Build an ntpd Time Server

In the online environment, some servers do not need to communicate with each other over the Internet. Therefore, the synchronization time of these servers cannot be guaranteed and may affect services, we need to set up an NTP time synchronization server for the internal network.

First, install the ntpd service on the server. Generally, the system has been installed. If not, run the following command to install the service:

Red Hat series:

yum install ntpd -y

Ubuntu series:

apt-get install ntpdate -y

After the installation is complete, we need to make some changes to the configuration file.

[[Email protected] ~] # Grep '^ [A-Z]'/etc/NTP. conf driftfile/var/lib/NTP/driftrestrict default nomodify notrap # permission setting restrict 127.0.0.1 # enable the internal network recursive interface restrict 192.168.1.100 # enable the local interface restrict-6 :: 1 restrict 192.168.1.0 mask 255.255.255.0 nomodify # The network segment server cn.pool.ntp.org that can be synchronized # The upper-level time server. We can use prefer to set the default upper-level server later, instead of letting the system Select Server cn.pool.ntp.org preferserver ntp.sjtu.edu.cn # superior time server region defile/etc/NTP/crypto/pwkeys/etc/NTP/keyslogfile/var/log/NTP /NTP. log # log files

Some parameters for permission configuration are as follows:

Ignore: Disable all NTP online services nomodify: the client cannot change the time parameter of the server, but the client can perform network calibration through the server. Notrust: unless the client passes authentication, the client source will be considered as untrusted subnet noquery: the client Time query is not provided. Note: If the parameter is not set, it indicates that the IP address (or subnet) has no restrictions!

Edit the configuration file, save and exit, and restart the ntpd service.

Service ntpd restart # Check whether the service is actually started. Run the netstat command to check UDP port 123.

Now, a simple ntpd time synchronization server has been set up.

We can use the ntpq-p command to view our NTP service.

[[email protected] ~]# ntpq -p     remote           refid      st t when poll reach   delay   offset  jitter============================================================================== 202.118.1.130   .INIT.          16 u    -   64    0    0.000    0.000   0.000 sdns.sjtu.edu.c .INIT.          16 u    -   64    0    0.000    0.000   0.000*27.114.150.12   193.190.230.65   2 u    2   64  377  389.568    2.578  25.695

* Is the time server selected by the system.

Remote: the name of the NTP server that responds to this request. fefid: The last NTP server st used by the NTP server trial: Remote remote server level. Because NTP is a hierarchical structure, there is a top server. multi-layer relay server to client T: Time source (that is, NTP server) type, so we can see that the local time server is mapped to L. when: the time (in seconds) between the last successful request and the present ). this value cannot exceed maxpoll. poll: how long the local server and remote server are synchronized (in seconds ). this is based on minpoll/maxpoll. reach: it is an octal value used to test whether it can be connected to the server. The value of REACH increases every time it is successfully connected. delay: latency, from the local machine to send synchronization requests to the NTP server's round trip time (MS) (round-trip time ). offset: Offset, the Time Offset between the host and the synchronized time source through the NTP clock, in milliseconds (MS ). the closer the offset is to 0, the closer the time between the host and NTP server is. jitter: Jitter. This is a statistical value. It calculates the offset distribution in a specific continuous number of connections. In short, the smaller the absolute value of this value, the more accurate the host time is.

Now that the server has been configured, go to the client and directly add a scheduled task to update the time.

[[email protected] ntp]# crontab -l*/10 * * * *  ntpdate 192.168.1.100  >/dev/null 2&>1

Wait for a while to see if there is any synchronization. Note that generally, after the server is restarted, it may take some time to wait for another synchronization. If the server is restarted, the client will immediately execute

ntpdate 192.168.1.100

Synchronization may occur. You can wait for a while.

This article from the "wind don't Crane" blog, please be sure to keep this source http://addam.blog.51cto.com/5041993/1470665

Build an ntpd Time Server