Convert to mdoc + typos.

5 files changed, 1405 insertions, 1666 deletions

diff --git a/usr.sbin/xntpd/doc/ntpdate.8 b/usr.sbin/xntpd/doc/ntpdate.8
index 7afa79a..bf6832d 100644
--- a/usr.sbin/xntpd/doc/ntpdate.8
+++ b/usr.sbin/xntpd/doc/ntpdate.8
@@ -1,189 +1,142 @@
-''' $Header
-''' 
-.de Sh
-.br
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-'''
-'''     Set up \*(-- to give an unbreakable dash;
-'''     string Tr holds user defined translation string.
-'''     Greek uppercase omega is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-.ds L' '
-.ds R' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds L' `
-.ds R' '
-'br\}
-.TH NTPDATE 8 LOCAL
-.SH NAME
-ntpdate - set the date and time via NTP
-.SH SYNOPSIS
-.B ntpdate
-[
-.B -bds
-] [
-.B -o
-.I version
-] [
-.B -a
-.I key#
-] [
-.B -e
-.I authdelay
-] [
-.B -k
-.I keyfile
-] [
-.B -p
-.I samples
-] [
-.B -t
-.I timeout
-]
-server ...
-.SH DESCRIPTION
-.I Ntpdate
+.\"
+.\"	$Id$
+.\"
+.Dd December 21, 1993
+.Dt NTPDATE 8
+.Os
+.Sh NAME
+.Nm ntpdate
+.Nd set the date and time via NTP
+.Sh SYNOPSIS
+.Nm
+.Op Fl bds
+.Op Fl o Ar version
+.Op Fl a Ar key#
+.Op Fl e Ar authdelay
+.Op Fl k Ar keyfile
+.Op Fl p Ar samples
+.Op Fl t Ar timeout
+.Ar server ...
+.Sh DESCRIPTION
+.Nm Ntpdate
 sets the local date and time by polling the Network Time Protocol
 server(s) on the host(s) given as arguments to determine
 the correct time.  It must be run as root on the local host.  A number
 of samples are obtained from each of the servers specified and the
 standard NTP clock filter and selection algorithms are applied to select
 the best of these.  Typically,
-.I ntpdate
+.Nm
 can be inserted in the
-.I /etc/rc.local
+.Pa /etc/rc.local
 startup up script to set the time of day at boot time and/or can be run
 from time\-to\-time via
-.IR cron (8).
+.Xr cron 8 .
 Note that
-.IR ntpdate 's
+.Nm Ns 's
 reliability and precision will improve dramatically with greater numbers
 of servers.  While a single server may be used, better performance and
 greater resistance to insanity on the part of any one server
 will be obtained by providing at least three or four servers, if not more.
-.PP
+.Pp
 Time adjustments are made by
-.I ntpdate
+.Nm
 in one of two ways.  If
-.I ntpdate
+.Nm
 determines your clock is off by more than 0.5 seconds it will simply
 step the time by calling
-.IR settimeofday (2).
+.Xr settimeofday 2 .
 If the error is less than 0.5 seconds, however, it will by default slew
 the clock's time via a call to
-.IR adjtime (2)
+.Xr adjtime 2
 with the offset.  The latter technique is less disruptive and more
 accurate when the offset is small, and works quite well when
-.I ntpdate
+.Nm
 is run by
-.I cron (8)
+.Xr cron 8
 every hour or two.  The adjustment made in the latter
 case is actually 50% larger than the measured offset since this will
 tend to keep a badly drifting clock more accurate (at some expense to
 stability, though this tradeoff is usually advantageous).  At boot time,
 however, it is usually better to always step the time.  This can be forced
 in all cases by specifying the
-.B -b
+.Fl b
 switch on the command line.  The
-.B -s
+.Fl s
 switch tells
-.I ntpdate
+.Nm
 to log its actions via the
-.IR syslog (3)
+.Xr syslog 3
 facility rather than to the standard output, a useful option when
 running the program from
-.IR cron (8).
-.PP
+.Xr cron 8 .
+.Pp
 The
-.B -d
+.Fl d
 flag may be used to determine what
-.I ntpdate
+.Nm
 will do without it actually doing it.  Information useful for general
 debugging will also be printed.  By default
-.I ntpdate
+.Nm
 claims to be an NTP version 3 implementation in its outgoing packets.  As
 some older software will decline to respond to version 3 queries, the
-.B -o
-.I version
+.Fl o Ar version
 switch can be used to force the program to poll as a version 2 or 1
 implementation instead.
-.PP
+.Pp
 The number of samples
-.I ntpdate
+.Nm
 acquires from each server can be set to between 1 and 8 inclusive
 using the
-.B -p
+.Fl p
 switch.  The default is 4.  The time it will spend waiting for a
 response can be set using the
-.B -t
+.Fl t
 switch, and will be rounded to a multiple of 0.2 seconds.  The default
 is 1 second, a value suitable for polling across a LAN.
-.PP
-.I Ntpdate
+.Pp
+.Nm Ntpdate
 will authenticate its transactions if need be.  The
-.B -a
+.Fl a
 switch specifies that all packets should be authenticated using the
 key number indicated.  The
-.B -k
+.Fl k
 switch allows the name of the file from which the keys may be read
 to be modified from the default of
-.I /etc/ntp.keys.
+.Pa /etc/ntp.keys .
 This file should be in the format described in
-.IR xntpd (8).
+.Xr xntpd 8 .
 The
-.B -e
+.Fl e
 option allows the specification of an authentication processing delay,
 in seconds (see
-.IR xntpd (8)
+.Xr xntpd  8
 for details).  This number is usually small enough to be negligible for
-.IR ntpdate 's
+.Nm Ns 's
 purposes, though specifying a value may improve timekeeping on very slow
 CPU's.
-.PP
-.I Ntpdate
+.Pp
+.Nm Ntpdate
 will decline to set the date if an NTP server daemon (e.g.
-.IR xntpd (8))
+.Xr xntpd 8 )
 is running on the same host.  When running
-.I ntpdate
+.Nm
 on a regular basis from
-.IR cron (8)
+.Xr cron 8
 as an alternative to running a daemon, doing so once every hour or two
 will result in precise enough timekeeping to avoid stepping the clock.
-.SH FILES
-.nf
-/etc/ntp.keys\0\0contains the encryption keys used by \fIntpdate\fP.
-.fi
-.SH SEE ALSO
-xntpd(8)
-.SH HISTORY
-Written by Dennis Ferguson at the University of Toronto
-.SH BUGS
+.Sh FILES
+.Bl -tag -width /etc/ntp.keys -compact
+.It Pa /etc/ntp.keys
+contains the encryption keys used by
+.Nm Ns .
+.El
+.Sh SEE ALSO
+.Xr xntpd 8
+.Sh HISTORY
+Written by
+.An Dennis Ferguson
+at the University of Toronto
+.Sh BUGS
 The technique used for improving accuracy by compensating for clock
 oscillator errors sucks, but doing better would require the program
 to save state from previous runs.
diff --git a/usr.sbin/xntpd/doc/ntpq.8 b/usr.sbin/xntpd/doc/ntpq.8
index e34e478..e2290c3 100644
--- a/usr.sbin/xntpd/doc/ntpq.8
+++ b/usr.sbin/xntpd/doc/ntpq.8
@@ -1,319 +1,259 @@
-''' $Header
-'''
-.de Sh
-.br
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-'''
-'''     Set up \*(-- to give an unbreakable dash;
-'''     string Tr holds user defined translation string.
-'''     Greek uppercase omega is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-.ds L' '
-.ds R' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds L' `
-.ds R' '
-'br\}
-.TH NTPQ 8 LOCAL
-.SH NAME
-ntpq - standard Network Time Protocol query program
-.SH SYNOPSIS
-.B ntpq
-[
-.B -inp
-] [
-.B -c
-.I command
-] [
-.I host
-] [
-.I ...
-]
-.SH DESCRIPTION
-.I Ntpq
+.\"
+.\"	$Id$
+.\"
+.Dd December 21, 1993
+.Dt NTPQ 8
+.Os
+.Sh NAME
+.Nm ntpq
+.Nd standard Network Time Protocol query program
+.Sh SYNOPSIS
+.Nm
+.Op Fl inp
+.Op Fl c Ar command
+.Op Ar host ...
+.Sh DESCRIPTION
+.Nm Ntpq
 is used to query NTP servers which implement the recommended NTP mode 6
 control message format about current state and to request changes in
 that state. The program may be run either in interactive mode or
 controlled using command line arguments. Requests to read and write
 arbitrary variables can be assembled, with raw and pretty\-printed
 output options being available.
-.I Ntpq
+.Nm Ntpq
 can also obtain and print a list of peers in a common format by sending
 multiple queries to the server.
-.PP
+.Pp
 If one or more request options is included on the command line when
-.I ntpq
+.Nm
 is executed, each of the requests will be sent to the NTP servers
 running on each of the hosts given as command line arguments, or on
-.I localhost
+.Ar localhost
 by default. If no request options are given,
-.I ntpq
+.Nm
 will attempt to read commands from the standard input and execute these
 on the NTP server running on the first host given on the command line,
 again
 defaulting to
-.I localhost
+.Ar localhost
 when no other host is specified.
-.I Ntpq
+.Nm Ntpq
 will prompt for commands if the standard input is a terminal device.
-.PP
-.I Ntpq
+.Pp
+.Nm Ntpq
 uses NTP mode 6 packets to communicate with the NTP server, and hence
 can be used to query any compatable server on the network which permits
 it. Note that since NTP is a UDP protocol this communication will be
 somewhat unreliable, especially over large distances in terms of network
 topology.
-.I Ntpq
+.Nm Ntpq
 makes one attempt to retransmit requests, and will time requests out if
 the remote host is not heard from within a suitable time out time.
-.PP
+.Pp
 Command line options are described following. Specifying a command line
 option other than
-.B -i
+.Fl i
 or
-.B -n
+.Fl n
 will cause the specified query (queries) to be sent to the indicated
 host(s) immediately. Otherwise,
-.I ntpq
+.Nm
 will attempt to read interactive format commands from the standard
 input.
-.Ip -c 8
-The following argument is interpreted as an interactive format command
+The following options are available:
+.Bl -tag -width indent
+.It Fl c Ar command
+The following argument is interpreted as an interactive format
+.Ar command
 and is added to the list of commands to be executed on the specified
 host(s). Multiple
-.B -c
+.Fl c
 options may be given.
-.Ip -i 8
+.It Fl i
 Force
-.I ntpq
+.Nm
 to operate in interactive mode. Prompts will be written to the standard
 output and commands read from the standard input.
-.Ip -n 8
+.It Fl n
 Output all host addresses in dotted\-quad numeric format rather than
 converting to the canonical host names.
-.Ip -p 8
+.It Fl p
 Print a list of the peers known to the server as well as a summary of
-their state. This is equivalent to the \*(L"peers\*(R" interactive
-command.
-.SH INTERNAL COMMANDS
-.PP
+their state. This is equivalent to the
+.Em peers
+interactive command.
+.El
+.Sh INTERNAL COMMANDS
+.Pp
 Interactive format commands consist of a keyword followed by zero to
 four arguments. Only enough characters of the full keyword to uniquely
 identify the command need be typed. The output of a command is normally
 sent to the standard output, but optionally the output of individual
-commands may be sent to a file by appending a \*(L">\*(R", followed by a
-file name, to the command line.
-.PP
+commands may be sent to a file by appending a
+.Qq > ,
+followed by a file name, to the command line.
+.Pp
 A number of interactive format commands are executed entirely within the
-.I ntpq
+.Nm
 program itself and do not result in NTP mode 6 requests being sent to a
 server. These are described following.
-.PP
-.B ?
-[
-.I command_keyword
-]
-.PP
-A \*(L"?\*(R" by itself will print a list of all the command keywords
+.Pp
+.Bl -tag -width indent
+.It ? Op Ar command_keyword
+A
+.Qq ?
+by itself will print a list of all the command keywords
 known to this incarnation of
-.IR ntpq .
-A \*(L"?\*(R" followed by a command keyword will print function and
+.Nm Ns .
+A
+.Qq ?
+followed by a command keyword will print function and
 usage information about the command. This command is probably a better
 source of information about
-.I ntpq
+.Nm
 than this manual page.
-.PP
-.B timeout
-.I millseconds
-.PP
+.It timeout Ar milliseconds
 Specify a time out period for responses to server queries. The default
 is about 5000 milliseconds. Note that since
-.I ntpq
+.Nm
 retries each query once after a time out the total waiting time for a
 time out will be twice the time out value set.
-.PP
-.B delay
-.I milliseconds
-.PP
+.It delay Ar milliseconds
 Specify a time interval to be added to timestamps included in requests
 which require authentication. This is used to enable (unreliable) server
 reconfiguration over long delay network paths or between machines whose
 clocks are unsynchronized. Actually the server does not now require time
 stamps in authenticated requests, so this command may be obsolete.
-.PP
-.B host
-.I hostname
-.PP
+.It host Ar hostname
 Set the host to which future queries will be sent.
-.I Hostname
+.Ar Hostname
 may be either a host name or a numeric
 address.
-.PP
-.B poll
-[
-.I #
-] [
-.B verbose
-]
-.PP
+.It Xo poll
+.Op Ar #
+.Op Ar verbose
+.Xc
 Poll the current server in client mode. The first argument is the number
 of times to poll (default is 1) while the second argument may be given
 to obtain a more detailed output of the results. This command is
 currently just wishful thinking.
-.PP
-.B keyid
-.I #
-.PP
+.It keyid Ar #
 This command allows the specification of a key number to be used to
 authenticate configuration requests. This must correspond to a key
 number the server has been configured to use for this purpose.
-.PP
-.B passwd
-.PP
+.It passwd
 This command prompts you to type in a password (which will not be
 echoed) which will be used to authenticate configuration requests. The
 password must correspond to the key configured for use by the NTP server
 for this purpose if such requests are to be successful.
-.PP
-.B "hostnames yes|no"
-.PP
-If \*(L"yes\*(R" is specified, host names are printed in information
-displays. If \*(L"no\*(R" is given, numeric addresses are printed
-instead. The default is \*(L"yes\*(R" unless modified using the command
-line
-.B -n
+.It hostnames Ar yes | Ar no
+If
+.Ar yes
+is specified, host names are printed in information
+displays. If
+.Ar no
+is given, numeric addresses are printed
+instead. The default is
+.Ar yes
+unless modified using the command line
+.Fl n
 switch.
-.PP
-.B raw
-.PP
-Causes all output from query commands is printed as received from the
+.It raw
+Cause all output from query commands is printed as received from the
 remote server. The only formating/intepretation done on the data is to
 transform nonascii data into a printable (but barely understandable)
 form.
