diff --git a/README.markdown b/README.markdown
index 11bdfe46..35ab7470 100644
--- a/README.markdown
+++ b/README.markdown
@@ -255,7 +255,7 @@ Tells Puppet what NTP service to manage. Valid options: string. Default value: v
 
 ####`udlc`
 
-Specifies whether to enable specialized configuration options for an undisciplined local clock, regardless of its status as a virtual machine. Valid options: 'true' or 'false'. Default value: 'false'
+Specifies whether to configure ntp to use the undisciplined local clock as a time source, regardless of the node's status as a virtual machine. Valid options: 'true' or 'false'. Default value: 'false' for VMs and 'true' otherwise.
 
 ##Limitations
 
diff --git a/manifests/params.pp b/manifests/params.pp
index 6aeb0fe3..705ec92a 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -13,7 +13,6 @@
   $service_enable    = true
   $service_ensure    = 'running'
   $service_manage    = true
-  $udlc              = false
   $interfaces        = []
   $disable_auth      = false
   $broadcastclient   = false
@@ -24,6 +23,15 @@
     default => true,
   }
 
+  # On virtual systems, disable the use of the undisciplined local clock to
+  # avoid ntp falling back to the local clock in preference over ntp servers.
+  # TODO Change this to str2bool($::is_virtual) when stdlib dependency is >= 4
+  # NOTE The "x${var}" is just to avoid lint quoted variable warning.
+  $udlc = "x${::is_virtual}" ? {
+    'xtrue' => false,
+    default => true,
+  }
+
   $default_config       = '/etc/ntp.conf'
   $default_keys_file    = '/etc/ntp/keys'
   $default_driftfile    = '/var/lib/ntp/drift'
diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb
index 0563d310..b2e42034 100644
--- a/templates/ntp.conf.erb
+++ b/templates/ntp.conf.erb
@@ -38,11 +38,11 @@ broadcastclient
 server <%= server %><% if @iburst_enable == true -%> iburst<% end %><% if @preferred_servers.include?(server) -%> prefer<% end %>
 <% end -%>
 
-<% if @is_virtual == "true" or @udlc -%>
+<% if @udlc -%>
 # Undisciplined Local Clock. This is a fake driver intended for backup
-# and when no outside source of synchronized time is available. 
-server	127.127.1.0 
-fudge	127.127.1.0 stratum 10
+# and when no outside source of synchronized time is available.
+server   127.127.1.0
+fudge    127.127.1.0 stratum 10
 restrict 127.127.1.0
 <% end -%>