#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
#server	127.127.1.0		# local clock


# RF sertified time servers
# http://vniiftri.ru/index.php/ru/services/22-ntp
server ntp1.vniiftri.ru
server ntp3.vniiftri.ru
server ntp1.niiftri.irkutsk.ru
server ntp2.niiftri.irkutsk.ru

#http://www.pool.ntp.org/zone/europe
#Do not forget to change default restrictions
#see http://bugs.ntp.org/show_bug.cgi?id=1568

# ru.pool.ntp.org:
#server 0.ru.pool.ntp.org
#server 1.ru.pool.ntp.org
#server 2.ru.pool.ntp.org
#server 3.ru.pool.ntp.org

# ua.pool.ntp.org:
#server 0.ua.pool.ntp.org
#server 1.ua.pool.ntp.org
#server 2.ua.pool.ntp.org
#server 3.ua.pool.ntp.org

#
# You can also request your provider about regional time server name.
#


#
# fallback
#
fudge 127.127.1.0 stratum 10

#
# Drift file.  Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
#multicastclient		# listen on default 224.0.1.1
broadcastdelay		0.008

# fix for CVE-2013-5211 (is needed for less 4.2.7p26)
disable monitor

#
# RESTRICTIONS
# ============
#

# By default, don't trust and don't allow modifications. Ignore in fact.
restrict default ignore notrust nomodify

# Allow anything from the local host.
restrict 127.0.0.1

# Allow others in our subnet to check us out...
#restrict 192.168.0.0 mask 255.255.0.0 nomodify

#
# Allow synchronization source from NTP servers
#

# RF sertified time servers
restrict ntp1.vniiftri.ru
restrict ntp3.vniiftri.ru
restrict ntp1.niiftri.irkutsk.ru
restrict ntp2.niiftri.irkutsk.ru

# Keys file.  If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
#keys		/etc/ntp/keys