-.PP
-.B cooked
-.PP
-Causes output from query commands to be \*(L"cooked\*(R". Variables
+.It cooked
+Cause output from query commands to be
+.Qq cooked Ns .
+Variables
 which are recognized by the server will have their values reformatted
 for human consumption. Variables which
-.I ntpq
+.Nm
 thinks should have a decodeable value but didn't are marked with a
-trailing \*(L"?\*(R".
-.PP
-.B ntpversion
-.B 1|2|3
-.PP
-Sets the NTP version number which
-.I ntpq
+trailing
+.Qq ? Ns .
+.It ntpversion Ar 1 | Ar 2 | Ar 3
+Set the NTP version number which
+.Nm
 claims in packets. Defaults to 3, Note that mode 6 control messages (and
 modes, for that matter) didn't exist in NTP version 1. There appear to
 be no servers left which demand version 1.
-.PP
-.B authenticate
-.B yes|no
-.PP
+.It authenticate Ar yes | Ar no
 Normally
-.I ntpq
+.Nm
 does not authenticate requests unless they are write requests. The
 command
-.B authenticate yes
+.Em authenticate yes
 causes
-.I ntpq
+.Nm
 to send authentication with all requests it makes. Authenticated
 requests causes some servers to handle requests slightly differently,
 and can occasionally melt the CPU in fuzzballs if you turn
 authentication on before doing a peer display.
-.PP
-.B addvars
-.IR <variable_name>[=<value>] [,...]
-.B rmvars
-.IR <variable_name> [,...]
-.B clearvars
-.PP
+.It Xo addvars
+.Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...
+.Xc
+.It Xo rmvars
+.Aq variable_name Ns
+.Op ,...
+.Xc
+.It clearvars
 The data carried by NTP mode 6 messages consists of a list of items of
 the form
-.IP "" 8
-<variable_name>=<value>
-.PP
-where the \*(L"=<value>\*(R" is ignored, and can be omitted, in requests
+.Xo Aq variable_name Ns
+.Pf = Aq value
+.Xc
+where the
+.Qq = Ns Aq value
+is ignored, and can be omitted, in requests
 to the server to read variables.
-.I Ntpq
+.Nm Ntpq
 maintains an internal list in which data to be included in control
 messages can be assembled, and sent using the
-.B readlist
+.Em readlist
 and
-.B writelist
+.Em writelist
 commands described below. The
-.B addvars
+.Em addvars
 command allows variables and their optional values to be added to the
 list. If more than one variable is to be added, the list should be
 comma\-separated and not contain white space. The
-.B rmvars
+.Em rmvars
 command can be used to remove individual variables from the list, while
 the
-.B clearlist
+.Em clearlist
 command removes all variables from the list.
-.PP
-.B debug
-.I more|less|off
-.PP
-Turns internal query program debugging on and off.
-.PP
-.B quit
-.PP
+.It debug Ar more | Ar less | Ar off
+Turn internal query program debugging on and off.
+.It quit
 Exit
-.IR ntpq .
-.SH CONTROL MESSAGE COMMANDS
-.PP
+.Nm Ns .
+.El
+.Sh CONTROL MESSAGE COMMANDS
 Each peer known to an NTP server has a 16 bit integer
-.I association
-.I identifier
+.Em association identifier
 assigned to it. NTP control messages which carry peer variables must
 identify the peer the values correspond to by including its association
 ID. An association ID of 0 is special, and indicates the variables are
 system variables, whose names are drawn from a separate name space.
-.PP
+.Pp
 Control message commands result in one or more NTP mode 6 messages being
 sent to the server, and cause the data returned to be printed in some
 format. Most commands currently implemented send a single message and
 expect a single response. The current exceptions are the
-.B peers
+.Em peers
 command, which will send a preprogrammed series of messages to obtain
 the data it needs, and the
-.B mreadlist
+.Em mreadlist
 and
-.B mreadvar
+.Em mreadvar
 commands, which will iterate over a range of associations.
-.PP
-.B associations
-.PP
-Obtains and prints a list of association identifiers and peer statuses
+.Bl -tag -width indent
+.It associations
+Obtain and print a list of association identifiers and peer statuses
 for in\-spec peers of the server being queried. The list is printed in
 columns. The first of these is an index numbering the associations from
 1 for internal use, the second the actual association identifier
@@ -321,190 +261,152 @@ returned by the server and the third the status word for the peer. This
 is followed by a number of columns containing data decoded from the
 status word. Note that the data returned by the \*(L"associations\*(R"
 command is cached internally in
-.IR ntpq .
+.Nm Ns .
 The index is then of use when dealing with stupid servers which use
 association identifiers which are hard for humans to type, in that for
 any subsequent commands which require an association identifier as an
 argument, the form
-.I &index
+.Em &index
 may be used as an alternative.
-.PP
-.B lassocations
-.PP
-Obtains and prints a list of association identifiers and peer statuses
+.It lassocations
+Obtain and print a list of association identifiers and peer statuses
 for all associations for which the server is maintaining state. This
-command differs from the \*(L"associations\*(R" command only for servers
+command differs from the
+.Em associations
+command only for servers
 which retain state for out\-of\-spec client associations (i.e.
 fuzzballs). Such associations are normally omitted from the display when
-the \*(L"associations\*(R" command is used, but are included in the
-output of \*(L"lassociations\*(R".
-.PP
-.B passociations
-.PP
-Prints association data concerning in\-spec peers from the internally
+the
+.Em associations
+command is used, but are included in the
+output of
+.Em lassociations Ns .
+.It passociations
+Print association data concerning in\-spec peers from the internally
 cached list of associations. This command performs identically to the
-\*(L"associations\*(R" except that it displays the internally stored
+.Em associations
+except that it displays the internally stored
 data rather than making a new query.
-.PP
-.B lpassociations
-.PP
+.It lpassociations
 Print data for all associations, including out\-of\-spec client
 associations, from the internally cached list of associations. This
-command differs from \*(L"passociations\*(R" only when dealing with
-fuzzballs.
-.PP
-.B pstatus
-.I assocID
-.PP
-Sends a read status request to the server for the given association. The
+command differs from
+.Em passociations
+only when dealing with fuzzballs.
+.It pstatus Ar assocID
+Send a read status request to the server for the given association. The
 names and values of the peer variables returned will be printed. Note
 that the status word from the header is displayed preceding the
 variables, both in hexadecimal and in pidgin English.
-.PP
-.B readvar
-[
-.I assocID
-] [
-.IR <variable_name>[=<value>] [,...]
-]
-.PP
-Requests that the values of the specified variables be returned by the
+.It Xo readvar
+.Op Ar assocID Ns
+.Pf [ Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...]
+.Xc
+Request that the values of the specified variables be returned by the
 server by sending a read variables request. If the association ID is
 omitted or is given as zero the variables are system variables,
 otherwise they are peer variables and the values returned will be those
 of the corresponding peer. Omitting the variable list will send a
 request with no data which should induce the server to return a default
 display.
-.PP
-.B rv
-[
-.I assocID
-] [
-.IR <variable_name>[=<value>] [,...]
-]
-.PP
+.It Xo rv
+.Op Ar assocID Ns
+.Pf [ Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...]
+.Xc 
 An easy\-to\-type short form for the
-.B readvar
+.Em readvar
 command.
-.PP
-.B writevar
-.I assocID
-.IR <variable_name>=<value> [,...]
-.PP
+.It Xo writevar
+.Ar assocID
+.Aq variable_name Ns
+.Pf = Ns Aq value Ns
+.Op ,...
+.Xc
 Like the
-.B readvar
+.Em readvar
 request, except the specified variables are written instead of read.
-.PP
-.B readlist
-[
-.I assocID
-]
-.PP
-Requests that the values of the variables in the internal variable list
+.It readlist Op Ar assocID
+Request that the values of the variables in the internal variable list
 be returned by the server. If the association ID is omitted or is 0 the
 variables are assumed to be system variables. Otherwise they are treated
 as peer variables. If the internal variable list is empty a request is
 sent without data, which should induce the remote server to return a
 default display.
-.PP
-.B rl
-[
-.I assocID
-]
-.PP
+.It rl Op Ar assocID
 An easy\-to\-type short form of the
-.B readlist
+.Em readlist
 command.
-.PP
-.B writelist
-[
-.I assocID
-]
-.PP
+.It writelist Op Ar assocID
 Like the
-.B readlist
+.Em readlist
 request, except the internal list variables are written instead of read.
-.PP
-.B mreadvar
-.I assocID
-.I assocID
-[
-.IR <variable_name>[=<value>] [,...]
-]
-.PP
+.It Xo mreadvar
+.Ar assocID assocID [
+.Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...]
+.Xc
 Like the
-.B readvar
+.Em readvar
 command except the query is done for each of a range of (nonzero)
 association IDs. This range is determined from the association list
 cached by the most recent
-.B associations
+.Em associations
 command.
-.PP
-.B mrv
-.I assocID
-.I assocID
-[
-.IR <variable_name>[=<value>] [,...]
-]
-.PP
+.It Xo mrv
+.Ar assocID assocID [
+.Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...]
+.Xc
 An easy\-to\-type short form of the
-.B mreadvar
+.Em mreadvar
 command.
-.PP
-.B mreadlist
-.I assocID
-.I assocID
-.PP
+.It mreadlist Ar assocID assocID
 Like the
-.B readlist
+.Em readlist
 command except the query is done for each of a range of (nonzero)
 association IDs. This range is determined from the association list
 cached by the most recent
-.B associations
+.Em associations
 command.
-.PP
-.B mrl
-.I assocID
-.I assocID
-.PP
+.It mrl Ar assocID assocID
 An easy\-to\-type short form of the
-.B mreadlist
+.Em mreadlist
 command.
-.PP
-.B clockvar
-[
-.I assocID
-]
-[
-.IR <variable_name>[=<value>] [,...]
-]
-.PP
-Requests that a list of the server's clock variables be sent. Servers
+.It Xo clockvar
+.Op Ar assocID Ns
+.Pf [ Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...]
+.Xc
+Request that a list of the server's clock variables be sent. Servers
 which have a radio clock or other external synchronization will respond
 positively to this. If the association identifier is omitted or zero the
-request is for the variables of the \*(L"system clock\*(R" and will
+request is for the variables of the
+.Qq system clock
+and will
 generally get a positive response from all servers with a clock. If the
 server treats clocks as pseudo\-peers, and hence can possibly have more
 than one clock connected at once, referencing the appropriate peer
 association ID will show the variables of a particular clock. Omitting
 the variable list will cause the server to return a default variable
 display.
-.PP
-.B cv
-[
-.I assocID
-]
-[
-.IR <variable_name>[=<value>] [,...]
-]
-.PP
+.It Xo cv
+.Op Ar assocID Ns
+.Pf [ Aq variable_name Ns
+.Op = Ns Aq value Ns
+.Op ,...]
+.Xc
 An easy\-to\-type short form of the
-.B clockvar
+.Em clockvar
 command.
-.PP
-.B peers
-.PP
-Obtains a list of in\-spec peers of the server, along with a summary of
+.It peers
+Obtain a list of in\-spec peers of the server, along with a summary of
 each peer's state. Summary information includes the address of the
 remote peer, the reference ID (0.0.0.0 if the refID is unknown), the
 stratum of the remote peer, the type of the peer (local, unicast,
@@ -512,51 +414,66 @@ multicast or broadcast), when the last packet was received, the polling
 interval, in seconds, the reachability register, in octal, and the
 current estimated delay, offset and dispersion of the peer, all in
 seconds.
-.PP
+.Pp
 The character in the left margin indicates the fate of this peer in the
 clock selection process. The codes mean: <sp> discarded due to high
-stratum and/or failed sanity checks; \*(L"x\*(R" designated falsticker
-by the intersection algorithm; \*(L".\*(R" culled from the end of the
-candidate list; \*(L"-\*(R" discarded by the clustering algorithm;
-\*(L"+\*(R" included in the final selection set; \*(L"#\*(R" selected
-for synchronization but distance exceeds maximum; \*(L"*\*(R" selected
-for synchronization; and \*(L"o\*(R" selected for synchronization, pps
+stratum and/or failed sanity checks;
+.Qq x
+designated falsticker
+by the intersection algorithm;
+.Qq .
+culled from the end of the
+candidate list;
+.Qq -
+discarded by the clustering algorithm;
+.Qq +
+included in the final selection set;
+.Qq #
+selected
+for synchronization but distance exceeds maximum;
+.Qq *
+selected
+for synchronization; and
+.Qq o
+selected for synchronization, pps
 signal in use.
-.PP
+.Pp
 Note that since the
-.B peers
+.Em peers
 command depends on the ability to parse the values in the responses it
 gets it may fail to work from time to time with servers which poorly
 control the data formats.
-.PP
+.Pp
 The contents of the host field may be one of four forms. It may be a
 host name, an IP address, a reference clock implementation name with its
-parameter or \*(L"REFCLK(<implementation number>, <parameter>)\*(R". On
-\*(L"hostnames no\*(R" only IP\-addresses will be displayed.
-.PP
-.B lpeers
-.PP
+parameter or
+.Qq REFCLK(<implementation number>, <parameter>) .
+On
+.Qq hostnames no
+only IP\-addresses will be displayed.
+.It lpeers
 Like
-.BR peers ,
+.Em peers ,
 except a summary of all associations for which the server is maintaining
 state is printed. This can produce a much longer list of peers from
 fuzzball servers.
-.PP
-.B opeers
-.PP
-An old form of the \*(L"peers\*(R" command with the reference ID
+.It opeers
+An old form of the
+.Em peers
+command with the reference ID
 replaced by the local interface address.
-.SH HISTORY
-.PP
-Written by Dennis Ferguson at the University of Toronto.
-.SH BUGS
-.PP
+.El
+.Sh HISTORY
+Written by
+.An Dennis Ferguson
+at the University of Toronto.
+.Sh BUGS
 The
-.B peers
+.Em peers
 command is non\-atomic and may occasionally result in spurious error
 messages about invalid associations occurring and terminating the
 command.
-.PP
+.Pp
 The timeout time is a fixed constant, which means you wait a long time
 for time outs since it assumes sort of a worst case. The program should
 improve the time out estimate as it sends queries to a particular host,
diff --git a/usr.sbin/xntpd/doc/ntptrace.8 b/usr.sbin/xntpd/doc/ntptrace.8
index a79a679..ab66988 100644
--- a/usr.sbin/xntpd/doc/ntptrace.8
+++ b/usr.sbin/xntpd/doc/ntptrace.8
@@ -1,104 +1,65 @@
-''' $Header
-''' 
-.de Sh
-.br
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-'''
-'''     Set up \*(-- to give an unbreakable dash;
-'''     string Tr holds user defined translation string.
