I. Installing the NTP software
1. Check if the NTP-related package is installed.
Rpm-qa | grep NTP
2. Install the NTP software.
Yum-y Install NTP
Two. Parameter explanation
Ignore: Turn off all NTP Online Services
Nomodify: The client cannot change the time parameters on the server side, but the client can perform the network calibration via the server.
Notrust: The client source will be treated as untrusted subnet unless authenticated
Noquery: No time query for clients: Client cannot query NTP server using commands such as Ntpq,ntpc
Notrap: Do not provide trap remote login: Deny the matching host to provide mode 6 control message Trap Service. The Trap service is a subsystem of the NTPDQ Control Message Protocol, which is used for remote event logger applications.
Nopeer: Used to prevent the host from attempting to peer to the server and allow the fraudulent server to control the clock
Kod: The Kod package is sent when an access violation occurs.
Three. Modify the configuration file
1. View the unmodified configuration file
# grep ^[^#]/etc/ntp.conf
Driftfile/var/lib/ntp/drift
Restrict default nomodify notrap nopeer noquery
Restrict 127.0.0.1
Restrict:: 1
Server 0.centos.pool.ntp.org Iburst
Server 1.centos.pool.ntp.org Iburst
Server 2.centos.pool.ntp.org Iburst
Server 3.centos.pool.ntp.org Iburst
Includefile/etc/ntp/crypto/pw
Keys/etc/ntp/keys
Disable Monitor
1. Set allow clients of any IP to have time synchronization (modified configuration file)
# grep ^[^#]/etc/ntp.conf
Driftfile/var/lib/ntp/drift
Restrict default nomodify Notrap
Restrict 127.0.0.1
Restrict:: 1
Server 0.centos.pool.ntp.org Iburst
Server 1.centos.pool.ntp.org Iburst
Server 2.centos.pool.ntp.org Iburst
Server 3.centos.pool.ntp.org Iburst
Includefile/etc/ntp/crypto/pw
Keys/etc/ntp/keys
Disable Monitor
2. Allow time synchronization for clients of 192.168.1.0 network segment only (modified configuration file)
# grep ^[^#]/etc/ntp.conf
Driftfile/var/lib/ntp/drift
Restrict default nomodify notrap nopeer noquery
Restrict 127.0.0.1
Restrict:: 1
Restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
Server 0.centos.pool.ntp.org Iburst
Server 1.centos.pool.ntp.org Iburst
Server 2.centos.ntp.org Iburst
Server 3.centos.pool.ntp.org Iburst
Includefile/etc/ntp/crypto/pw
Keys/etc/ntp/keys
Disable Monitor
Four. Start the NTP service and firewall
Systemctl Start NTPD
Systemctl Enable NTPD
Iptables-a input-p udp-i eno16777736-s 192.168.1.0/24--dport 123-j ACCEPT
Setsebool-p Ntp_disable_trans 1#selinux Settings
vi/etc/sysconfig/ntpd# allows the BIOS to synchronize with the system time, adding the following line.
Sync_hwclock=yes
Five. Detecting NTP
1. Detect if the NTP service is running
# NETSTAT-TLUNP | grep NTP
UDP 0 0 192.168.1.101:123 0.0.0.0:* 2563/ntpd
UDP 0 0 127.0.0.1:123 0.0.0.0:* 2563/ntpd
UDP 0 0 0.0.0.0:123 0.0.0.0:* 2563/ntpd
UDP6 0 0 fe80::20c:29ff:fe7b:123:::* 2563/ntpd
UDP6 0 0:: 1:123:::* 2563/ntpd
UDP6 0 0::: 123:::* 2563/ntpd
2. Check to see if the NTP server is connected to the upper NTP
# Ntpstat
Synchronised to NTP server (120.25.108.11) at Stratum 3
Time correct to within MS
Polling server every S
3. View the status of the NTP server and the upper NTP
# ntpq-p
Remote refID St T when poll reach delay offset jitter
==============================================================================
news.neu.edu.cn. Init. u-64 0 0.000 0.000 0.000
x202.118.1.130 202.118.1.47 2 U 7 64 377 153.659 9.605 19.941
*time4.aliyun.co 10.137.38.86 2 U 10 64 377 39.666-47.661 15.944
Remote-the IP or hostname of the native and upper NTP, "+" is preferred, "*" indicates a secondary priority
refID-refer to the previous level of NTP host address
St-stratum stratum
When-how many seconds ago the time has been synchronized
Poll-How many seconds after the next update
Reach-Number of times an update has been requested to the upper NTP server
Delay-Network latency
Offset-time compensation
Jitter-system time vs. BIOS difference
Six. Configure the time synchronization client
1. Execute the ntpdate command:
Ntpdate 192.168.1.101 #192.168.1.101 as the NTP server IP address
2. Write to Bios
Hclock-w
3.crond Service
Vi/etc/crontab
8 * * * root/usr/sbin/ntpdate 192.168.1.101; /sbin/hwclock-w
4. Restart the Crond service
Service Crond Restart
Configuring the NTP time server