The CentOS 6.3 system already comes with the NTPD service, which is usually followed by default. If it is not installed, check it first, configure the yum repository, and install it in the yum mode. The details are as follows:
[Plain] view plaincopyprint?
Install the NTP software package on each server on the Intranet according to the above installation method.
After that, you must configure the NTP service to start automatically.
[Plain] view plaincopyprint?
Before configuration, use ntpdate to manually synchronize the time, so that the time difference between the local machine and the external time server is too large, so that ntpd cannot be synchronized normally.
[Plain] view plaincopyprint?
Configure Intranet NTP-Server (192.168.100.203)The following describes how to configure the Intranet NPTD server (192.168.100.203). The core of the NTPD service configuration is in the/etc/ntp. conf file. The articles on the Internet, especially for foreigners, are very simple. I am fooled. Mom, the basic environment is different. We have to have Chinese characteristics. First, go to the configuration file. Later, the red part is my modification, and the others are the default ones.
[Plain] view plaincopyprint?
- # Formoreinformationaboutthisfile, seethemanpages
- # Ntp. conf (5), ntp_acc (5), ntp_auth (5), ntp_clock (5), ntp_misc (5), ntp_mon (5 ).
- Driftfile/var/lib/ntp/drift
- # Permittimesynchronizationwithourtimesource, butdonot
- # Permitthesourcetoqueryormodifytheserviceonthissystem.
- Restrictdefaultkodnomodifynotrapnopeernoquery
- Restrict-6defaultkodnomodifynotrapnopeernoquery
- # Permitallaccessovertheloopbackinterface. thiscocould
- # Betightenedaswell, buttodosowouldeffectsomeof
- # Theadministrativefunctions.
- Restrict127.0.0.1
- Restrict-6: 1
- # Hostsonlocalnetworkarelessrestricted.
- # Allow synchronization time of other machines on the Intranet
- Restrict192.168.401_mask1_255.255.0nomodifynotrap
- # Usepublicserversfromthepool. ntp. orgproject.
- # Pleaseconsiderjoiningthepool (http://www.pool.ntp.org/join.html ).
- # China's most active time server: http://www.pool.ntp.org/zone/cn
- Server210.72.145.44perfer # China National Time Center
- Server202.112.10.36 # 1.cn.pool.ntp.org
- Server59.124.196.83 # 0.asia.pool.ntp.org
- # Broadcast192.168.40.255autokey # broadcastserver
- # Broadcastclient
- # Broadcast224.0.1.1autokey # multicastserver
- # Multicastclient224.0.1.1 # multicastclient
- # Manycastserver239.425254.254 # manycastserver
- # Manycastclient239.415254.254autokey # manycastclient
- # Allowupdatetimebytheupperserver
- # Allow the upper-layer time server to actively modify the local time
- Restrict210.72.145.44nomodifynotrapnoquery
- Restrict202.112.10.36nomodifynotrapnoquery
- Restrict59.124.196.83nomodifynotrapnoquery
- # UndisciplinedLocalClock. Thisisafakedriverintendedforbackup
- # Andwhennooutsidesourceofsynchronizedtimeisavailable.
- # When the external time server is unavailable, use the local time as the time service
- Server127.127.1.0 # localclock
- Fudge127.127.1.0stratum10
- # Enablepublickeycryptography.
- # Crypto
- Includefile/etc/ntp/crypto/pw
- # Keyfilecontainingthekeysandkeyidentifiersusedwhenoperating
- # Withsf-rickeycryptography.
- Keys/etc/ntp/keys
- # Specifythekeyidentifierswhicharetrusted.
- # Trustedkey4842
- # Specifythekeyidentifiertousewiththentpdcutility.
- # Requestkey8
- # Specifythekeyidentifiertousewiththentpqutility.
- # Controlkey8
- # Enablewritingofstatisticsrecords.
- # Statisticsclockstatscryptostatsloopstatspeerstats
For a simple description of configuration parameters and commands, see: http://linux.vbird.org/linux_server/0440ntp.php#server_ntp.conf
The configuration file is modified, saved and exited, and the service is started.
[Plain] view plaincopyprint?
- # Servicentpdstart
After startup, it usually takes about 5-10 minutes to start synchronization with the external time server. You can run a command to query the NTPD service status.
View service connections and listeners
[Plain] view plaincopyprint?
- # Netstat-tlunp | grepntp
- Udp00192.168.100.203: 1230.0.0.0: * 23103/ntpd
- Udp00127.0.0.1: 1230.0.0.0: * 23103/ntpd
- Udp000.0.0.0: FIG: * 23103/ntpd
- Udp00fe80: 6cae: 8bff: fe3d: f65: 123: * 23103/ntpd
- Udp00fe80: 6family: 8bff: fe3d: f65: 123: * 23103/ntpd
- Udp00: 1: 123: * 23103/ntpd
- Udp00: 123: * 23103/ntpd
Ntpq-p: view the NTP server in the network and display the relationship between the client and each server.