-'''     Greek uppercase omega is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-.ds L' '
-.ds R' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds L' `
-.ds R' '
-'br\}
-.TH NTPTRACE 8 LOCAL
-.SH NAME
-ntptrace - trace a chain of NTP hosts back to their master time source
-.SH SYNOPSIS
-.B ntptrace
-[
-.B -vdn
-] [
-.B -r
-.I retries
-] [
-.B -t
-.I timeout
-] [
-.I server
-]
-.SH DESCRIPTION
-.I Ntptrace
+.\"
+.\"	$Id$
+.\"
+.Dd December 21, 1993
+.Dt NTPTRACE 8
+.Os
+.Sh NAME
+.Nm ntptrace
+.Nd "trace a chain of NTP hosts back to their master time source"
+.Sh SYNOPSIS
+.Nm ntptrace
+.Op Fl vdn
+.Op Fl r Ar retries
+.Op Fl t Ar timeout
+.Op Ar server
+.Sh DESCRIPTION
+.Nm Ntptrace
 determines where a given Network Time Protocol (NTP) server gets
 its time from, and follows the chain of NTP servers back to their
 master time source.
-If given no arguments, it starts with ``localhost.''
-.PP
+If given no arguments, it starts with
+.Dq localhost .
+.Pp
 Here is an example of the output from
-.IR ntptrace :
-.RS 2
-.nf
-
+.Nm Ns :
+.Bd -literal
 % ntptrace
 localhost: stratum 4, offset 0.0019529, synch distance 0.144135
 server2.bozo.com: stratum 2, offset 0.0124263, synch distance 0.115784
-usndh.edu: stratum 1, offset 0.0019298, synch distance 0.011993, refid 'WWVB'
-
-.fi
-.RE
+h.edu: stratum 1, offset 0.0019298, synch distance 0.011993, refid 'WWVB'
+.Ed
+.Pp
 On each line, the fields are (left to right): the host name, the
 host's stratum,
 the time offset between that host and the local host
 (as measured by
-.IR ntptrace ;
-this is why it is not always zero for ``localhost''),
-the host's ``synchronization distance,''
+.Nm Ns ;
+this is why it is not always zero for
+.Dq localhost ) ,
+the host's
+.Dq synchronization distance ,
 and (only for stratum-1 servers) the reference clock ID.  All times
 are given in seconds.  (Synchronization distance is a measure of the
 goodness of the clock's time.)
-.SH OPTIONS
-.IP "\-d" 5
-Turns on some debugging output.
-.IP "\-n" 5
-Turns off the printing of host names; instead, host IP addresses
+.Sh OPTIONS
+The following options are available:
+.Bl -tag -width indent
+.It Fl d
+Turn on some debugging output.
+.It Fl n
+Turn off the printing of host names; instead, host IP addresses
 are given.  This may be necessary if a nameserver is down.
-.IP "\-r retries" 5
-Sets the number of retransmission attempts for each host; default = 5.
-.IP "\-t timeout" 5
-Sets the retransmission timeout (in seconds); default = 2.
-.IP "\-v" 5
-Prints verbose information about the NTP servers.
-.SH SEE ALSO
-xntpd(8), xntpdc(8)
-.SH BUGS
+.It Fl r Ar retries
+Set the number of retransmission attempts for each host; the default is 5.
+.It Fl t Ar timeout
+Set the retransmission timeout (in seconds); the default is 2.
+.It Fl v
+Print verbose information about the NTP servers.
+.El
+.Sh SEE ALSO
+.Xr xntpd 8 ,
+.Xr xntpdc 8
+.Sh BUGS
 This program makes no attempt to improve accuracy by doing multiple
 samples.
diff --git a/usr.sbin/xntpd/doc/xntpd.8 b/usr.sbin/xntpd/doc/xntpd.8
index 27767f4..f1096bc 100644
--- a/usr.sbin/xntpd/doc/xntpd.8
+++ b/usr.sbin/xntpd/doc/xntpd.8
@@ -1,122 +1,64 @@
-''' $Header
-'''
-.de Sh
-.br
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-'''
-'''     Set up \*(-- to give an unbreakable dash;
-'''     string Tr holds user defined translation string.
-'''     Greek uppercase omega is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-.ds L' '
-.ds R' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds L' `
-.ds R' '
-'br\}
-.TH XNTPD 8 LOCAL
-.SH NAME
-xntpd - Network Time Protocol daemon
-.SH SYNOPSIS
-.B xntpd
-[
-.B -abdm
-] [
-.B -c
-.I conffile
-] [
-.B -e
-.I authdelay
-] [
-.B -f
-.I driftfile
-] [
-.B -k
-.I keyfile
-] [
-.B -p
-.I pidfile
-] [
-.B -r
-.I broadcastdelay
-] [
-.B -s
-.I statsdir
-] [
-.B -t
-.I trustedkey
-] [
-.B -v
-.I variable
-] [
-.B -V
-.I variable
-]
-.SH DESCRIPTION
-.I xntpd
+.\"
+.\"	$Id$
+.\"
+.Dd December 21, 1993
+.Dt XNTPD 8
+.Os
+.Sh NAME
+.Nm xntpd
+.Nd Network Time Protocol daemon
+.Sh SYNOPSIS
+.Nm xntpd
+.Op Fl abdm
+.Op Fl c Ar conffile
+.Op Fl e Ar authdelay
+.Op Fl f Ar driftfile
+.Op Fl k Ar keyfile
+.Op Fl p Ar pidfile
+.Op Fl r Ar broadcastdelay
+.Op Fl s Ar statsdir
+.Op Fl t Ar trustedkey
+.Op Fl v Ar variable
+.Op Fl V Ar variable
+.Sh DESCRIPTION
+.Nm Xntpd
 is a daemon which sets and maintains a Unix system time\-of\-day in
 agreement with Internet standard time servers.
-.I xntpd
+.Nm Xntpd
 is a complete implementation of the Network Time Protocol (NTP) version
 3 standard, as defined by RFC 1305, but also retains compatibility with
 version 1 and 2 servers as defined by RFC 1059 and RFC 1119,
 respectively.
-.I xntpd
+.Nm Xntpd
 does all computations in fixed point arithmetic and requires no floating
 point code. The computations done in the protocol and clock adjustment
 code are carried out with high precision and with attention to the
 details which might introduce systematic bias into the computations, to
 try to maintain an accuracy suitable for synchronizing with even the
 most precise external time source.
-.PP
+.Pp
 Ordinarily,
-.I xntpd
+.Nm
 reads its configuration from a configuration file at startup time. The
 default configuration file name is
-.IR /etc/ntp.conf,
+.Pa /etc/ntp.conf ,
 although this may be overridden from the command line. It is also
 possible to specify a working, although limited,
-.I xntpd
+.Nm
 configuration entirely on the command line, obviating the need for a
 configuration file. This may be particularly appropriate when
-.I xntpd
+.Nm
 is to be configured as a broadcast or multicast client, with all peers
 being determined by listening to broadcasts at run time. Various
 internal
-.I xntpd
+.Nm
 variables can be displayed and configuration options altered while the
 daemon is running through use of the
-.IR ntpq (8)
+.Xr ntpq 8
 and
-.IR xntpdc (8)
+.Xr xntpdc 8
 programs.
-.PP
+.Pp
 The daemon can operate in any of several modes, including symmetric
 active/passive, client/server and broadcast/multicast. A
 broadcast/multicast client can automatically discover remote servers,
@@ -124,178 +66,165 @@ compute one-way delay correction factors and configure itself
 automatically. This makes it possible to deploy a fleet of workstations
 without specifying a configuration file or configuration details
 specific to its environment.
-.PP
+.Pp
 The following command line arguments are understood by
-.I xntpd
+.Nm
 (see the configuration file description for a more complete functional
 description):
-.Ip -a 8
-run in \*(L"authenticate\*(R" mode
-.Ip -b 8
-listen for broadcast NTP and sync to this if available
-.Ip -c 8
-specify an alternate configuration file
-.Ip -d 8
-specify debugging mode. This flag may occur multiple times, with each
+.Bl -tag -width indent
+.It Fl a
+Run in
+.Qq "authenticate"
+mode.
+.It Fl b
+Listen for broadcast NTP and sync to this if available.
+.It Fl c
+Specify an alternate configuration file.
+.It Fl d
+Specify debugging mode. This flag may occur multiple times, with each
 occurance indicating greater detail of display.
-.Ip -e 8
-specify the time (in seconds) it takes to compute the NTP encryption
-field on this computer
-.Ip -f driftfile 8
-specify the location of the drift file
-.Ip -k 8
-specify the location of the file which contains the NTP authentication
-keys
-.Ip -m 8
-listen for multicast messages and synchronize to them if available
-(requires multicast kernel)
-.Ip -p 8
-specify the name of the file to record the daemon's process id
-.Ip -r 8
-ordinarily, the daemon automatically compensates for the network delay
+.It Fl e
+Specify the time (in seconds) it takes to compute the NTP encryption
+field on this computer.
+.It Fl f Ar driftfile
+Specify the location of the drift file.
+.It Fl k
+Specify the location of the file which contains the NTP authentication
+keys.
+.It Fl m
+Listen for multicast messages and synchronize to them if available
+(requires multicast kernel).
+.It Fl p
+Specify the name of the file to record the daemon's process id.
+.It Fl r
+Ordinarily, the daemon automatically compensates for the network delay
 between the broadcast/multicast server and the client; if the
 calibration procedure fails, use the specified the default delay (in
-seconds)
-.Ip -s 8
-specify the directory to be used for creating statistics files
-.Ip -t trustedkey 8
-add a key number to the trusted key list
-.Ip -v 8
-add a system variable
-.Ip -V 8
-add a system variable listed by default
-.SH "CONFIGURATION OPTIONS"
-.I xntpd 's
+seconds).
+.It Fl s
+Specify the directory to be used for creating statistics files.
+.It Fl t Ar trustedkey
+Add a key number to the trusted key list.
+.It Fl v
+Add a system variable.
+.It Fl V
+Add a system variable listed by default.
+.El
+.Sh "CONFIGURATION OPTIONS"
+.Nm Xntpd Ns 's
 configuration file format is similar to other Unix configuration files.
-Comments begin with a \*(L"#\*(R" character and extend to the end of the
+Comments begin with a
+.Qq #
+character and extend to the end of the
 line. Blank lines are ignored. Configuration commands consist of an
 initial keyword followed by a list of arguments, some of which may be
 optional, separated by whitespace. These commands may not be continued
 over multiple lines. Arguments may be host names, host addresses written
 in numeric, dotted\-quad form, integers, floating point numbers (when
 specifying times in seconds) and text strings. Optional arguments are
-delimited by \*(L"[]\*(R" in the following descriptions, while
-alternatives are separated by \*(L"|\*(R".
-.PP
-.B peer
-.I host_address
-[
-.B key
-.I #
-] [
-.B version
-.I #
-] [
-.B prefer
-]
-.br
-.B server
-.I host_address
-[
-.B key
-.I #
-] [
-.B version
-.I #
-] [
-.B prefer
-]
-.br
-.B broadcast
-.I host_address
-[
-.B key
-.I #
-] [
-.B version
-.I #
-] [
-.B ttl
-.I #
-]
-.PP
+delimited by
+.Qq []
+in the following descriptions, while
+alternatives are separated by
+.Qq \&| .
+.Pp
+.Bl -tag -width indent
+.It Xo peer
+.Ar host_address
+.Op key Ar #
+.Op version Ar #
+.Op prefer
+.Xc
+.It Xo server
+.Ar host_address
+.Op key Ar #
+.Op version Ar #
+.Op prefer
+.Xc
+.It Xo broadcast
+.Ar host_address
+.Op key Ar #
+.Op version Ar #
+.Op ttl Ar #
+.Xc
+.Pp
 These three commands specify various time servers to be used and/or time
 services to be provided. The
-.B peer
-command specifies that the local server is to operate in \*(L"symmetric
-active\*(R" mode with the remote server
-.I host_address
+.Em peer
+command specifies that the local server is to operate in
+.Qq symmetric active
+mode with the remote server
+.Ar host_address
 named in the command. In this mode the local server can be synchronized
 to the remote server and, in addition, the remote server can be
 synchronized by the local server. This is useful in a network of servers
 where, depending on various failure scenarios, either the local or
 remote server host may be the better source of time. The
-.B server
+.Em server
 command specifies that the local server is to operate in
-\*(L"client\*(R" mode with the remote server named in the command. In
+.Qq client
+mode with the remote server named in the command. In
 this mode the local server can be synchronized to the remote server, but
 the remote server can never be synchronized to the local server. The
-.B broadcast
+.Em broadcast
 command specifies that the local server is to operate in
-\*(L"broadcast\*(R" mode where the local server sends periodic broadcast
+.Qq broadcast
+mode where the local server sends periodic broadcast
 messages to a client population at the broadcast/multicast address named
 in the command. Ordinarily, this specification applies only to the local
 server operating as a transmitter; for operation as a broadcast client,
 see the
-.B broadcastclient
+.Em broadcastclient
 or
-.B multicastclient
+.Em multicastclient
 commands elsewhere in this document. In this mode the
-.I host_address
+.Ar host_address
 is usually the broadcast address on [one of] the local network[s] or a
 multicast address assigned to NTP. The Numbers Czar has assigned the
 address 224.0.1.1 to NTP; this is presently the only number that should
 be used. Note that the use of multicast features requires a multicast
 kernel, which is not yet ubiquitous in vendor products.
-.PP
+.Pp
 The
-.B key
+.Ar key
 option, when included, indicates that all packets sent to the address
 are to include authentication fields encrypted using the specified key
 number (the range of which is that of an unsigned 32 bit integer). The
 default is to not include an encryption field. The
-.B version
+.Ar version
 option allows one to specify the version number to be used for outgoing
 NTP packets. Versions 1, 2, and 3 are the choices, version 3 is the
 default. The
-.B prefer
+.Ar prefer
 option marks the host as a preferred host. All other things being equal,
 this host will be chosen for synchronization among a set of correctly
 operating hosts. The
-.B ttl
-option is used only with the broadcast mode. It specifies the time-to-
-live (TTL) to use on multicast packets. Selection of the proper value,
+.Ar ttl
+option is used only with the broadcast mode. It specifies the time-to-live
+(TTL) to use on multicast packets. Selection of the proper value,
 which defaults to 127, is something of a black art and must be
 coordinated with the network admistrator(s).
-.PP
-.B broadcastclient
-.PP
+.It broadcastclient
 This directs the local server to listen for broadcast messages on the
 local network, in order to discover other servers on the same subnet.
