How to build an NTP service

Recently, in the process of building an Oracle RAC, DNS and NTP were needed, where DNS was used for domain names, IP management, and NTP for time synchronization. In fact, a long time ago to build these two services, but the technology, in essence, in line with the "use of waste back" objective law. The more you use it, the more skillful you will be. Less use even without, slowly forget. So that when the day to use, will blankly and from. Although the relevant information on the Internet voluminous, but it is not bad. In the process of searching and distinguishing, it will take a lot of time. Now record, to organize ideas, two for a rainy days. After all, it's easier to get started when you look at it again.

Lab Environment:

node1.being.com 192.168.1.130-->>NTP Server

node2.being.com 192.168.1.131-->> Client

First, edit the NTP configuration file on the Node1

1. [Email protected] ~]# vim/etc/ntp.conf

Restrict default Kod nomodify notrap nopeer noquery   --Deny IPV4 user restrict-6 default Kod nomodify notrap nopeer noquery --Reject IPV6 user restrict 127.0.0.1  --These two are default values, release native source restrict-6:: 1restrict 192.168.1.0 Mask 255.255.255.0 nomodify Notrap   --Allows the host to 192.168.1.0 this network segment through the network school
#restrict default Nomodify notrap  -Note: For convenience, it can be set to default, that is, allow all IP to be networked via this computer server 0.rhel.pool.ntp.org  - Set the host source, which is node1 through 0.rhel.pool.ntp.org for network proofing server 1.rhel.pool.ntp.orgserver 2.rhel.pool.ntp.org

Among them, Nomodify: The client cannot use the NTPC and NTPQ to modify the server's time parameters, but the client can still be through this host to network school

Notrap: does not provide a trap for this remote event login function

Noquery: The client is not able to query the time server using commands such as NTPC, NTPD, etc., and is equivalent to not providing NTP for network school. Note: If you need to provide an NTP service, this parameter should be remembered.

If there are no parameters behind the IP, it means "This IP or network segment is not subject to any restrictions"

2. Restart the service

[Email protected] ~]#/etc/init.d/ntpd restart

Second, the verification on the Node2

[Email protected]node2 oracle]# ntpdate-d 192.168.1.130--note that it usually takes 5 minutes to connect to the NTP server successfully

April 21:18:02 ntpdate[1382]: No server suitable for synchronization found

Viewed with ntpdate-d 192.168.1.130, the server dropped:strata too high and stratum 16 are found, while under normal circumstances stratum up to 15 classes.

This means that NTP server is not yet synchronized with itself or its previous server.

Third, add the following parameters to the/etc/ntp.conf of Node1

Server 127.127.1.0fudge  127.127.1.0 stratum 10

The above definition is to keep the NTP server in sync with itself, and if the server defined in/etc/ntp.conf is not available, the local time will be used as the NTP service for the NTP client.

Restart the NTP service for the next command to verify

[[email protected] ~]# ntpq-p-->> show local OK

Remote refID St T when poll reach delay offset jitter
==============================================================================
*local (0). Locl. Ten L 44 64 377 0.000 0.000 0.000

Iv. Configuration at the client

In this case, there are two ways to achieve time synchronization.

1. Use ntpdate and use crontab

[Email protected] ~]# Vim/etc/crontab

0 1 * * * Root (/usr/sbin/ntpdate 192.168.1.130 &&/sbin/hwclock-w) &>/dev/null

2. Using NTP services

[Email protected] ~]# vim/etc/ntp.conf

Restrict default Kod nomodify notrap nopeer noqueryrestrict-6 default kod nomodify notrap nopeer noqueryrestrict 127.0.0. 1restrict-6:1restrict 192.168.1.130    -->> This is a non-mandatory, on the client side, only the server can be specified. Server 192.168.1.130server 0.rhel.pool.ntp.orgserver 1.rhel.pool.ntp.orgserver 2.rhel.pool.ntp.org

Restart the service, at this time, the main obstacle or in the second step of the client with Ntpdate synchronization service side, reported no server suitable error.

The stone of his mountain, can attack Jade. To be honest, the solution to this problem mainly refers to the following two authors of the blog and "Bird's Linux Private dishes-server architecture chapter." Thank you!

http://hi.baidu.com/d_life/item/3d5a081935834708e65c3697

http://blog.csdn.net/suer0101/article/details/7868813

Http://www.cnblogs.com/ivictor/p/3622081.html

How to build an NTP service (GO)