[Plain] view plaincopyprint?
- # Ntpq-p
- # Ntpq-p
- Remoterefidsttwhenpollreachdelayoffsetjitter
- ========================================================== ==============================================
- * 202.112.10.36202.112.10.602u277128314201.5539.1931721368
- + 59.124.196.83129.6.15.282u8812837771.153-25.11114.004
- LOCAL (0). locl.10l15643770.20..0000.000
Location
Flag
Description
Symbol
*
Response NTP server and the most accurate Server
+
NTP server responding to this query request
Blank (Space)
NTP server with No Response
Title
Remote
Name of the NTP server responding to this request
Refid
Name of the higher-level server used by the NTP server
St
Level of the NTP server that is responding to the request
When
Number of seconds since the last successful request
Poll
How often does the local server and remote server synchronize data? Unit: seconds. When NTP is started, the poll value is relatively small and the server synchronization frequency is high, you can adjust it to the correct time range as soon as possible. Then, the poll value will gradually increase and the synchronization frequency will decrease accordingly.
Reach
It is an octal value to test whether a connection can be established with the server. The value of each successful connection increases.
Delay
The round-trip time required to send synchronization requests from the local machine to the ntp server
Offset
The Time offset between the host and the synchronization time source through the NTP clock, in milliseconds. The closer the offset is to 0, the closer the time between the host and the ntp server is.
Jitter
Calculates the distribution of offset in a specific continuous number of connections. Simply put, the smaller the absolute value, the more accurate the host time.
The ntpstat command is used to check the time synchronization status. It usually takes 5 to 10 minutes to connect to and synchronize data. Therefore, wait a moment after the server is started.
When starting, it is generally:
[Plain] view plaincopyprint?
- # Ntpstat
- Unsynchronised
- Timeserverre-starting
- Pollingserverevery64s
After connection and synchronization:
[Plain] view plaincopyprint?
- SynchronisedtoNTPserver (202.112.10.36) atstratum3
- Timecorrecttowithin275ms
- Pollingserverevery256s
OK. The intranet NTPD service has been configured. If all devices are normal, configure other devices in the intranet and use this server as the time synchronization service.
Configure Intranet NTP-ClientsOther devices on the Intranet are configured as NTP clients, which are relatively simple and the configurations of all devices are the same.
Install the NTPD service and configure it to self-start (exactly the same as NTP-Server ). Find one of the configuration files/etc/ntp. conf. After the configuration is verified, copy the file to another client and use it directly.
[Plain] view plaincopyprint?
- # Yuminstallntp
- # Chkconfigntpon
- # Vim/etc/ntp. conf
[Plain] view plaincopyprint?
- Driftfile/var/lib/ntp/drift
- Restrict127.0.0.1
- Restrict-6: 1
- # Set the time server to a local time server
- Server192.168.100.203
- Restrict192.168.100.203nomodifynotrapnoquery
- Server127.127.1.0 # localclock
- Fudge127.127.1.0stratum10
- Includefile/etc/ntp/crypto/pw
- Keys/etc/ntp/keys
Save and exit. Use ntpdate to manually synchronize the time before requesting the server
[Plain] view plaincopyprint?
- # Ntpdate-u192.168.0.135
- 22Dec17: 09: 57 ntpdate [6439]: adjusttimeserver192.168.100.203offset0.004882sec
Synchronization may fail. Generally, the reason is that the local NTPD server is not properly started. It usually takes several minutes to start synchronization.
For error determination, refer to the subsequent error handling.
[Plain] view plaincopyprint?
- # Servicentpdstart
View synchronization status after startup
[Plain] view plaincopyprint?
- # Ntpq-p
- # Ntpstat
! To perform daily time correction, you can write cron[Root @ test root] # vi/etc/crontab
# Add this line: 10 5 * root/usr/sbin/ntpdate192.168.100.203;/sbin/hwclock-w
After cron is used, the Linux system automatically performs network Calibration at every day.
TroubleshootingUsed to collect installation, configuration, and Application Problems
Error 1: ntpdate-u ip-<no server suitable for synchronization found
Judgment: the ntp client uses ntpdate-d serverIP to view the error "Server dropped: strata too high" and displays "stratum 16 ". Normally, the value range of stratum is "0 ~ 15 ".
Cause: the NTP server is not synchronized with itself or its server. After you restart the ntp service on the ntp server, it may take five minutes for the ntp server to synchronize itself or with its server, during this time, when the client runs the ntpdate command, the no server suitable for synchronization found error is generated.
Processing: Wait a few minutes and try again.
You can also run the ntpq-p command to view the situation.