 Upon hearing a broadcast message for the first time, the local server
 measures the nominal network delay using a brief client/server exchange
-with the remote server, then enters the \*(L"broadcastclient\*(R" mode,
+with the remote server, then enters the
+.Qq broadcastclient
+mode,
 in which it listens for and synchronizes to succeeding broadcast
 messages. Note that, in order to avoid accidental or malicious
 disruption in this mode, both the local and remote servers must operate
 using authentication with the same trusted key and key identifier.
-.PP
-.B multicastclient
-[
-.I IP address ...
-]
-.PP
+.It multicastclient Op Ar IP address ...
 This command is used in the same way as the
-.IR broadcastclient
+.Em broadcastclient
 command, but operates using IP multicasting. Support for this function
 requires a multicast kernel and the use of authentication. If one or
 more IP addresses are given, the server joins the respective multicast
 group(s). If none are given, the IP address assigned to NTP (224.0.1.1)
 is assumed.
-.PP
-.B driftfile
-.I filename
-.PP
+.It driftfile Ar filename
 This command specifies the name of the file used to record the frequency
 offset of the local clock oscillator. If the file exists, it is read at
 startup in order to set the initial frequency offset and then updated
@@ -306,61 +235,52 @@ frequency to stabilize and the residual timing errors to subside. The
 file contains a single floating point value equal to the offset in
 parts-per-million (ppm). Note that the file is updated by first writing
 the current drift value into a temporary file and then using
-.IR rename (3)
+.Xr rename 3
 to replace the old version. This implies that
-.I xntpd
+.Nm
 must have write permission for the directory the drift file is located
 in, and that file system links, symbolic or otherwise, should probably
 be avoided.
-.PP
-.B enable auth|bclient|pll|monitor|stats
-[
-.I ...
-]
-.PP
-Provides a way to enable various server options. Flags not mentioned are
-unaffected. The \*(L"auth\*(R" flag causes the server to synchronize
+.It enable Ar auth|bclient|pll|monitor|stats Op Ar ...
+Provide a way to enable various server options. Flags not mentioned are
+unaffected. The
+.Ar auth
+flag causes the server to synchronize
 with unconfigured peers only if the peer has been correctly
 authenticated using a trusted key and key identifier. The default for
-this flag is disable (off). The \*(L"bclient\*(R" flag causes the server
+this flag is disable (off). The
+.Ar bclient
+flag causes the server
 to listen for a message from a broadcast or multicast server, following
 which an association is automatically instantiated for that server. The
-default for this flag is disable (off). The \*(L"pll\*(R" flag enables
+default for this flag is disable (off). The
+.Ar pll
+flag enables
 the server to adjust its local clock, with default enable (on). If not
 set, the local clock free-runs at its intrinsic time and frequency
 offset. This flag is useful in case the local clock is controlled by
 some other device or protocol and NTP is used only to provide
-synchronization to other clients. The \*(L"monitor\*(R" flag enables the
+synchronization to other clients. The
+.Ar monitor
+flag enables the
 monitoring facility (see elsewhere), with default enable (on). The
-\*(L"stats\*(R" flag enables statistics facility filegen (see
+.Ar stats
+flag enables statistics facility filegen (see
 description elsewhere.), with default enable (on).
-.PP
-.B disable auth|bclient|pll|monitor|stats
-[
-.I ...
-]
-.PP
-Provides a way to disable various server options. Flags not mentioned
+.It disable Ar auth|bclient|pll|monitor|stats Op Ar ...
+Provide a way to disable various server options. Flags not mentioned
 are unaffected. The flags presently available are described under the
 enable command.
-
-.SH "AUTHENTICATION OPTIONS"
-.PP
-.B keys
-.I filename
-.PP
+.El
+.Sh "AUTHENTICATION OPTIONS"
+.Bl -tag -width indent
+.It keys Ar filename
 This command specifies the name of a file which contains the encryption
 keys and key identifiers used by
-.I xntpd
+.Nm
 when operating in authenticated mode. The format of this file is
 described later in this document.
-.PP
-.B trustedkey
-.I #
-[
-.I "# ..."
-]
-.PP
+.It trustedkey Ar # Op Ar # ...
 This command is used to specify the encryption key identifiers which are
 trusted for the purposes of authenticating peers suitable for
 sychonization. The authentication procedures require that both the local
@@ -369,73 +289,63 @@ purpose, although different keys can be used with different servers. The
 arguments are 32 bit unsigned integers. Note, however, that NTP key 0 is
 fixed and globally known. If meaningful authentication is to be
 performed the 0 key should not be trusted.
-.PP
-.B requestkey
-.I #
-.PP
+.It requestkey Ar #
 This command specifies the key identifier to use with the
-.IR xntpdc (8)
+.Xr xntpdc 8
 program, which is useful to diagnose and repair problems that affect
-.IR xntpd (8)
+.Nm
 operation. The operation of the
-.I xntpdc
-program are specific to this particular implementation of xntpd and can
+.Nm xntpdc
+program are specific to this particular implementation of
+.Nm
+and can
 be expected to work only with this and previous versions of the daemon.
 Requests from a remote
-.I xntpdc
+.Nm xntpdc
 program which affect the state of the
 local server must be authenticated, which requires bot the remote
 program and local server share a common key and key identifier. The
 argument to this command is a 32 bit unsigned integer. If no
-.B controlkey
+.Em controlkey
 command is included in the configuration file, or if the keys don't
 match, such requests will be ignored.
-.PP
-.B controlkey
-.I #
-.PP
+.It controlkey Ar #
 This command specifies the key identifier to use with the
-.IR ntpq (8)
+.Xr ntpq 8
 program, which is useful to diagnose and repair problems that affect
-.IR xntpd (8)
+.Nm
 operation. The operation of the
-.IR ntpq
+.Nm ntpq
 program and
-.I xntpd
+.Nm
 conform to those specified in RFC 1305. Requests from a remote
-.I ntpq
+.Nm ntpq
 program which affect the state of the local server must be
 authenticated, which requires bot the remote program and local server
 share a common key and key identifier. The argument to this command is a
 32 bit unsigned integer. If no
-.B requestkey
+.Em requestkey
 command is included in the configuration file, or if the keys don't
 match, such requests will be ignored.
-.PP
-.B authdelay
-.I seconds
-.PP
-Indicates the amount of time it takes to encrypt an NTP authentication
+.It authdelay Ar seconds
+Indicate the amount of time it takes to encrypt an NTP authentication
 field on the local computer. This value is used to correct transmit
 timestamps when the authentication is used on outgoing packets. The
 value usually lies somewhere in the range 0.0001 seconds to 0.003
 seconds, though it is very dependent on the CPU speed of the host
 computer. The value is usually computed using the
-.I authspeed
+.Em authspeed
 program included with the distribution.
-.SH "ACCESS CONTROL OPTIONS"
-.B restrict
-.I address
-[
-.B mask
-.I numeric_mask
-] [
-.I flag
-] [
-.I ...
-]
-.PP
-.I xntpd
+.El
+.Sh "ACCESS CONTROL OPTIONS"
+.Bl -tag -width indent
+.It Xo restrict
+.Ar address
+.Op mask Ar numeric_mask
+.Op Ar flag
+.Op Ar ...
+.Xc
+.Nm Xntpd
 implements a general purpose address\-and\-mask based restriction list.
 The list is sorted by address and by mask, and the list is searched in
 this order for matches, with the last match found defining the
@@ -443,14 +353,22 @@ restriction flags associated with the incoming packets. The source
 address of incoming packets is used for the match, with the 32 bit
 address being and'ed with the mask associated with the restriction entry
 and then compared with the entry's address (which has also been and'ed
-with the mask) to look for a match. The \*(L"mask\*(R" argument defaults
-to 255.255.255.255, meaning that the \*(L"address\*(R" is treated as the
+with the mask) to look for a match. The
+.Em mask
+argument defaults
+to 255.255.255.255, meaning that the
+.Em address
+is treated as the
 address of an individual host. A default entry (address 0.0.0.0, mask
 0.0.0.0) is always included and, given the sort algorithm, is always the
-first entry in the list. Note that, while \*(L"address\*(R" is normally
-given in dotted\-quad format, the text string \*(L"default\*(R", with no
+first entry in the list. Note that, while
+.Em address
+is normally
+given in dotted\-quad format, the text string
+.Em default ,
+with no
 mask option, may be used to indicate the default entry.
-.PP
+.Pp
 In the current implementation, flags always restrict access, i.e. an
 entry with no flags indicates that free access to the server is to be
 given. The flags are not orthogonal, in that more restrictive flags will
@@ -459,316 +377,343 @@ classed into two catagories, those which restrict time service and those
 which restrict informational queries and attempts to do run time
 reconfiguration of the server. One or more of the following flags may be
 specified:
-.Ip ignore 10
+.Bl -tag -width indent
+.It ignore
 Ignore all packets from hosts which match this entry. If this flag is
 specified neither queries nor time server polls will be responded to.
-.Ip noquery 10
+.It noquery
 Ignore all NTP mode 6 and 7 packets (i.e. information queries and
 configuration requests) from the source. Time service is not affected.
-.Ip nomodify 10
+.It nomodify
 Ignore all NTP mode 6 and 7 packets which attempt to modify the state of
 the server (i.e. run time reconfiguration). Queries which return
 information are permitted.
-.Ip notrap 10
+.It notrap
 Decline to provide mode 6 control message trap service to matching
 hosts. The trap service is a subsystem of the mode 6 control message
 protocol which is intended for use by remote event logging programs.
-.Ip lowpriotrap 10
+.It lowpriotrap
 Declare traps set by matching hosts to be low priority. The number of
 traps a server can maintain is limited (the current limit is 3). Traps
 are usually assigned on a first come, first served basis, with later
 trap requestors being denied service. This flag modifies the assignment
 algorithm by allowing low priority traps to be overridden by later
 requests for normal priority traps.
-.Ip noserve 10
+.It noserve
 Ignore NTP packets whose mode is other than 6 or 7. In effect, time
 service is denied, though queries may still be permitted.
-.Ip nopeer 10
+.It nopeer
 Provide stateless time service to polling hosts, but do not allocate
 peer memory resources to these hosts even if they otherwise might be
 considered useful as future synchronization partners.
-.Ip notrust 10
+.It notrust
 Treat these hosts normally in other respects, but never use them as
 synchronization sources.
-.Ip limited 10
+.It limited
 These hosts are subject to limitation of number of clients from the same
 net. Net in this context refers to the IP notion of net (class A, class
-B, class C, etc.). Only the first \*(L"client_limit\*(R" hosts that have
+B, class C, etc.). Only the first
+.Qq client_limit
+hosts that have
 shown up at the server and that have been active during the last
-\*(L"client_limit_period\*(R" seconds are accepted. Requests from other
+.Qq client_limit_period
+seconds are accepted. Requests from other
 clients from the same net are rejected. Only time request packets are
-taken into account. \*(L"Private\*(R", \*(L"control\*(R", and
-\*(L"broadcast\*(R" packets are not subject to client limitation and
+taken into account.
+.Qq Private ,
+.Qq control ,
+and
+.Qq broadcast
+packets are not subject to client limitation and
 therefore are not contributing to client count. History of clients is
 kept using the monitoring capability of
-.I xntpd .
+.Nm Ns .
 Thus, monitoring is active as long as there is a restriction entry with
-the \*(L"limited\*(R" flag. The default value for \*(L"client_limit\*(R"
-is 3. The default value for \*(L"client_limit_period\*(R" is 3600
-seconds.
-.Ip ntpport 10
+the
+.Qq limited
+flag. The default value for
+.Qq client_limit
+is 3. The default value for
+.Qq client_limit_period
+is 3600 seconds.
+.It ntpport
 This is actually a match algorithm modifier, rather than a restriction
 flag. Its presence causes the restriction entry to be matched only if
 the source port in the packet is the standard NTP UDP port (123). Both
-\*(L"ntpport\*(R" and non\-\*(L"ntpport\*(R" may be specified. The
-\*(L"ntpport\*(R" is considered more specific and is sorted later in the
+.Qq ntpport
+and
+.Pf non\- Qq ntpport
+may be specified. The
+.Qq ntpport
+is considered more specific and is sorted later in the
 list.
-.PP
-Default restriction list entries, with the flags \*(L"ignore,
-ntpport\*(R", for each of the local host's interface addresses are
+.El
+.Pp
+Default restriction list entries, with the flags
+.Qq ignore ,
+.Qq ntpport ,
+for each of the local host's interface addresses are
 inserted into the table at startup to prevent the server from attempting
 to synchronize to its own time. A default entry is also always present,
 though if it is otherwise unconfigured no flags are associated with the
 default entry (i.e. everything besides your own NTP server is
 unrestricted).
-.PP
+.Pp
 The restriction facility was added to allow the current access policies
 of the time servers running on the NSFnet backbone to be implemented
 with
-.I xntpd
+.Nm
 as well. While this facility may be otherwise useful for keeping
 unwanted or broken remote time servers from affecting your own, it
 should not be considered an alternative to the standard NTP
 authentication facility. Source address based restrictions are easily
 circumvented by a determined cracker.
-.PP
-.B clientlimit
-.I limit
-.PP
-Sets \*(L"client_limit\*(R" to \*(L"limit\*(R", allows configuration of
+.It clientlimit Ar limit
+Set
+.Qq client_limit
+to
+.Ar limit ,
+allow configuration of
 client limitation policy. This variable defines the number of clients
 from the same network that are allowed to use the server.
-.PP
-.B clientperiod
-.I period
-.PP
-Sets \*(L"client_limit_period\*(R", allows configuration of client
+.It clientperiod Ar period
+Set
+.Qq client_limit_period ,
+allow configuration of client
 limitation policy. This variable specifies the number of seconds after
 which a client is considered inactive and thus no longer is counted for
 client limit restriction.
-.SH "MONITORING OPTIONS"
-.PP
-.B statsdir
-.I /directory path/
-.PP
-Indicates the full path of a directory where statistics files should be
+.El
+.Sh "MONITORING OPTIONS"
+.Bl -tag -width indent 
+.It statsdir Ar /directory path/
+Indicate the full path of a directory where statistics files should be
 created (see below). This keyword allows the (otherwise constant)
 filegen filename prefix to be modified for file generation sets used for
 handling statistics logs (see
-.B filegen
+.Em filegen
 statement below).
-.PP
-.B statistics
-.IR name \.\.\.
-.PP
-Enables writing of statistics records. Currently, three kinds of
-statistics are supported.
-.Ip loopstats 10
-enables recording of loop filter statistics information. Each update of
+.It statistics Ar name Ns ...
