NTP Service Introduction and Configuration time synchronization

This paper introduces two kinds of protocols commonly used in time server: SNTP and timing, and explains the setting of Linux Time service in LAN environment, and finally realizes the synchronization and calibration of all computer clocks in the whole LAN environment. 1, what is the network Time service

Network Time service net Times services and network file download service FTP, Web browsing services www, and so on, is a network service, providing network time service computer called network time server. Of course some of the time server is pure hardware structure, through the GPS satellite information to obtain time, its appearance and a switch similar, not the text introduced. This article mainly introduces how a computer can obtain the standard time provided by the superior time server through the network, and then serve the local area network of the unit, so that all computers in a unit are able to keep pace with the standard time, the time error is generally less than 0.5 seconds.

In the TCP/IP protocol, the protocol for synchronizing time is the NTP protocol, which was proposed in 1985 by Professor David L. Mills of the University of the United States, in addition to estimating the round-trip latency of packets on the network, and independently estimating the computer clock bias, To achieve high precision computing on the network, it is a communication protocol designed to enable different machines to maintain the same time on the Internet. The time server (timeserver) is a server that uses NTP to keep the computers in the network synchronized.

NTP is a complex synchronization time protocol spanning a wide area network or LAN, which typically obtains millisecond-level precision.

SNTP (Simple Network time Protocol) is a subset of NTP, designed for hosts that do not require NTP to implement complex network timing synchronization. A number of hosts on the LAN are usually synchronized with other NTP hosts via the Internet, and then provide time synchronization services to other clients in the LAN. SNTP typically uses UDP's 123-port number, which is supported by both Linux and Windows systems, and is now the mainstream protocol for network time servers.

The time Protocol (RFC-868) protocol is a simpler protocol. This protocol provides a site-independent, machine-readable date and time information. The time service returns the number of seconds from midnight January 1, 1900 to the present. This protocol provides services through 37 ports of TCP or UDP. The time service under Linux provides this service, which is less used in Windows systems.

Now many of the online calibration software, some support SNTP protocol, some support time protocol, some both support, we should pay special attention to the choice. In addition, in the Peer-to-peer network of Windows systems, there is also a use of the NetBIOS protocol for TIME calibration using the "NET Time Machine name/set/yes" command, which is not specifically described in this article because it does not support mixed networks and cross-network segment networks.

2. What's the use of the time server

Maybe some people think that the computer clock a little bit of error, in fact, this is very wrong. In the computer system, file save, file transfer, the time stamp in the electronic mailbox is based on the computer clock. If we want to do file lookup, log query in the future, if the system clock is not allowed, or the same network of computer time is not synchronized, will give follow-up work with a lot of trouble. Now many backup software, compiling software, FTP tools are based on the file save time for comparison, if the time is not uniform, will make these software difficult to work properly.

3, need to do the server time synchronization of various situations:

3.1, the server can connect the external network time synchronization:

In general enterprises, can connect to the extranet server is not much, but if you can connect to the extranet, we can compare the simple implementation of time synchronization:

# CRONTAB-E

Join a line:

*/1 * * * * ntpdate 210.72.145.44

210.72.145.44 for China National Time Service Center server address, so that the machine every 1 points can be synchronized with the National Time Service center.

Note: When using the Ntpdate command, the NTPD service must be turned off, otherwise it will report the "NTP" in-use, exiting error.

The NTPD Service command is turned off as follows:

[Root@node2 init.d]#/etc/init.d/ntpd Stop

Shutting down NTPD: [OK]

It is recommended that you start the NTP service by manually correcting the time with the date command, and then the system will automatically synchronize with the main time server on the Internet. NTP service also has a benefit, if the current system time and standard time error, it is not immediately corrected time, but gradually reduce the error with the standard time, so as to avoid the internal system time mutation.

3.2, the server can not connect the external network time synchronization

The following sub-Linux for example, and only to introduce the installation of SNTP services, timeserver Services and NetBIOS service due to the application of very little, do not introduce.

