NTP server Setup under Linux

First, build preparation

1. Determine your time zone

#date命令可以查看当前系统时间, China's time zone is CST. To configure the time zone using the Tzselect command

650) this.width=650; "border=" 0 "src="/e/u261/themes/default/images/spacer.gif "style= " Backgroun D:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd; "alt=" Spacer.gif "/>

Configuration file Modification:/etc/sysconfig/clock

2. Check NTP service Program

#rpm-qa |grep NTP

Fontpackages-filesystem-1.41-1.1.el6.noarch

ntpdate-4.2.4p8-3.el6.x86_64

If not, you need to install the NTP program

#yum-y install ntp ntpdate

Need to configure Yum source

3, in order to prevent the upper-level server failure, can not provide the correct time synchronization, it is generally recommended to configure two or more time synchronization server. Test whether two clock services are normally available below

[Email protected] yum.repos.d]# ntpdate-q 1.cn.pool.ntp.org

Server 202.118.1.81, stratum 2, offset 1.100833, delay 0.04306

Server 202.112.29.82, stratum 2, offset 1.140816, delay 0.12634

Server 223.112.179.133, stratum 2, offset 1.105848, delay 0.06050

Dec 15:52:32 ntpdate[40722]: Step time server 202.118.1.81 offset 1.100833 sec

[Email protected] yum.repos.d]# ntpdate-q 2.cn.pool.ntp.org

Server 223.112.179.133, stratum 2, offset 1.107213, delay 0.06606

Server 202.118.1.81, stratum 2, offset 1.101250, delay 0.04173

Server 202.112.29.82, stratum 2, offset 1.152465, delay 0.14330

Server 202.112.31.197, stratum 2, offset 1.142942, delay 0.13098

Dec 15:52:47 ntpdate[40723]: Step time server 202.118.1.81 offset 1.101250 sec

As shown above, is normal, if the upper server is not available, it is generally shown as follows

1.server 10.32.196.60, stratum 0, offset 0.000000, delay 0.00000

2.26 Oct 15:01:17 ntpdate[23338]: No server suitable for synchronization found

Second, configure the NTP configuration file (config file:/etc/ntp.conf)

1. Specify the upper-right-time server

# Use public servers from the Pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

Server 0.rhel.pool.ntp.org

Server 1.rhel.pool.ntp.org

Server 2.rhel.pool.ntp.org

Change it to a state-to-time server that was just tested, namely:

Server 1. cn.pool.ntp.org prefer

Server 2.cn.pool.ntp.org

# #prefer means priority use

2. set up an intranet host to provide NTP services

# Permit time synchronization with We time source, but does not

# permit the source to a query or modify the service on this system.

Restrict default Kod nomodify notrap nopeer noquery # #NTP service denies all NTP connections

# #Nomodify Client cannot change time parameters on NTP service side

# # Notrap does not provide a trap for this remote event login feature

# # Nopeer Avoid other people using this ntpd as time server

# # Noquery The client cannot use NTPQ,NTPC and other instructions to query the time

restrict-6 default Kod nomodify notrap nopeer noquery

# Permit All Access over the loopback interface. This could

# is tightened as well, but to does so would effect some of

# the administrative functions.

Restrict 127.0.0.1 # #默认对本机无限制

Restrict-6:: 1

# Hosts on local network is less restricted.

#restrict 192.168.1.0 Mask 255.255.255.0 nomodify notrap

# # allows the host of the 192.168.10.0/24 network segment to do the right time, but does not allow the client to modify, log on to my NTP server

&& allow time synchronization for any IP (this item cannot be duplicated with its default option)

Restrict default nomodify  

&& Add an intranet address

# Hosts on local network is less restricted.

#restrict 192.168.1.0 Mask 255.255.255.0 nomodify notrap

Restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap

3. Set up sync Update local Hwclock

In Linux under the system time on the boot and Hardware time synchronization (synchronization), and then each independently run, then since the two clock running alone, then the time will inevitably produce errors, and NTP by default only update the system time, So we need to set the hardware clock for synchronous adjustment

1.# vim/etc/sysconfig/ntpd

2.# Drop root to ID ' ntp:ntp ' by default.