+Enable writing of statistics records. Currently, three kinds of
+statistics are supported:
+.Bl -tag -width indent
+.It loopstats
+Enable recording of loop filter statistics information. Each update of
 the local clock outputs a line of the following form to the file
-generation set named \*(L"loopstats\*(R":
-.PP
-.RS 5
-48773 10847.650 0.0001307 17.3478 2
-.RE
-
-.RS 10
+generation set named
+.Qq loopstats :
+.Dl 48773 10847.650 0.0001307 17.3478 2
 The first two fields show the date (Modified Julian Day) and time
 (seconds and fraction past UTC midnight). The next three fields show
 time offset in seconds, frequency offset in parts-per-million and time
 constant of the clock-discipline algorithm at each update of the clock.
-.RE
-.Ip peerstats 10
-enables recording of peer statistics information. This includes
+.It peerstats
+Enable recording of peer statistics information. This includes
 statistics records of all peers of a NTP server and of the 1-pps signal,
 where present and configured. Each valid update appends a line of the
 following form to the current element of a file generation set named
-\*(L"peerstats\*(R":
-.PP
-.RS 5
-48773 10847.650 127.127.4.1 9714 -0.001605 0.00000 0.00142
-.RE
-
-.RS 10
+.Qq peerstats :
+.Dl 48773 10847.650 127.127.4.1 9714 -0.001605 0.00000 0.00142
 The first two fields show the date (Modified Julian Day) and time
 (seconds and fraction past UTC midnight). The next two fields show the
 peer address in dotted-quad notation and status, respectively. The
 status field is encoded in hex in the format described in Appendix A of
 the NTP specification RFC 1305. The final three fields show the offset,
 delay and dispersion, all in seconds.
-.RE
-.Ip clockstats 10
-enables recording of clock driver statistics information. Each update
+.It clockstats
+Enable recording of clock driver statistics information. Each update
 received from a clock driver outputs a line of the following form to the
-file generation set named \*(L"clockstats\*(R":
-.PP
-.RS 5
-49213 525.624 127.127.4.1 93 226 00:08:29.606 D
-.RE
-
-.RS 10
+file generation set named
+.Qq clockstats :
+.Dl 49213 525.624 127.127.4.1 93 226 00:08:29.606 D
 The first two fields show the date (Modified Julian Day) and time
 (seconds and fraction past UTC midnight). The next field shows the clock
 address in dotted-quad notation, The final field shows the last timecode
-received from the clock in decoded ASCII format, where meaningful. In
+received from the clock in decoded
+.Tn ASCII
+format, where meaningful. In
 some clock drivers a good deal of additional information can be gathered
 and displayed as well. See information specific to each clock for
 further details.
-.RE
-.PP
+.El
+.Pp
 Statistic files are managed using file generation sets (see
-.B filegen
+.Em filegen
 below). The information obtained by enabling statistics recording allows
 analysis of temporal properties of a
-.I xntpd
+.Nm
 server. It is usually only useful to primary servers or maybe main
 campus servers.
-.PP
-.B filegen
-.I name
-[
-.B file
-.I filename
-] [
-.B type
-.I typename
-] [
-.B flag
-.I flagval
-] [
-.BR link \| nolink
-] [
-.BR enable \| disable
-]
-.PP
-Configures setting of generation file set
-.IR name .
+.It Xo filegen
+.Ar name
+.Op file Ar filename
+.Op type Ar typename
+.Op flag Ar flagval
+.Op link | nolink
+.Op enable | disable
+.Xc
+Configure setting of generation file set
+.Ar name .
 Generation file sets provide a means for handling files that are
 continously growing during the lifetime of a server. Server statistics
 are a typical example for such files. Generation file sets provide
 access to a set of files used to store the actual data. At any time at
 most one element of the set is being written to. The
-.I type
+.Em type
 given specifies when and how data will be directed to a new element of
 the set. This way, information stored in elements of a file set that are
 currently unused are available for administrational operations without
 the risc of desturbing the operation of
-.I xntpd .
+.Nm Ns .
 (Most important: they can be removed to free space for new data
-produced.) Filenames of set members are built from three elements.
-.Ip prefix 10
+produced.) Filenames of set members are built from three elements:
+.Bl -tag -width indent
+.It prefix
 This is a constant filename path. It is not subject to modifications via
 the
-.B filegen
+.Em filegen
 statement. It is defined by the server, usually specified as a compile
 time constant. It may, however, be configurable for individual file
 generation sets via other commands. For example, the prefix used with
-"loopstats" and "peerstats" filegens can be configured using the
-.B statsdir
+.Qq loopstats
+and
+.Qq peerstats
+filegens can be configured using the
+.Em statsdir
 statement explained above.
-.Ip filename 10
+.It filename
 This string is directly concatenated to the
-.I prefix
-mentioned above (no intervening \*(L'/\*(R' (slash)). This can be
-modified using the \*(L"file\*(R" argument to the \*(L"filegen\*(R"
-statement. No \*(L"..\*(R" elements are allowed in this component to
+.Em prefix
+mentioned above (no intervening
+.Sq /
+(slash)). This can be
+modified using the
+.Ar file
+argument to the
+.Em filegen
+statement. No
+.Qq ..
+elements are allowed in this component to
 prevent filenames referring to parts outside the filesystem hierarchy
-denoted by \*(L"prefix\*(R".
-.Ip suffix 10
+denoted by
+.Em prefix .
+.It suffix
 This part is reflects individual elements of a file set. It is generated
 according to the
-.I type
+.Em type
 of a file set as explained below.
-.PP
+.El
+.Pp
 A file generation set is characterized by its type. The following types
 are supported:
-.Ip none 10
+.Bl -tag -width indent
+.It none
 The file set is actually a single plain file.
-.Ip pid 10
+.It pid
 One element of file set is used per incarnation of a
-.I xntpd
+.Nm
 server. This type does not perform any changes to file set members
 during runtime, however it provides an easy way of seperating files
 belonging to different
-.I xntpd
+.Nm
 server incarnations. The set member filename is built by appending a dot
-(\*(L'.\*(R') to concatentated \*(L"prefix\*(R" and \*(L"filename\*(R"
+.Pf ( Sq \&. Ns )
+to concatentated
+.Em prefix
+and
+.Em filename
 strings, and appending the decimal representation of the process id of
 the
-.I xntpd
+.Nm
 server process.
-.Ip day 10
+.It day
 One file generation set element is created per day. The term
-.I day
+.Em day
 is based on
-.IR UTC .
-A day is defined as the period between 00:00 and 24:00 UTC. The file set
-member suffix consists of a dot \*(L".\*(R" and a day specification in
+.Tn UTC .
+A day is defined as the period between 00:00 and 24:00
+.Tn UTC .
+The file set
+member suffix consists of a dot
+.Pf ( Qq \&. Ns )
+and a day specification in
 the form
-.RI < YYYYMMDD >.
-.I YYYY
+.Aq YYYYMMDD .
+.Em YYYY
 is a 4 digit year number (e.g. 1992).
-.I MM
+.Em MM
 is a two digit month number.
-.I DD
+.Em DD
 is a two digit day number. Thus, all information written at December
 10th, 1992 would end up in a file named
-\*(L"<prefix><filename>.19921210\*(R".
-.Ip week 10
+.Qq <prefix><filename>.19921210 .
+.It week
 Any file set member contains data related to a certain week of a year.
 The term
-.I week
-is definied by computing \*(L"day of year\*(R" modulo 7. Elements of
+.Em week
+is definied by computing
+.Qq day of year
+modulo 7. Elements of
 such a file generation set are distinguished by appending the following
-suffix to the file set filename base: A dot, a four digit year number,
-the letter \*(L"W\*(R", and a two digit week number. For example,
+suffix to the file set filename base: a dot, a four digit year number,
+the letter
+.Qq W ,
+and a two digit week number. For example,
 information from Jamuary, 10th 1992 would end up in a file with suffix
-\*(L".1992W1\*(R".
-.Ip month 10
+.Qq .1992W1 .
+.It month
 One generation file set element is generated per month. The file name
 suffix consists of a dot, a four digit year number, and a two digit
 month.
-.Ip year 10
-One generation file elment is generated per year. The filename suffix
+.It year
+One generation file element is generated per year. The filename suffix
 consists of a dot and a 4 digit year number.
-.Ip age 10
+.It age
 This type of file generation sets changes to a new element of the file
 set every 24 hours of server operation. The filename suffix consists of
-a dot, the letter \*(L"a\*(R", and an eight digit number. This number is
+a dot, the letter
+.Qq a ,
+and an eight digit number. This number is
 taken to be the number of seconds the server is running at the start of
 the corresponding 24 hour period.
-.PP
+.El
+.Pp
 Information is only written to a file generation set when this set is
-\*(L"enabled\*(R". Output is prevented by specifying \*(L"disabled\*(R".
-.PP
+.Qq enabled .
+Output is prevented by specifying
+.Qq disabled .
+.Pp
 It is convenient to be able to access the
-.I current
+.Em current
 element of a file generation set by a fixed name. This feature is
-enabled by specifying \*(L"link\*(R" and disabled using
-\*(L"nolink\*(R". If \*(L"link\*(R" is specified, a hard link from the
+enabled by specifying
+.Qq link
+and disabled using
+.Qq nolink .
+If
+.Qq link
+is specified, a hard link from the
 current file set element to a file without suffix is created. When there
 is already a file with this name and the number of links of this file is
-one, it is renamed appending a dot, the letter \*(L"C\*(R", and the pid
+one, it is renamed appending a dot, the letter
+.Qq C ,
+and the pid
 of the
-.I xntpd
+.Nm
 server process. When the number of links is greater than one, the file
 is unlinked. This allows the current file to be accessed by a constant
 name.
-.SH "MISCELLANEOUS OPTIONS"
-.PP
-.B precision
-.I #
-.PP
+.El
+.Sh "MISCELLANEOUS OPTIONS"
+.Bl -tag -width indent
+.It precision Ar #
 This command specifies the nominal precision of the local clock. The
 value is an integer approximately equal to the base 2 logarithm of the
 local timekeeping precision in seconds. Normally, the daemon determines
 the precision automatically at startup, so this command is necessary
 only in special cases when the precision cannot be determined
 automatically.
-.PP
-.B broadcastdelay
-.I seconds
-.PP
+.It broadcastdelay Ar seconds
 The broadcast and multicast modes require a special calibration to
 determine the network delay between the local and remote servers.
 Ordinarily, this is done automatically by the initial protocol exchanges
@@ -778,17 +723,11 @@ example. This command specifies the default delay to be used under these
 circumstances. Typically (for Ethernet), a number between 0.003 and
 0.007 seconds is appropriate. The default when this command is not used
 is 0.004 seconds.
-.PP
-.B trap
-.I host_address
-[
-.B port
-.I port_number
-] [
-.B interface
-.I interface_addess
-]
-.PP
+.It Xo trap
+.Ar host_address
+.Op port Ar port_number
+.Op interface Ar interface_addess
+.Xc
 This command configures a trap receiver at the given host address and
 port number for sending messages with the specified local interface
 address. If the port number is unspecified a value of 18447 is used. If
@@ -796,53 +735,52 @@ the interface address is not specified the message is sent with a source
 address which is that of the local interface the message is sent
 through. Note that on a multihomed host the interface used may vary from
 time to time with routing changes.
-.PP
+.Pp
 The trap receiver will generally log event messages and other
 information from the server in a log file. While such monitor programs
 may also request their own trap dynamically, configuring a trap receiver
 will ensure that no messages are lost when the server is started.
-.PP
-.B setvar
-.I variable
-.I [default]
-.PP
+.It Xo setvar
+.Ar variable
+.Op Ar default
+.Xc
 This command adds an additional system variable. These variables can be
 used to distribute additional information such as the access policy. If
 the variable of the form <name>=<value> is followed by the
-.I default
+.Em default
 keyword the variable will be listed as part of the default system
-variables (
-.I ntpq rv
-command). These additional variables serve informational purposes only.
+variables
+.Pf ( Nm ntpq
+rv command). These additional variables serve informational purposes only.
 They are not related to the protocol other that they can be listed. The
 known protocol variables will always overide any variables defined via
 the
-.I setvar
+.Em setvar
 mechanism.
-.PP
+.Pp
 There are three special variables that contain the names of all variable
 of the same group. The
-.I sys_var_list
+.Em sys_var_list
 holds the names of all system variables. The
-.I peer_var_list
+.Em peer_var_list
 holds the names of all peer variables and the
-.I clock_var_list
+.Em clock_var_list
 hold the names of the reference clock variables.
-.PP
-.B monitor yes|no
-.B authenticate yes|no
-.PP
+.It monitor Ar yes|no
+.It authenticate Ar yes|no
 These commands have been superseded by the
-.B enable
+.Em enable
 and
-.B disable
+.Em disable
 commands. They are listed here for historical purposes.
-.SH "AUTHENTICATION KEY FILE FORMAT"
-.PP
-The NTP standard specifies an extension allowing verification of the
+.El
+.Sh "AUTHENTICATION KEY FILE FORMAT"
+The
+.Tn NTP
+standard specifies an extension allowing verification of the
 authenticity of received NTP packets, and to provide an indication of
 authenticity in outgoing packets. This is implemented in
-.I xntpd
+.Nm
 using the DES or MD5 algorithms to compute a digital signature, or
 message-digest. The specification allows any one of possibly 4 billion
 keys, numbered with 32 bit key identifiers, to be used to authenticate
@@ -851,256 +789,285 @@ key and key identifier used to authenticate their data, though they must
 each learn the key and key identifer independently. In the case of DES,
 the keys are 56 bits long with, depending on type, a parity check on
 each byte. In the case of MD5, the keys are 64 bits (8 bytes).
-.I xntpd
+.Nm Xntpd
 reads its keys from a file specified using the
-.B -k
+.Fl k
 command line option or the
-.B keys
+.Em keys
 statement in the configuration file. While key number 0 is fixed by the
-NTP standard (as 56 zero bits) and may not be changed, one or more of
+.Tn NTP
+standard (as 56 zero bits) and may not be changed, one or more of
 the keys numbered 1 through 15 may be arbitrarily set in the keys file.
-.PP
+.Pp
 The key file uses the same comment conventions as the configuration
-file. Key entries use a fixed format of the form
-.Ip "" 5
-.I "keyno type key"
-.PP
-where \*(L"keyno\*(R" is a positive integer, \*(L"type\*(R" is a single
+file. Key entries use a fixed format of the form:
+.Pp
+.Dl keyno type key
+.Pp
+where
+.Em keyno
+is a positive integer,
+.Em type
+is a single
 character which defines the format the key is given in, and
-\*(L"key\*(R" is the key itself.
-.PP
+.Em key
+is the key itself.
+.Pp
 The key may be given in one of three different formats, controlled by
-the \*(L"type\*(R" character. The three key types, and corresponding
-formats, are listed following.
