Configuring the NTP time server

Source: Internet
Author: User

I. Installing the NTP software

1. Check if the NTP-related package is installed.

Rpm-qa | grep NTP

2. Install the NTP software.

Yum-y Install NTP

Two. Parameter explanation

Ignore: Turn off all NTP Online Services

Nomodify: The client cannot change the time parameters on the server side, but the client can perform the network calibration via the server.

Notrust: The client source will be treated as untrusted subnet unless authenticated

Noquery: No time query for clients: Client cannot query NTP server using commands such as Ntpq,ntpc

Notrap: Do not provide trap remote login: Deny the matching host to provide mode 6 control message Trap Service. The Trap service is a subsystem of the NTPDQ Control Message Protocol, which is used for remote event logger applications.

Nopeer: Used to prevent the host from attempting to peer to the server and allow the fraudulent server to control the clock

Kod: The Kod package is sent when an access violation occurs.

Three. Modify the configuration file

1. View the unmodified configuration file

# grep ^[^#]/etc/ntp.conf

Driftfile/var/lib/ntp/drift

Restrict default nomodify notrap nopeer noquery

Restrict 127.0.0.1

Restrict:: 1

Server 0.centos.pool.ntp.org Iburst

Server 1.centos.pool.ntp.org Iburst

Server 2.centos.pool.ntp.org Iburst

Server 3.centos.pool.ntp.org Iburst

Includefile/etc/ntp/crypto/pw

Keys/etc/ntp/keys

Disable Monitor

1. Set allow clients of any IP to have time synchronization (modified configuration file)

# grep ^[^#]/etc/ntp.conf

Driftfile/var/lib/ntp/drift

Restrict default nomodify Notrap

Restrict 127.0.0.1

Restrict:: 1

Server 0.centos.pool.ntp.org Iburst

Server 1.centos.pool.ntp.org Iburst

Server 2.centos.pool.ntp.org Iburst

Server 3.centos.pool.ntp.org Iburst

Includefile/etc/ntp/crypto/pw

Keys/etc/ntp/keys

Disable Monitor

2. Allow time synchronization for clients of 192.168.1.0 network segment only (modified configuration file)

# grep ^[^#]/etc/ntp.conf

Driftfile/var/lib/ntp/drift

Restrict default nomodify notrap nopeer noquery

Restrict 127.0.0.1

Restrict:: 1

Restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

Server 0.centos.pool.ntp.org Iburst

Server 1.centos.pool.ntp.org Iburst

Server 2.centos.ntp.org Iburst

Server 3.centos.pool.ntp.org Iburst

Includefile/etc/ntp/crypto/pw

Keys/etc/ntp/keys

Disable Monitor

Four. Start the NTP service and firewall

Systemctl Start NTPD

Systemctl Enable NTPD

Iptables-a input-p udp-i eno16777736-s 192.168.1.0/24--dport 123-j ACCEPT

Setsebool-p Ntp_disable_trans 1#selinux Settings

vi/etc/sysconfig/ntpd# allows the BIOS to synchronize with the system time, adding the following line.

Sync_hwclock=yes

Five. Detecting NTP

1. Detect if the NTP service is running

# NETSTAT-TLUNP | grep NTP

UDP 0 0 192.168.1.101:123 0.0.0.0:* 2563/ntpd

UDP 0 0 127.0.0.1:123 0.0.0.0:* 2563/ntpd

UDP 0 0 0.0.0.0:123 0.0.0.0:* 2563/ntpd

UDP6 0 0 fe80::20c:29ff:fe7b:123:::* 2563/ntpd

UDP6 0 0:: 1:123:::* 2563/ntpd

UDP6 0 0::: 123:::* 2563/ntpd

2. Check to see if the NTP server is connected to the upper NTP

# Ntpstat

Synchronised to NTP server (120.25.108.11) at Stratum 3

Time correct to within MS

Polling server every S

3. View the status of the NTP server and the upper NTP

# ntpq-p

Remote refID St T when poll reach delay offset jitter

==============================================================================

news.neu.edu.cn.          Init. u-64 0 0.000 0.000 0.000

x202.118.1.130 202.118.1.47 2 U 7 64 377 153.659 9.605 19.941

*time4.aliyun.co 10.137.38.86 2 U 10 64 377 39.666-47.661 15.944

Remote-the IP or hostname of the native and upper NTP, "+" is preferred, "*" indicates a secondary priority

refID-refer to the previous level of NTP host address

St-stratum stratum

When-how many seconds ago the time has been synchronized

Poll-How many seconds after the next update

Reach-Number of times an update has been requested to the upper NTP server

Delay-Network latency

Offset-time compensation

Jitter-system time vs. BIOS difference

Six. Configure the time synchronization client

1. Execute the ntpdate command:

Ntpdate 192.168.1.101 #192.168.1.101 as the NTP server IP address

2. Write to Bios

Hclock-w

3.crond Service

Vi/etc/crontab

8 * * * root/usr/sbin/ntpdate 192.168.1.101; /sbin/hwclock-w

4. Restart the Crond service

Service Crond Restart

Configuring the NTP time server

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.