CentOS NTP server installation and configuration

CentOS NTP server installation and configuration

Background
When there are too many servers, it is a big problem whether the time is accurate or not. Although this problem is always ignored, it is necessary to unify the time. The following describes how to configure the Linux time server in the LAN.

Configuration environment and requirements:
1. Assume that the Linux server with the IP address 192.168.0.240 is in the network segment 192.168.0.0.
2.192.168.0.240 servers can be connected to the Internet and synchronized with authoritative public network time servers
3. Other machines in the same network segment automatically synchronize time to 192.168.0.240 every hour

I. Installation

Yum-y install ntp ntpdate
Ii. Configuration

2.1.NTP server's main configuration file is/etc/ntp. conf. Description of/etc/ntp. conf
Cp/etc/ntp. conf/etc/ntp. conf. bak
Vim/etc/ntp. conf

2. vi/etc/ntp. conf (the content of the ntp. conf file is as follows)

# Set the IP address for time synchronization on the server layer above. prefer means the preferred IP address.
# After the test, the server speed is good in the following time (the default configuration is enough)
Server 210.72.145.44 prefer
Server 218.21.130.42
Server 0.asia.pool.ntp.org
Server 1.asia.pool.ntp.org
Server 2.asia.pool.ntp.org
# Record the time spent connecting the last NTP server to the upper-layer NTP server
Driftfile/etc/ntp/drift
# Set the Default policy to allow time synchronization on any host
Restrict default ignore
# Set the IP address of the time service that is allowed to access the server at this time
# Configure according to your actual situation
Restrict 127.0.0.1
Restrict 192.168.10.2 # specify the time synchronization for a machine
Restrict 192.168.0.0 mask 255.255.255.0 # Allow time synchronization between hosts in the 192.168.0.0/254 Subnet
Restrict 0.0.0.0 mask 0.0.0.0 nomodify notrap # Allow time synchronization between any host and
# Specify the class number as 10 to reduce its priority.
Fudge 127.127.1.1 stratum 10
# Set the ntp Log path
Statsdir/var/log/ntp/
# Set ntp log files
Logfile/var/log/ntp. log

Iii. Maintenance

---- Add as service
Chkconfig -- level 345 ntpd on
---- Start
Service ntpd start
Or
/Etc/rc. d/init. d/ntpd start
---- Stop
Service ntpd stop
Or
/Etc/rc. d/init. d/ntpd stop
---- Manage commands
Ntpq-p # view the time synchronization result between the local server and the upper-layer server
Ntptrace # It can be used to track the time correspondence between a Time Server
Ntpdate IP # The client must synchronize the clock with the NTP server.
/Var/log/ntp. log # view ntp logs

----------------------------------
Enable Firewall port
Iptables-a input-p udp-dport 123-j ACCEPT
/Etc/init. d/iptables save
Service iptables restart

4. Configure the client

Test synchronization:
Ntpdate IP Address

Set automatic synchronization:
Echo "00 */1 *** root/usr/sbin/ntpdate 192.168.0.240;/sbin/hwclock-w">/etc/crontab
Clock Synchronization is performed hourly with the NTP server and written to the local BIOS.