-.Ip "S" 5
-The \*(L"key\*(R" is a 64 bit hexadecimal number in the format specified
+the
+.Em type
+character. The three key types, and corresponding
+formats, are listed following:
+.Bl -tag -width indent
+.It S
+The
+.Em key
+is a 64 bit hexadecimal number in the format specified
 in the DES document, that is the high order 7 bits of each octet are
 used to form the 56 bit key while the low order bit of each octet is
 given a value such that odd parity is maintained for the octet. Leading
 zeroes must be specified (i.e. the key must be exactly 16 hex digits
 long) and odd parity must be maintained. Hence a zero key, in standard
 format, would be given as
-.I 0101010101010101 .
-.Ip "N" 5
-The \*(L"key\*(R" is a 64 bit hexadecimal number in the format specified
-in the NTP standard. This is the same as the DES format except the bits
+.Em 0101010101010101 .
+.It N
+The
+.Em key
+is a 64 bit hexadecimal number in the format specified
+in the
+.Tn NTP
+standard. This is the same as the DES format except the bits
 in each octet have been rotated one bit right so that the parity bit is
 now the high order bit of the octet. Leading zeroes must be specified
 and odd parity must be maintained. A zero key in NTP format would be
 specified as
-.I 8080808080808080
-.Ip "A" 5
-The \*(L"key\*(R" is a 1\-to\-8 character ASCII string. A key is formed
-from this by using the lower order 7 bits of the ASCII representation of
+.Em 8080808080808080 .
+.It A
+The
+.Em key
+is a 1\-to\-8 character
+.Tn ASCII
+string. A key is formed from this by using the lower order 7 bits of the
+.Tn ASCII
+representation of
 each character in the string, with zeroes being added on the right when
 necessary to form a full width 56 bit key, in the same way that
 encryption keys are formed from Unix passwords.
-.Ip "M" 5
-The \*(L"key\*(R" is a 1\-to\-8 character ASCII string, using the MD5
+.It M
+The
+.Em key
+is a 1\-to\-8 character
+.Tn ASCII
+string, using the MD5
 authentication scheme. Note that both the keys and the authentication
 schemes (DES or MD5) must be identical between a set of peers sharing
 the same key number.
-.PP
+.El
+.Pp
 One of the keys may be chosen,
 by way of the configuration file
-.B requestkey
+.Em requestkey
 statement, to authenticate run time configuration requests made using
 the
-.IR xntpdc (8)
+.Xr xntpdc 8
 program. The latter program obtains the key from the terminal as a
 password, so it is generally appropriate to specify the key chosen to be
-used for this purpose in ASCII format.
-.SH PRIMARY CLOCK SUPPORT
-.I xntpd
+used for this purpose in
+.Tn ASCII
+format.
+.Sh PRIMARY CLOCK SUPPORT
+.Nm Xntpd
 can be optionally compiled to include support for a number of types of
 reference clocks. A reference clock will generally (though not always)
 be a radio timecode receiver which is synchronized to a source of
 standard time such as the services offered by the NRC in Canada and NIST
 in the U.S. The interface between the computer and the timecode receiver
 is device dependent and will vary, but is often a serial port.
-.PP
+.Pp
 Support for the various reference clock drivers is conditionally
 compiled using the compiler define codes described elsewhere. An attempt
 to configure a reference clock when specific support is not available or
 the hardware port has not been appropriately configured results in a
 scolding remark to the system log file, but is otherwise non hazardous.
-.PP
+.Pp
 For the purposes of configuration,
-.I xntpd
-treats reference clocks in a manner analogous to normal NTP peers as
+.Nm
+treats reference clocks in a manner analogous to normal
+.Tn NTP
+peers as
 much as possible. Reference clocks are referred to by address, much as a
 normal peer is, though an invalid IP address is used to distinguish them
 from normal peers. Reference clock addresses are of the form
-.I 127.127.t.u
+.Em 127.127.t.u
 where
-.I t
+.Em t
 is an integer denoting the clock type and
-.I u
+.Em u
 indicates the type\-specific unit number. Reference clocks are
 configured using a
-.B server
+.Em server
 statement in the configuration file where the
-.I host_address
+.Em host_address
 is the clock address. The
-.I key,
-.I version
+.Em key,
+.Em version
 and
-.I ttl
+.Em ttl
 options are not used for reference clock support; however, the
-.I prefer
+.Em prefer
 option can be useful to persuade the server to cherish a reference clock
 with somewhat more enthusiasm than other reference clocks or peers, if
 this is advisable. Clock addresses may generally be used anywhere in the
 configuration file a normal IP address can be used, for example, in
-.B restrict
+.Em restrict
 statements, although such use would normally be considered strange.
-.PP
+.Pp
 Reference clock support provides the
-.B fudge
+.Em fudge
 command, which can be used to configure reference clocks in special
-ways. Following is the generic format that applies to this command
-.PP
-.B fudge
-.I 127.127.t.u
-[
-.B time1
-.I secs
-] [
-.B time2
-.I secs
-] [
-.B stratum
-.I int
-] [
-.B refid
-.I int
-] [
-.B flag1
-.I 0|1
-] [
-.B flag2
-.I 0|1
-] [
-.B flag3
-.I 0|1
-] [
-.B flag4
-.I 0|1
-]
-.PP
+ways. Following is the generic format that applies to this command:
+.Pp
+fudge
+.Ar 127.127.t.u
+.Op time1 Ar secs
+.Op time2 Ar secs
+.Op stratum Ar int
+.Op refid Ar int
+.Op flag1 Ar 0|1
+.Op flag2 Ar 0|1
+.Op flag3 Ar 0|1
+.Op flag4 Ar 0|1
+.Pp
 The
-.I time1
+.Em time1
 and
-.B time2
+.Em time2
 options are specified in fixed point seconds and used in some clock
 drivers as calibration constants. By convention, and unless indicated
 otherwise,
-.B time1
+.Em time1
 is used as a calibration constant to adjust the nominal time offset of a
 particular clock to agree with an external standard, such as a precision
 PPS signal. The specified offset is in addition to the propagation delay
 provided by other means, such as internal DIPswitches. The
-.B stratum
+.Em stratum
 option is a number in the range zero to 15 and is used to assign a
 nonstandard operating stratum to the clock. The
-.B refid
-option is an ASCII string in the range one to four characters and is
+.Em refid
+option is an
+.Tn ASCII
+string in the range one to four characters and is
 used to assign a nonstandard reference identifier to the clock. Finally,
 the four binary flags
-.B flag1,
-.B flag2,
-.B flag3
+.Em flag1,
+.Em flag2,
+.Em flag3
 and
-.B flag4
+.Em flag4
 are used for customizing the clock driver. The interpretation of these
 values, and whether they are used at all, is a function of the needs of
 the particular clock driver. However, by convention, and unless
 indicated otherwise,
-.B flag3
+.Em flag3
 is used to attach the ppsclock streams module to the configured driver,
 while
-.B flag4
+.Em flag4
 is used to enable recording verbose monitoring data to the clockstats
 file configured with the
-.I filegen
+.Em filegen
 command. Further information on the ppsclock streams module is in the
-README file in the ./kernel directory in the current xntp3 program
+.Pa README
+file in the
+.Pa ./kernel
+directory in the current xntp3 program
 distribution. Further information on this feature is available in the
-./scripts/stats directory in the same distribution.
-.PP
+.Pa ./scripts/stats
+directory in the same distribution.
+.Pp
 Ordinarily, the stratum of a reference clock is by default zero. Since
 the
-.I xntpd
+.Nm
 daemon adds one to the stratum of each peer, a primary server ordinarily
 displays stratum one. In order to provide engineered backups, it is
 often useful to specify the reference clock stratum as greater than
 zero. The
-.B stratum
+.Em stratum
 option is used for this purpose. Also, in cases involving both a
 reference clock and a 1-pps discipline signal, it is useful to specify
 the reference clock identifier as other than the default, depending on
 the driver. The
-.I refid
+.Em refid
 option is used for this purpose. Except where noted, these options apply
 to all clock drivers.
-.PP
-.I xntpd
+.Pp
+.Nm Xntpd
 on Unix machines currently supports several different types of clock
 hardware plus a special pseudo\-clock used for backup or when no other
 clock source is available. In the case of most of the clock drivers,
 support for a 1-pps precision timing signal is available as described in
-the README file in the ./doc directory of the xntp3 progam distribution.
+the
+.Pa README
+file in the
+.Pa ./doc
+directory of the xntp3 progam distribution.
 The clock drivers, and the addresses used to configure them, are
-described in the README.refclocks in the doc directory of the current
+described in the
+.Pa README.refclocks
+in the
+.Pa doc
+directory of the current
 program distribution.
-.PP
-.SH VARIABLES
-Most variables used by the NTP protocol can be examined with the
-.I xntpdc
+.Sh VARIABLES
+Most variables used by the
+.Tn NTP
+protocol can be examined with the
+.Nm xntpdc
 (mode 7 messages) and the
-.I ntpq
+.Nm ntpq
 (mode 6 messages). Currently very few variables can be modified via mode
 6 messages. These variables are either created with the
-.I setvar
+.Em setvar
 directive or the leap warning variables. The leap warning bits that can
 be set in the
-.B leapwarning
+.Em leapwarning
 variable (up to one month ahead). Both, the
-.B leapwarning
+.Em leapwarning
 and the
-.B leapindication
+.Em leapindication
 variable, have a slightly different encoding than the usual
-.B leap
+.Em leap
 bits interpretation:
-.P
-.Ip 00 8
+.Bl -tag -width indent
+.It 00
 The daemon passes the leap bits of its synchronisation source (usual
 mode of operation).
-.Ip 01/10 8
+.It 01/10
 A leap second is added/deleted (operator forced leap second).
-.Ip 11 8
+.It 11
 Leap information from the sychronisation source is ignored (thus
 LEAP_NOWARNING is passed on).
-.PP
-.SH FILES
-.Ip /etc/ntp.conf 20
+.El
+.Sh FILES
+.Bl -tag -width /etc/ntp.drift -compact
+.It /etc/ntp.conf
 the default name of the configuration file
-.Ip /etc/ntp.drift 20
+.It /etc/ntp.drift
 the conventional name of the drift file
-.Ip /etc/ntp.keys 20
+.It /etc/ntp.keys
 the conventional name of the key file
-.SH SEE ALSO
-.PP
-.IR xntpdc (8),
-.IR ntpq (8),
-.IR ntpdate (8)
-.SH HISTORY
-.PP
-Written by Dennis Ferguson at the University of Toronto. Text amended by
-David Mills at the University of Delaware.
-.SH BUGS
-.PP
-.I xntpd
+.El
+.Sh SEE ALSO
+.Xr ntpdate 8 ,
+.Xr ntpq 8 ,
+.Xr xntpdc 8
+.Sh HISTORY
+Written by
+.An Dennis Ferguson
+at the University of Toronto. Text amended by
+.An David Mills
+at the University of Delaware.
+.Sh BUGS
+.Nm Xntpd
 has gotten rather fat. While not huge, it has gotten larger than might
 be desireable for an elevated\-priority daemon running on a workstation,
 particularly since many of the fancy features which consume the space
diff --git a/usr.sbin/xntpd/doc/xntpdc.8 b/usr.sbin/xntpd/doc/xntpdc.8
index e7ec93b..b2ad6ff 100644
--- a/usr.sbin/xntpd/doc/xntpdc.8
+++ b/usr.sbin/xntpd/doc/xntpdc.8
@@ -1,237 +1,198 @@
-''' $Header
-'''
-.de Sh
-.br
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp
-.if t .sp .5v
-.if n .sp
-..
-.de Ip
-.br
-.ie \\n.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-'''
-'''     Set up \*(-- to give an unbreakable dash;
-'''     string Tr holds user defined translation string.
-'''     Greek uppercase omega is used as a dummy character.
-'''
-.tr \(*W-|\(bv\*(Tr
-.ie n \{\
-.ds -- \(*W-
-.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-.ds L" ""
-.ds R" ""
-.ds L' '
-.ds R' '
-'br\}
-.el\{\
-.ds -- \(em\|
-.tr \*(Tr
-.ds L" ``
-.ds R" ''
-.ds L' `
-.ds R' '
-'br\}
-.TH XNTPDC 8 LOCAL
-.SH NAME
-xntpdc - query/control program for the Network Time Protocol daemon
-.SH SYNOPSIS
-.B xntpdc
-[
-.B -ilnps
-] [
-.B -c
-.I command
-] [
-.I host
-] [
-.I ...
-]
-.SH DESCRIPTION
-.I Xntpdc
+.\"
+.\"	$Id$
+.\"
+.Dd December 21, 1993
+.Dt XNTPDC 8
+.Os
+.Sh NAME
+.Nm xntpdc
+.Nd query/control program for the Network Time Protocol daemon
+.Sh SYNOPSIS
+.Nm xntpdc
+.Op Fl ilnps
+.Op Fl c Ar command
+.Op Ar host ...
+.Sh DESCRIPTION
+.Nm Xntpdc
 is used to query the
-.IR xntpd (8)
+.Xr xntpd 8
 daemon about its current state and to request changes in that state. The
 program may be run either in interactive mode or controlled using
 command line arguments. Extensive state and statistics information is
 available through the
-.I xntpdc
+.Nm
 interface. In addition, nearly all the configuration options which can
 be specified at start up using
-.IR xntpd 's
+.Nm xntpd Ns 's
 configuration file may also be specified at run time using
-.IR xntpdc .
-.PP
+.Nm Ns .
+.Pp
 If one or more request options is included on the command line when
-.I xntpdc
-is executed, each of the requests will be sent to the NTP servers
+.Nm
+is executed, each of the requests will be sent to the
+.Tn NTP
+servers
 running on each of the hosts given as command line arguments, or on
-.I localhost
+.Ar localhost
 by default. If no request options are given,
-.I xntpdc
+.Nm
 will attempt to read commands from the standard input and execute these
-on the NTP server running on the first host given on the command line,
+on the
+.Tn NTP
+server running on the first host given on the command line,
 again defaulting to
-.I localhost
+.Ar localhost
 when no other host is specified.
-.I Xntpdc
+.Nm Xntpdc
 will prompt for commands if the standard input is a terminal device.
-.PP
-.I Xntpdc
-uses NTP mode 7 packets to communicate with the NTP server, and hence
+.Pp
+.Nm Xntpdc
+uses
+.Tn NTP
+mode 7 packets to communicate with the
+.Tn NTP
+server, and hence
 can be used to query any compatable server on the network which permits
-it. Note that since NTP is a UDP protocol this communication will be
+it. Note that since
+.Tn NTP
+is a UDP protocol this communication will be
 somewhat unreliable, especially over large distances in terms of network
 topology.
-.I Xntpdc
+.Nm Xntpdc
 makes no attempt to retransmit requests, and will time requests out if
 the remote host is not heard from within a suitable time out time.