3.2.1, install NTP corresponding rpm

Check to see if an NTP package is already installed. Enter "Rpm-qa|grep NTP" and "Ntp-4.1.2-0.rc1" should be displayed if it is already installed.

[Root@rac1 ~]# Rpm-qa|grep NTP
ntp-4.2.2p1-9.el5_4.1

If you do not have NTP software installed, look for the RPM package from the server folder of the Linux installation disk, and enter "Rpm-ivh ntp-xxx.rpm" to perform the installation.

or by Yum directly installed, more convenient.

3.2.2, configure ntp.conf file to build intranet time server
Configure the NTP service. Back up the original/etc/ntp.conf file, vi/etc/ntp.conf:

①, first configuration: Clients that allow any IP can have time synchronization
#restrict default Kod nomodify notrap nopeer noquery

Restrict default Modify Notrap②, second configuration: Allow time synchronization only for clients 192.168.2.0 the network segment
Add a row after the restrict default nomodify notrap Noquery, which indicates a time synchronization that denies all IP by default:
Restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap

Add the following at the end
Server 127.127.1.0 # Local clock
Server 192.168.0.100 #这是本机的ip地址, all the servers in this room can ping this machine, to do time synchronization.

3.2.3, start NTP service:

Enter "Service ntpd restart".

In order to ensure that the NTP service can start automatically after Linux starts, enter "Chkconfig ntpd on".

After the NTPD is started, the client waits a few minutes before it synchronizes with time, otherwise it prompts the no server suitable forsynchronization found error.

3.2.4, client sync with time server:

In fact, in the above introduction of the NTP service in the Linux system, has mentioned the NTP Time service is also a Time service client, as long as the/etc/ntp.conf file in the "server pool.ntp.org" changed to "Server internal time server IP address To If you do not want to use the NTP service, you can also use the Ntpdate command that is brought in the NTP package, as long as you manually execute the ntpdate time server IP address. If you want to automatically pair on a daily basis, you can put this command in cron and note that the NTP service and the Ntpdate command cannot be used at the same time on the same computer.

# Ntpdate-u 192.168.0.100

Direct execution of this command to do synchronization, you can set the scheduled time by crontab, synchronized every minute:

*/1 * * * * ntpdate-u 192.168.0.100

attached:

Start/close/restart NTP command:

#/ETC/INIT.D/NTPD Start

#/ETC/INIT.D/NTPD Stop

#/etc/init.d/ntpd Restart

#service ntpd Restart

Write sync time in CMOS

Vi/etc/sysconfig/ntpd

Sync_hwclock=yes

You need to restart the service to make the configuration effective each time you modify the configuration file.

You can use the following command to check whether the NTP service is started, and you should be able to get a process ID number:

# pgrep NTPD

Check the status of the time server synchronization using the following command:

# ntpq-p

With Ntpstat You can also view some of the sync states and use Netstat-ntlup to view port usage.

Installing the client takes 5-10 minutes to update the time from the server side.

Related Configuration parameter description:
# Restrict permission control syntax is:
# Restrict IP Mask netmask_ip parameter
# where IP can be the software address, can also be default, default is similar to 0.0.0.0 slightly.
# As for the paramter, there are:
# Ignore: Turn off all NTP Online Services
# Nomodify: Indicates that the client side cannot change the time parameter on the Server side, however,
# The client side can still be used for network school on the server side.
# Notrust: This client source will be treated as an untrusted domain unless authenticated
# Noquery: Do not provide client-side time queries
# If the paramter is not set at all, that means there is no limit to the IP (or domain). 』

# set up the top-level host mainly to the server this parameter to set, the syntax is:
# Server [ip| FQDN] [prefer]
# The server is followed by our top time server. And if the Server parameter
# After adding perfer, that means our NTP host is mainly used as the host of the
# The corresponding of the time correction. In addition, in order to solve the transmission delay action of the update Time packet,