NTP time synchronization setup

 

I. Introduction

Network Time Protocol (NTP) is used to synchronize time between the distributed time server and the client. NTP is transmitted Based on UTP packets. The UDP port used is 123.

 

NTP is used to synchronize the clock of all devices in the network, so that all devices in the network are consistent with the clock, so that the devices can provide a variety of unified applications.

 

If a time error occurs, the server will be down. Therefore, the local system running NTP can accept synchronization from other clock sources and synchronize other clocks as the clock, and can be synchronized with other devices.

 

2. Set up the NTP Time Synchronization Service (server)

1. Set up the environment centos6.5 2.6.32

Server: 192.168.43.249

Client: 192.168.43.102

 

2. Install NTP rpm-Qa NTP

Yum install NTP-y

 

3. modify the configuration file

Open the NTP service configuration file, modify the server address, and add the lines.

Vim/etc/NTP. conf

16 server 127.127.1.0
17 fudge 127.127.1.0 stratum 10
19 # Allow ntpserver to actively modify the client time
21 restrict 192.168.0.0 nomodify notrap noquery

 

4. Start the NTP check port and add NTP to the startup


/Etc/init. d/ntpd start

Echo "/etc/init. d/ntpd start">/etc/rc. Local


Netstat-an | grep 123

 

5. Firewall is disabled or the firewall allows NTP service port 123

-A input-s 192.168.31.0/24-J Accep

 

3. Client installation)

1. Install NTP rpm-Qa NTP

Yum install NTP-y


 

2. Execute manually or use crontab.

Manual: ntpdate IP

Scheduled task crontab-e

0 21 **** ntpdate ip>/root/ntpdate. log 2> & 1

 

3. Disable or enable the firewall.

/Etc/init. d/iptables stop

-A input-M state -- state new-m tcp-p tcp -- dport 123-J accept

 

Iv. Test

Client: 192.168.43.102

[[Email protected] ~] # Date-s "2:00:00"
Sat Nov 11 02:00:00 CST 2017
[[Email protected] ~] # Date + % F
2017-11-11

 

Server: 192.168.43.249

[[Email protected] ~] # Date + % F: % t
2018-11-02: 17: 55: 51

 

Client:

[[Email protected] ~] # Ntpdate 192.168.43.249
2 Nov 17:57:08 ntpdate [2174]: Step time server 192.168.43.249 offset 30814726.007401 Sec
[[Email protected] ~] # Date + % F
June 11-02
[[Email protected] ~] # Date + % F: % t
2018-11-02: 17: 57: 35

 

5. configuration file description

1. Server 127.127.1.0

# Ntpd processes the clock of the local host as an external clock source. The allocated address is 127.127.1.0.

 

2. Fudge 127.127.1.0 stratum 1

# Set the level of the local clock to 1. In this way, if the ntpd service obtains the time from the local clock source, the level of time that ntpd announces is 2.

 

 

3. Restrict default nomodify

# Allow all IP clients to synchronize time

 

4. Restrict 192.168.0.0 mask 255.255.0.0 nomidify

# Only allow clients in the 192.168.0.0 network segment to synchronize time

 

5. Synchronize the server time with time.nist.gov, and set the server as the standard time.

Ntpdate time.nist.gov

 

Vi. reprint of suer0101
Source: csdn
Original: 7868813

#1. permission settings
# The permission setting is mainly based on the restrict parameter. The main syntax is:
# Restrict IP mask netmask_ip Parameter
# The IP address can be the software address or default, which is similar to 0.0.0.0.
# Paramter:
# Ignore: Disable all NTP online services
# Nomodify: indicates that the client cannot change the time parameter of the server. However,
# The client can still perform network calibration through the server.
# Notrust: unless the client passes authentication, the client source will be considered as a untrusted domain.
# Noquery: does not provide client-side time query
# Notrap: remote event logon is not provided.
# If paramter is not set at all, it indicates that the IP address (or domain) "has no restrictions

 

NTP time synchronization setup