-.PP
+.Pp
 Command line options are described following. Specifying a command line
 option other than
-.B -i
+.Fl i
 or
-.B -n
+.Fl n
 will cause the specified query (queries) to be sent to the indicated
 host(s) immediately. Otherwise,
-.I xntpdc
+.Nm
 will attempt to read interactive format commands from the standard
 input.
-.Ip -c 8
+.Bl -tag -width indent
+.It Fl c
 The following argument is interpreted as an interactive format command
 and is added to the list of commands to be executed on the specified
 host(s). Multiple
-.B -c
+.Fl c
 options may be given.
-.Ip -i 8
+.It Fl i
 Force
-.I xntpdc
+.Nm
 to operate in interactive mode. Prompts will be written to the standard
 output and commands read from the standard input.
-.Ip -l 8
+.It Fl l
 Obtain a list of peers which are known to the server(s). This switch is
-equivalent to \*(L"-c listpeers\*(R".
-.Ip -n 8
+equivalent to
+.Qq -c listpeers .
+.It Fl n
 Output all host addresses in dotted\-quad numeric format rather than
 converting to the canonical host names.
-.Ip -p 8
+.It Fl p
 Print a list of the peers known to the server as well as a summary of
-their state. This is equivalent to \*(L"-c peers\*(R".
-.Ip -s 8
+their state. This is equivalent to
+.Qq -c peers .
+.It Fl s
 Print a list of the peers known to the server as well as a summary of
 their state, but in a slightly different format than the
-.B -p
-switch. This is equivalent to \*(L"-c dmpeers\*(R".
-.SH INTERNAL COMMANDS
-.PP
+.Fl p
+switch. This is equivalent to
+.Qq -c dmpeers .
+.El
+.Sh INTERNAL COMMANDS
 Interactive format commands consist of a keyword followed by zero to
 four arguments. Only enough characters of the full keyword to uniquely
 identify the command need be typed. The output of a command is normally
 sent to the standard output, but optionally the output of individual
-commands may be sent to a file by appending a \*(L">\*(R", followed by a
+commands may be sent to a file by appending a
+.Qq > ,
+followed by a
 file name, to the command line.
-.PP
+.Pp
 A number of interactive format commands are executed entirely within the
-.I xntpdc
-program itself and do not result in NTP mode 7 requests being sent to a
-server. These are described following.
-.PP
-.B ?
-[
-.I command_keyword
-]
-.PP
-A \*(L"?\*(R" by itself will print a list of all the command keywords
+.Nm
+program itself and do not result in
+.Tn NTP
+mode 7 requests being sent to a
+server. These are described following:
+.Pp
+.Bl -tag -width indent
+.It Xo ?
+.Op Ar command_keyword
+.Xc
+A
+.Em ?
+by itself will print a list of all the command keywords
 known to this incarnation of
-.IR xntpdc .
-A \*(L"?\*(R" followed by a command keyword will print funcation and
+.Nm Ns .
+A
+.Em ?
+followed by a command keyword will print function and
 usage information about the command. This command is probably a better
 source of information about
-.I xntpdc
+.Nm
 than this manual page.
-.PP
-.B help
-[
-.I command_keyword
-]
-.PP
+.It help Ar command_keyword
 A synonym for the
-.B ?
+.Em ?
 command.
-.PP
-.B timeout
-.I millseconds
-.PP
+.It timeout Ar millseconds
 Specify a time out period for responses to server queries. The default
 is about 8000 milliseconds.
-.PP
-.B delay
-.I milliseconds
-.PP
+.It delay Ar milliseconds
 Specify a time interval to be added to timestamps included in requests
 which require authentication. This is used to enable (unreliable) server
 reconfiguration over long delay network paths or between machines whose
 clocks are unsynchronized.
-.PP
-.B host
-.I hostname
-.PP
+.It host Ar hostname
 Set the host to which future queries will be sent.
-.I Hostname
+.Ar Hostname
 may be either a host name or a numeric (dotted quad) dmaddress.
-.PP
-.B keyid
-.I #
-.PP
+.It keyid Ar #
 This command allows the specification of a key number to be used to
 authenticate configuration requests. This must correspond to the key
 number the server has been configured to use for this purpose.
-.PP
-.B passwd
-.PP
+.It passwd
 This command prompts you to type in a password (which will not be
 echoed) which will be used to authenticate configuration requests. The
-password must correspond to the key configured for use by the NTP server
-for this purpose if such requests are to be successful.
-.PP
-.B "hostnames yes|no"
-.PP
-If \*(L"yes\*(R" is specified, host names are printed in information
-displays. If \*(L"no\*(R" is given, numeric addresses are printed
-instead. The default is \*(L"yes\*(R" unless modified using the command
-line
-.B -n
+password must correspond to the key configured for use by the
+.Tn NTP
+server for this purpose if such requests are to be successful.
+.It hostnames Ar yes|no
+If
+.Ar yes
+is specified, host names are printed in information
+displays. If
+.Ar no
+is given, numeric addresses are printed
+instead. The default is
+.Ar yes
+unless modified using the command line
+.Fl n
 switch.
-.PP
-.B quit
-.PP
+.It quit
 Exit
-.IR xntpdc .
-.SH QUERY COMMANDS
-.PP
-Query commands result in NTP mode 7 packets containing requests for
-information being sent to the server. These are \*(L"read\-only\*(R"
+.Nm Ns .
+.El
+.Sh QUERY COMMANDS
+Query commands result in
+.Tn NTP
+mode 7 packets containing requests for
+information being sent to the server. These are
+.Qq read\-only
 commands in that they make no modification of the server configuration
 state.
-.PP
-.B listpeers
-.PP
-Obtains and prints a brief list of the peers for which the server is
+.Bl -tag -width indent
+.It listpeers
+Obtain and print a brief list of the peers for which the server is
 maintaining state. These should include all configured peer associations
 as well as those peers whose stratum is such that they are considered by
-the server to be possible future synchonization candidates.
-.PP
-.B peers
-.PP
-Obtains a list of peers for which the server is maintaining state, along
+the server to be possible future synchronization candidates.
+.It peers
+Obtain a list of peers for which the server is maintaining state, along
 with a summary of that state. Summary information includes the address
 of the remote peer, the local interface address (0.0.0.0 if a local
 address has yet to be determined), the stratum of the remote peer (a
@@ -239,167 +200,171 @@ stratum of 16 indicates the remote peer is unsynchronized), the polling
 interval, in seconds, the reachability register, in octal, and the
 current estimated delay, offset and dispersion of the peer, all in
 seconds. In addition, the character in the left margin indicates the
-mode this peer entry is operating in. A \*(L"+\*(R" denotes symmetric
-active, a \*(L"-\*(R" indicates symmetric passive, a \*(L"=\*(R" means
-the remote server is being polled in client mode, a \*(L"^\*(R"
-indicates that the server is broadcasting to this address, a \*(L"~\*(R"
-denotes that the remote peer is sending broadcasts and a \*(L"*\*(R"
-marks the peer the server is currently synchonizing to.
-.PP
+mode this peer entry is operating in. A
+.Qq +
+denotes symmetric
+active, a
+.Qq -
+indicates symmetric passive, a
+.Qq =
+means
+the remote server is being polled in client mode, a
+.Qq ^
+indicates that the server is broadcasting to this address, a
+.Qq ~
+denotes that the remote peer is sending broadcasts and a
+.Qq *
+marks the peer the server is currently synchronizing to.
+.Pp
 The contents of the host field may be one of four forms. It may be a
 host name, an IP address, a reference clock implementation name with its
-parameter or \*(L"REFCLK(<implementation number>, <parameter>)\*(R". On
-\*(L"hostnames no\*(R" only IP\-addresses will be displayed.
-.PP
-.B dmpeers
-.PP
+parameter or
+.Qq REFCLK(<implementation number>, <parameter>) .
+On
+.Qq hostnames no
+only IP\-addresses will be displayed.
+.It dmpeers
 A slightly different peer summary list. Identical to the output of the
-.B peers
+.Em peers
 command except for the character in the leftmost column. Characters only
 appear beside peers which were included in the final stage of the clock
-selection algorithm. A \*(L".\*(R" indicates that this peer was cast off
-in the falseticker detection, while a \*(L"+\*(R" indicates that the
-peer made it through. A \*(L"*\*(R" denotes the peer the server is
+selection algorithm. A
+.Qq \&.
+indicates that this peer was cast off
+in the falseticker detection, while a
+.Qq +
+indicates that the
+peer made it through. A
+.Qq *
+denotes the peer the server is
 currently synchronizing with.
-.PP
-.B showpeer
-.I peer_address
-[
-.I addr2
-] [
-.I addr3
-] [
-.I addr4
-]
-.PP
-Shows a detailed display of the current peer variables for one or more
-peers. Most of these values are described in the NTP Version 2
-specification.
-.PP
-.B pstats
-.I peer_address
-[
-.I addr2
-] [
-.I addr3
-] [
-.I addr4
-]
-.PP
+.It Xo showpeer
+.Ar peer_address
+.Op Ar addr2
+.Op Ar addr3
+.Op Ar addr4
+.Xc
+Show a detailed display of the current peer variables for one or more
+peers. Most of these values are described in the
+.Tn NTP
+Version 2 specification.
+.It Xo pstats
+.Ar peer_address
+.Op Ar addr2
+.Op Ar addr3
+.Op Ar addr4
+.Xc
 Show per\-peer statistic counters associated with the specified peer(s).
-.PP
-.B clockinfo
-.I clock_peer_address
-[
-.I addr2
-] [
-.I addr3
-] [
-.I addr4
-]
-.PP
+.It Xo clockinfo
+.Ar clock_peer_address
+.Op Ar addr2
+.Op Ar addr3
+.Op Ar addr4
+.Xc
 Obtain and print information concerning a peer clock. The values
 obtained provide information on the setting of fudge factors and other
 clock performance information.
-.PP
-.B kerninfo
-.PP
+.It kerninfo
 Obtain and print kernel phase-lock loop operating parameters. This
 information is available only if the kernel has been specially modified
 for a precision timekeeping function.
-.PP
-.B loopinfo
-[
-.B oneline|multiline
-]
-.PP
+.It loopinfo Op Ar oneline|multiline
 Print the values of selected loop filter variables. The loop filter is
-the part of NTP which deals with adjusting the local system clock. The
-\*(L"offset\*(R" is the last offset given to the loop filter by the
-packet processing code. The \*(L"frequency\*(R" is the frequency error
-of the local clock in parts-per-million (ppm). The \*(L"time_const\*(R"
-controls the "stiffness" of the phase-lock loop and thus the speed at
-which it can adapt to oscillator drift. The \*(L"watchdog timer\*(R"
+the part of
+.Tn NTP
+which deals with adjusting the local system clock. The
+.Qq offset
+is the last offset given to the loop filter by the
+packet processing code. The
+.Qq frequency
+is the frequency error
+of the local clock in parts-per-million (ppm). The
+.Qq time_const
+controls the
+.Qq stiffness
+of the phase-lock loop and thus the speed at
+which it can adapt to oscillator drift. The
+.Qq watchdog timer
 value is the number of seconds which have elapsed since the last sample
-offset was given to the loop filter. The \*(L"oneline\*(R" and
-\*(L"multiline\*(R" options specify the format in which this information
-is to be printed, with \*(L"multiline\*(R" as the default.
-.PP
-.B sysinfo
-.PP
+offset was given to the loop filter. The
+.Ar oneline
+and
+.Ar multiline
+options specify the format in which this information
+is to be printed, with
+.Ar multiline
+as the default.
+.It sysinfo
 Print a variety of system state variables, i.e. state related to the
-local server. All except the last four lines are described in the NTP
-Version 3 specification, RFC 1305. The \*(L"system flags\*(R" show
-various system flags, some of which can be set and cleared by the
-\*(L"enable\*(R" and \*(L"disable\*(R" configuration commands,
-respectively. The \*(L"stability\*(R" is the residual frequency error
+local server. All except the last four lines are described in the
+.Tn NTP
+Version 3 specification, RFC 1305. The
+.Qq system flags
+show various system flags, some of which can be set and cleared by the
+.Qq enable
+and
+.Qq disable
+configuration commands,
+respectively. The
+.Qq stability
+is the residual frequency error
 remaining after the system frequency correction is applied and is
 intended for maintenance and debugging. In most architectures, this
 value will initially decrease from as high as 500 ppm to a nominal value
 in the range .01 to 0.1 ppm. If it remains high for some time after
 starting the daemon, something may be wrong with the local clock, or the
-value of the kernel variable \*(L"tick\*(R" may be incorrect. The
-\*(L"broadcastdelay\*(R" shows the default broadcast delay, as set by
-the \*(L"broadcastdelay\*(R" configuration command, while the
-\*(L"authdelay\*(R" shows the default authentication delay, as set by
-the \*(L"authdelay\*(R" configuration command.
-.PP
-.B sysstats
-.PP
+value of the kernel variable
+.Qq tick
+may be incorrect. The
+.Qq broadcastdelay
+shows the default broadcast delay, as set by
+the
+.Qq broadcastdelay
+configuration command, while the
+.Qq authdelay
+shows the default authentication delay, as set by
+the
+.Qq authdelay
+configuration command.
+.It sysstats
 Print statistics counters maintained in the protocol module.
-.PP
-.B memstats
-.PP
+.It memstats
 Print statistics counters related to memory allocation
 code.
-.PP
-.B iostats
-.PP
+.It iostats
 Print statistics counters maintained in the input\-output module.
-.PP
-.B timerstats
-.PP
+.It timerstats
 Print statistics counters maintained in the timer/event queue support
 code.
-.PP
-.B reslist
-.PP
+.It reslist
 Obtain and print the server's restriction list. This list is (usually)
 printed in sorted order and may help to understand how the restrictions
 are applied.
-.PP
-.B monlist
-[
-.I version
-]
-.PP
+.It monlist Op Ar version
 Obtain and print traffic counts collected and maintained by the monitor
 facility. The version number should not normally need to be specified.
-.PP
-.B clkbug
-.I clock_peer_address
-[
-.I addr2
-] [
-.I addr3
-] [
-.I addr4
-]
-.PP
+.It Xo clkbug
+.Ar clock_peer_address
+.Op Ar addr2
+.Op Ar addr3
+.Op Ar addr4
+.Xc
 Obtain debugging information for a reference clock driver. This
 information is provided only by some clock drivers and is mostly
 undecodable without a copy of the driver source in hand.
-.SH RUNTIME CONFIGURATION REQUESTS
-.PP
+.El
+.Sh RUNTIME CONFIGURATION REQUESTS
 All requests which cause state changes in the server are authenticated
-by the server using a configured NTP key (the facility can also be
+by the server using a configured
+.Tn NTP
+key (the facility can also be
 disabled by the server by not configuring a key). The key number and the
 corresponding key must also be made known to
-.IR xtnpdc .