3.options= "-U ntp:ntp-p/var/run/ntpd.pid-g"

4.sync_hwclock= "Yes"

Add sync_hwclock= "Yes"

4. Set up sync Update local Hwclock

In Linux under the system time on the boot and Hardware time synchronization (synchronization), and then each independently run, then since the two clock running alone, then the time will inevitably produce errors, and NTP by default only update the system time, So we need to set the hardware clock for synchronous adjustment

# VIM/ETC/SYSCONFIG/NTPD

# Drop ROOT to ID ' ntp:ntp ' by default.

Options= "-U ntp:ntp-p/var/run/ntpd.pid-g"

sync_hwclock= "yes" # # add sync_hwclock= "Yes"

5. , start the service

# chkconfig--level 345 ntpd on # #添加为服务

# service NTPD Start

Starting ntpd: [OK]

6, the configuration file other items to explain:

Driftfile/etc/ntp/drift #time spent #记录上次的NTP server joins with Upper NTP server

Restrict default Ignore ##设置默认策略为允许任何主机进行时间同步

Fudge 127.127.1.1 Stratum     # #指定阶层编号为10, reducing its priority.

statsdir/var/log/ntp/ ##设置ntp日志的path

Logfile/var/log/ntp/ntp.log ##设置ntp日志文件

Restrict 192.168.10.2 # # Specify a machine time synchronization

Restrict 192.168.0.0 mask 255.255.255.0 ##允许192.168.0.0/254 in-subnet host time synchronization

Restrict 0.0.0.0 mask 0.0.0.0 nomodify notrap ##允许任何主机跟进行时间同步

Third, maintenance related

1, confirm the port monitoring start

NTPD Boot 123 port for external service via UDP protocol

# Netstat-nlup |grep ntpd

UDP 0 0 192.168.1.114:123 0.0.0.0:* 40967/ntpd

UDP 0 0 127.0.0.1:123 0.0.0.0:* 40967/ntpd

UDP 0 0 0.0.0.0:123 0.0.0.0:* 40967/ntpd

UDP 0 0:: 1:123:::* 40967/ntpd

UDP 0 0 fe80::20c:29ff:fef0:4168:123:::* 40967/ntpd

UDP 0 0::: 123:::* 40967/ntpd

2. Confirm time Synchronization (&& pay attention to firewall issues)

# Ntpstat

Synchronised to NTP server (202.112.29.82) at Stratum 3

Time correct to within 1030 MS

Polling server every S

3. viewing connections to upper -level servers

# ntpq-p

Remote refID St T when poll reach delay offset jitter

===========================================================

223.112.179.133 61.160.246.234 2 u 11 64 47 46.430 12.675 22.285

*dns1.synet.edu. 202.118.1.47 2 U 5 64 77 106.024 53.636 32.323

host name or IP for remote host

# #* The upper NTP is currently being used

# #+ connected, ready to provide time-updated standby server

refid IP of Superior NTP

St is the hierarchy of stratum upper NTP

When time synchronized updates were made a few seconds ago

poll next update in seconds

the number of times that REACH has requested updates to the upper server

delay time during transmission of the delay network

jitter The difference between the Linux system time and the BIOS hardware clock

4. Manage Commands

Ntpq–p #查看本机和上层服务器的时间同步结果

Ntptrace #可以用來追踪某台时间服务器的时间对应关系

Ntpdate IP #客户端要和NTP server for clock synchronization.

/var/log/ntp/ntp.log #查看ntp日志

Iv. Linux Configuration Client

1. Test synchronization:

#ntpdate IP address

2. To set up automatic synchronization:

#echo "*/1 * * * * root/usr/sbin/ntpdate 192.168.0.240;/sbin/hwclock-w" >>/etc/crontab

# # hourly synchronization with NTP server and write to the native BIOS

This article is from the "Linux-study" blog, make sure to keep this source http://luoxj100.blog.51cto.com/6853880/1886996

NTP server Setup under Linux