Set up an ntp server in Centos

In the production environment, linux server time synchronization is important. The following describes how to build a time server.
1. Set up a time server
1. Install ntp server on a linux server

Tar zxvf ntp-4.2.6.tar.gz
Cd ntp-4.2.6
./Configure -- prefix =/usr/local/ntp -- enable-all-clocks -- enable-parse-clocks
Make & make install

2. Modify the ntp. conf configuration file.
Vi/etc/ntp. conf
# Permit time synchronization with our time source, but do not
# Permit the source to query or modify the service on this system.
# Restrict default kod nomodify notrap nopeer noquery
Restrict default nomodify
(Allow the client of any IP address to synchronize time. If you only allow the client of a certain network segment to synchronize time, you can write
Restrict 10.58.26.0 mask quota limit 255.0 nomodify)

Restrict-6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This cocould
# Be tightened as well, but to do so wocould effect some
# The administrative functions.
Restrict 127.0.0.1
Restrict-6: 1

# Hosts on local network are less restricted.
# Restrict 192.168.1.0 mask limit 255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool
# Server 0.rhel.pool.ntp.org (default time server)
# Server 1.rhel.pool.ntp.org (default time server)
# Server 2.rhel.pool.ntp.org (default time server)
Server 10.128.14.25 (manually set the time server)
(If you can directly connect to the Internet, you can use the three sets of standard time servers provided by default in LINUX; otherwise, you can specify a synchronization time source by yourself)

# Broadcast 192.168.1.255 key 42 # broadcast server
# Broadcastclient # broadcast client
# Broadcast 224.0.1.1 key 42 # multicast server
# Multicastclient 224.0.1.1 # multicast client
# Manycastserver 239.415254.254 # manycast server
# Manycastclient 239.415254.254 key 42 # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# And when no outside source of synchronized time is available.
Server 127.127.1.0 # local clock
Fudge 127.127.1.0 stratum 10

3. Start ntpd with a daemon
#/Etc/rc. d/init. d/ntpd-c/etc/ntp. conf-p/tmp/ntpd. pid
#/Etc/rc. d/init. d/ntpd start
# Ps-ef | grep ntpd

4. After the ntp service is started on the ntp server, it may take five minutes for the ntp server to synchronize itself or with its server, during this time, when the client runs the ntpdate command for synchronization, the no server suitable for synchronization found error will occur.

So how do I know when the ntp server completes the synchronization process with itself?

Run the following command on the ntp server:

# Watch ntpq-p

The following figure is displayed:

Note that LOCAL is the ntp server synchronized with itself.

Note that the value of reach increases from 0 after the ntp server service is started. When the value is increased to 17, it is changed 5 times from 0 to 17, the number of seconds for each poll value, which is the time for 64 seconds * 5 = 320 seconds.

Ii. Configure the time synchronization Client
Vi/var/spool/cron/root (or crontab-e)

Add a line to synchronize with the time synchronization server at 01:10, 09:10, and every day and write data to the BIOS.

10 1, 9, 17 * root/usr/sbin/ntpdate 10.128.14.25;/sbin/hwclock-w
If the synchronization is abnormal, you can add the output log or view the system log.
Log output method:
10 1, 9, 17 * root/usr/sbin/ntpdate 10.128.14.25>/tmp/1.txt;/sbin/hwclock-w
You can view the output results of time synchronization in 1.txt.
Or view the/var/mail/root system log.
Subject: Cron <root @ tyzssq8>/usr/sbin/ntpdate 10.128.14.25;/sbin/hwclock-w
X-Cron-Env: <SHELL =/bin/sh>
X-Cron-Env: <HOME =/root>
X-Cron-Env: <PATH =/usr/bin:/bin>
X-Cron-Env: <LOGNAME = root>
X-Cron-Env: <USER = root>
Message-Id: <20121127103001.076FF2090E@tyzssq8.site>
Date: Tue, 27 Nov 2012 18:30:01 + 0800 (CST)

27 Nov 18:29:59 ntpdate [6917]: step time server 10.128.14.25 offset-1.361968 sec

The synchronization is successful. If the synchronization fails, an error is returned.

Iii. Synchronization failure

Check the firewall of the ntp server host. It may be that the ntp server firewall shields port upd 123.

You can use commands

# Service iptables stop

To disable the iptables service and then try to synchronize data from the ntp client. If it succeeds, it turns out that it is a firewall problem and you need to change the iptables settings.

This article from the "Drop water stone" blog, please be sure to keep this source http://xjsunjie.blog.51cto.com/999372/815641