+.Nm Ns .
 This can be done using the
-.B keyid
+.Em keyid
 and
-.B passwd
+.Em passwd
 commands, the latter of which will prompt at the terminal for a password
 to use as the encryption key. You will also be prompted automatically
 for both the key number and password the first time a command which
@@ -407,7 +372,7 @@ would result in an authenticated request to the server is given.
 Authentication not only provides verification that the requester has
 permission to make such changes, but also gives an extra degree of
 protection again transmission errors.
-.PP
+.Pp
 Authenticated requests always include a timestamp in the packet data,
 which is included in the computation of the authentication code. This
 timestamp is compared by the server to its receive time stamp. If they
@@ -423,309 +388,285 @@ reasonable passwords are chosen, care is taken in the distribution and
 protection of keys and appropriate source address restrictions are
 applied, the run time reconfiguration facility should provide an
 adequate level of security.
-.PP
-The following commands all make authenticated requests.
-.PP
-.B addpeer
-.I peer_address
-[
-.I keyid
-] [
-.I version#
-] [
-.B prefer
-]
-.PP
+.Pp
+The following commands all make authenticated requests:
+.Bl -tag -width indent
+.It Xo addpeer
+.Ar peer_address
+.Op Ar keyid
+.Op Ar version#
+.Op Ar prefer
+.Xc
 Add a configured peer association at the given address and operating in
 symmetric active mode. Note that an existing association with the same
 peer may be deleted when this command is executed, or may simply be
 converted to conform to the new configuration, as appropriate. If the
-optional \*(L"keyid\*(R" is a nonzero integer, all outgoing packets to
+optional
+.Ar keyid
+is a nonzero integer, all outgoing packets to
 the remote server will have an authentication field attached encrypted
 with this key. If the value is 0 (or not given) no authentication will
-be done. The \*(L"version#\*(R" can be 1, 2 or 3 and defaults to 3. The
-\*(L"prefer\*(R" keyword indicates a preferred peer (and thus will be
+be done. The
+.Ar version#
+can be 1, 2 or 3 and defaults to 3. The
+.Ar prefer
+keyword indicates a preferred peer (and thus will be
 used primarily for clock synchronisation if possible). The preferred
 peer also determines the validity of the PPS signal - if the preferred
 peer is suitable for synchronisation so is the PPS signal.
-.PP
-.B addserver
-.I peer_address
-[
-.I keyid
-] [
-.I version#
-] [
-.B prefer
-]
-.PP
+.It Xo addserver
+.Ar peer_address
+.Op Ar keyid
+.Op Ar version#
+.Op Ar prefer
+.Xc
 Identical to the
-.B addpeer
+.Em addpeer
 command, except that the operating mode is client.
-.PP
-.B broadcast
-.I peer_address
-[
-.I keyid
-] [
-.I version#
-]
-.PP
+.It Xo broadcast
+.Ar peer_address
+.Op Ar keyid
+.Op Ar version#
+.Xc
 Identical to the
-.B addpeer
+.Em addpeer
 command, except that the operating mode is broadcast. In this case a
-valid key identifier and key are required. The \*(L"peer_address\*(R"
+valid key identifier and key are required. The
+.Ar peer_address
 parameter can be the broadcast address of the local network or a
-multicast group address assigned to NTP. If a multicast address, a
+multicast group address assigned to
+.Tn NTP .
+If a multicast address, a
 multicast-capable kernel is required.
-.PP
-.B unconfig
-.I peer_address
-[
-.I addr2
-] [
-.I addr3
-] [
-.I addr4
-]
-.PP
+.It Xo unconfig
+.Ar peer_address
+.Op Ar addr2
+.Op Ar addr3
+.Op Ar addr4
+.Xc
 This command causes the configured bit to be removed from the specified
 peer(s). In many cases this will cause the peer association to be
 deleted. When appropriate, however, the association may persist in an
 unconfigured mode if the remote peer is willing to continue on in this
 fashion.
-.PP
-.B fudge
-.I peer_address
-[
-.I time1
-] [
-.I time2
-] [
-.I stratum
-] [
-.I refid
-]
-.PP
+.It Xo fudge
+.Ar peer_address
+.Op Ar time1
+.Op Ar time2
+.Op Ar stratum
+.Op Ar refid
+.Xc
 This command provides a way to set certain data for a reference clock.
 See the source listing for further information.
-.PP
-.B enable auth|bclient|pll|monitor|stats
-[
-.I ...
-]
-.PP
-Provides a way to enable various server options. Flags not mentioned are
-unaffected. The \*(L"auth\*(R" flag causes the server to synchronize
+.It Xo enable
+.Ar auth|bclient|pll|monitor|stats
+.Op Ar ...
+.Xc
+Provide a way to enable various server options. Flags not mentioned are
+unaffected. The
+.Ar auth
+flag causes the server to synchronize
 with unconfigured peers only if the peer has been correctly
 authenticated using a trusted key and key identifier. The default for
-this flag is disable (off). The \*(L"bclient\*(R" flag causes the server
+this flag is disable (off). The
+.Ar bclient
+flag causes the server
 to listen for a message from a broadcast or multicast server, following
 which an association is automatically instantiated for that server. The
-default for this flag is disable (off). The \*(L"pll\*(R" flag enables
+default for this flag is disable (off). The
+.Ar pll
+flag enables
 the server to adjust its local clock, with default enable (on). If not
 set, the local clock free-runs at its intrinsic time and frequency
 offset. This flag is useful in case the local clock is controlled by
-some other device or protocol and NTP is used only to provide
-synchronization to other clients. The \*(L"monitor\*(R" flag enables the
+some other device or protocol and
+.Tn NTP
+is used only to provide
+synchronization to other clients. The
+.Ar monitor
+flag enables the
 monitoring facility (see elsewhere), with default disable (off). The
-\*(L"stats\*(R" flag enables statistics facility filegen (see
+.Ar stats
+flag enables statistics facility filegen (see
 description elsewhere.), with default enable (on).
-.PP
-.B disable auth|bclient|pll|monitor|stats
-[
-.I ...
-]
-.PP
-Provides a way to disable various server options. Flags not mentioned
+.It Xo disable
+.Ar auth|bclient|pll|monitor|stats
+.Op Ar ...
+.Xc
+Provide a way to disable various server options. Flags not mentioned
 are unaffected. The flags presently available are described under the
 enable command.
-.PP
-.B restrict
-.I address
-.I mask
-.I flag
-[
-.I flag
-]
-.PP
-Causes flag(s) to be added to an existing restrict list entry, or adds a
+.It Xo restrict
+.Ar address
+.Ar mask
+.Ar flag
+.Op Ar flag
+.Xc
+Cause flag(s) to be added to an existing restrict list entry, or adds a
 new entry to the list with the specified flag(s). The possible choices
 for the flags arguments are given in the following list:
-.Ip ignore 10
+.Bl -tag -width indent
+.It ignore
 Ignore all packets from hosts which match this entry. If this flag is
 specified neither queries nor time server polls will be responded to.
-.Ip noquery 10
-Ignore all NTP mode 7 packets (i.e. information queries and
+.It noquery
+Ignore all
+.Tn NTP
+mode 7 packets (i.e. information queries and
 configuration requests) from the source. Time service is not affected.
-.Ip nomodify 10
-Ignore all NTP mode 7 packets which attempt to modify the state of the
+.It nomodify
+Ignore all
+.Tn NTP
+mode 7 packets which attempt to modify the state of the
 server (i.e. run time reconfiguration). Queries which return information
 are permitted.
-.Ip notrap 10
+.It notrap
 Decline to provide mode 6 control message trap service to matching
 hosts. The trap service is a subsystem of the mode 6 control message
 protocol which is intended for use by remote event logging programs.
-.Ip lowpriotrap 10
+.It lowpriotrap
 Declare traps set by matching hosts to be low priority. The number of
 traps a server can maintain is limited (the current limit is 3). Traps
 are usually assigned on a first come, first served basis, with later
 trap requestors being denied service. This flag modifies the assignment
 algorithm by allowing low priority traps to be overridden by later
 requests for normal priority traps.
-.Ip noserve 10
-Ignore NTP packets whose mode is other than 7. In effect, time service
+.It noserve
+Ignore
+.Tn NTP
+packets whose mode is other than 7. In effect, time service
 is denied, though queries may still be permitted.
-.Ip nopeer 10
+.It nopeer
 Provide stateless time service to polling hosts, but do not allocate
 peer memory resources to these hosts even if they otherwise might be
 considered useful as future synchronization partners.
-.Ip notrust 10
+.It notrust
 Treat these hosts normally in other respects, but never use them as
 synchronization sources.
-.Ip limited 10
+.It limited
 These hosts are subject to limitation of number of clients from the same
 net. Net in this context refers to the IP notion of net (class A, class
-B, class C, etc.). Only the first \*(L"client_limit\*(R" hosts that have
+B, class C, etc.). Only the first
+.Qq client_limit
+hosts that have
 shown up at the server and that have been active during the last
-\*(L"client_limit_period\*(R" seconds are accepted. Requests from other
+.Qq client_limit_period
+seconds are accepted. Requests from other
 clients from the same net are rejected. Only time request packets are
-taken into account. \*(L"Private\*(R", \*(L"control\*(R", and
-\*(L"broadcast\*(R" packets are not subject to client limitation and
+taken into account.
+.Qq Private ,
+.Qq control ,
+and
+.Qq broadcast
+packets are not subject to client limitation and
 therefore are not contributing to client count. History of clients is
 kept using the monitoring capability of
-.IR xntpd.
+.Xr xntpd 8 .
 Thus, monitoring is active as long as there is a restriction entry with
-the \*(L"limited\*(R" flag. The default value for \*(L"client_limit\*(R"
-is 3. The default value for \*(L"client_limit_period\*(R" is 3600
+the
+.Ar limited
+flag. The default value for
+.Qq client_limit
+is 3. The default value for
+.Qq client_limit_period
+is 3600
 seconds. Currently both variables are not runtime configurable.
-.Ip ntpport 10
+.It ntpport
 This is actually a match algorithm modifier, rather than a restriction
 flag. Its presence causes the restriction entry to be matched only if
-the source port in the packet is the standard NTP UDP port (123). Both
-\*(L"ntpport\*(R" and non\-\*(L"ntpport\*(R" may be specified. The
-\*(L"ntpport\*(R" is considered more specific and is sorted later in the
-list.
-.PP
-.B unrestrict
-.I address
-.I mask
-.I flag
-[
-.I flag
-]
-.PP
+the source port in the packet is the standard
+.Tn NTP
+UDP port (123). Both
+.Em ntpport
+and
+.Pf non\- Em ntpport
+may be specified. The
+.Em ntpport
+is considered more specific and is sorted later in the list.
+.El
+.It Xo unrestrict
+.Ar address
+.Ar mask
+.Ar flag
+.Op Ar flag
+.Xc
 Remove the specified flag(s) from the restrict list entry indicated
 by the
-.I address
+.Ar address
 and
-.I mask
+.Ar mask
 arguments.
-.PP
-.B delrestrict
-.I address
-.I mask
-[
-.B ntpport
-]
-.PP
+.It Xo delrestrict
+.Ar address
+.Ar mask
+.Op Ar ntpport
+.Xc
 Delete the matching entry from the restrict list.
-.PP
-.B "monitor yes|no"
-.PP
+.It monitor Ar yes|no
 Enable or disable the monitoring facility. Note that a
-.B "monitor no"
+.Em monitor Ar no
 command followed by a
-.B "monitor yes"
+.Em monitor Ar yes
 command is a good way of resetting the packet counts.
-.PP
-.B readkeys
-.PP
-Causes the current set of authentication keys to be purged and a new set
+.It readkeys
+Cause the current set of authentication keys to be purged and a new set
 to be obtained by rereading the keys file (which must have been
 specified in the
-.I xntpd
+.Nm xntpd
 configuration file). This allows encryption keys to be changed without
 restarting the server.
-.PP
-.B trustkey
-.I keyid
-[
-.I keyid
-] [
-.I keyid
-] [
-.I keyid
-]
-.PP
-Adds one or more keys to the trusted key list. When authentication is
+.It Xo trustkey
+.Ar keyid
+.Op Ar keyid
+.Op Ar keyid
+.Op Ar keyid
+.Xc
+Add one or more keys to the trusted key list. When authentication is
 enabled, peers whose time is to be trusted must be authenticated using a
 trusted key.
-.PP
-.B untrustkey
-.I keyid
-[
-.I keyid
-] [
-.I keyid
-] [
-.I keyid
-]
-.PP
-Removes one or more keys from the trusted key list.
-.PP
-.B authinfo
-.PP
-Returns information concerning the authentication module, including
+.It Xo untrustkey
+.Ar keyid
+.Op Ar keyid  
+.Op Ar keyid  
+.Op Ar keyid  
+.Xc
+Remove one or more keys from the trusted key list.
+.It authinfo
+Return information concerning the authentication module, including
 known keys and counts of encryptions and decryptions which have been
 done.
-.PP
-.B setprecision
-.I precision_value
-.PP
-Sets the precision which the server advertises to the specified value.
+.It setprecision Ar precision_value
+Set the precision which the server advertises to the specified value.
 This should be a negative integer in the range -4 through -20.
-.PP
-.B traps
-.PP
+.It traps
 Display the traps set in the server. See the source listing for further
 information.
-.PP
-.B addtrap
-.I address
-[
-.I port
-] [
-.I interface
-]
-.PP
+.It Xo addtrap
+.Ar address
+.Op Ar port
+.Op Ar interface
+.Xc
 Set a trap for asynchronous messages. See the source listing for further
 information.
-.PP
-.B clrtrap
-.I address
-[
-.I port
-] [
-.I interface
-]
-.PP
+.It Xo clrtrap
+.Ar address
+.Op Ar port
+.Op Ar interface
+.Xc
 Clear a trap for asynchronous messages. See the source listing for
 further information.
-.PP
-.B reset ...
-.PP
+.It reset Ar ...
 Clear the statistics counters in various modules of the server. See the
 source listing for further information.
-.SH SEE ALSO
-.PP
-.IR xntpd (8)
-.SH HISTORY
-.PP
-Written by Dennis Ferguson at the University of Toronto.
-.SH BUGS
-.PP
-.I Xntpdc
+.El
+.Sh SEE ALSO
+.Xr xntpd 8
+.Sh HISTORY
+Written by
+.An Dennis Ferguson
+at the University of Toronto.
+.Sh BUGS
+.Nm Xntpdc
 is a crude hack. Much of the information it shows is deadly boring and
 could only be loved by its implementer. The program was designed so that
 new (and temporary) features were easy to hack in, at great expense to