-<% when "ancina.debian.org/": -%>
-server ntp.ugent.be iburst dynamic
-<% when "(albeniz|goetz).debian.org/": -%>
-server smetana.debian.org iburst dynamic
-server geo1.debian.org iburst dynamic
-server geo2.debian.org iburst dynamic
-server geo3.debian.org iburst dynamic
-<% else -%>
-server geo1.debian.org iburst dynamic
-server geo2.debian.org iburst dynamic
-server geo3.debian.org iburst dynamic
+
+leapfile /usr/share/zoneinfo/leap-seconds.list
+<% elsif scope.lookupvar('deprecated::nodeinfo')['misc']['natted'] -%>
+# autokey doesn't work behind nat
+
+# manda-node03's, and bm-bl2's ipv4 IP, hard coded for the benefit of
+# hosts that do not have RTC's (since they won't be able to do DNS until
+# they have a reasonable clock).
+server 82.195.75.69 iburst
+server 5.153.231.242 iburst
+
+server manda-node03.debian.org iburst
+server manda-node04.debian.org iburst
+server bm-bl1.debian.org iburst
+server bm-bl2.debian.org iburst
+<% else -%>
+server manda-node03.debian.org iburst autokey
+server manda-node04.debian.org iburst autokey
+server bm-bl1.debian.org iburst autokey
+server bm-bl2.debian.org iburst autokey
+restrict manda-node03.debian.org notrust nomodify notrap ntpport
+restrict manda-node04.debian.org notrust nomodify notrap ntpport
+restrict bm-bl1.debian.org notrust nomodify notrap ntpport
+restrict bm-bl2.debian.org notrust nomodify notrap ntpport