and avoids the initial training state if it is not.
  +huffpuff+ _huffpuff_;;
    The argument becomes the new value for the experimental huff-n'-puff
    filter span, which determines the most recent interval the algorithm
    will search for a minimum delay. The lower limit is 900 s (15 m),
    but a more reasonable value is 7200 (2 hours). There is no default
    since the filter is not enabled unless this command is given.
  +panic+ _panic_;;
    The argument is the panic threshold, normally 1000 s. If set to
    zero, the panic sanity check is disabled, and a clock offset of any
    value will be accepted.
  +step+ _step_;;
    The argument is the step threshold, which by default is 0.128 sec. It
    can be set to any positive number in seconds. If set to zero, step
    adjustments will never occur. Note: The kernel time discipline is
    disabled if the step threshold is set to zero or greater than the
    default.
  +stepback+ _stepback_;;
    The argument is the step threshold for the backward direction, which
    by default is 0.128 sec. It can be set to any positive number in
    seconds. If both the forward and backward step thresholds are set to
    zero, step adjustments will never occur. Note: The kernel time
    discipline is disabled if each direction of step threshold are
    either set to zero or greater than .5 second.
  +stepfwd+ _stepfwd_;;
    As for stepback, but for the forward direction.
  +stepout+ _stepout_;;
    The argument is the stepout timeout, which by default is 900 s. It
    can be set to any positive number in seconds. If set to zero, the
    stepout pulses will not be suppressed.

[[rlimit]]+rlimit+ [+memlock+ _megabytes_ | +stacksize+ _4kPages_ | +filenum+ _filedescriptors_]::

  +memlock+ _megabytes_;;
    Ignored for backward compatibility.
  +stacksize+ _4kPages_;;
    Specifies the maximum size of the process stack on systems with the
    +mlockall()+ function. Defaults to 50 4k pages.
  +filenum+ _filedescriptors_;;
    Specifies the maximum number of file descriptors ntpd may have open
    at once. Defaults to the system default.

// end