Test machine: CentOS 6.5
ipaddr=192.168.1.229
Rqm-qa |grep NTP
Not installed, first installed
Yum-y Intall NTP
Configuration file Location
Vim/etc/ntp.conf
Driftfile/var/lib/ntp/drift #这个代表上层服务与本机主板时钟之间时间差别记录在这个文件里
Restrict #管理权限
Restrict default kod nomodify notrap nopeer noquery #拒绝IPV4用户
restrict-6 default kod nomodify notrap nopeer noquery #拒绝IPV6用户
The parameters are as follows:
Ignore: Turn off all NTP Online Services
Nomodify: The client cannot change the time parameters on the server side, but the client can perform the network calibration via the server.
Notrust: The client source will be treated as untrusted subnet unless authenticated
Noquery: No time query for clients: Client cannot query NTP server using commands such as Ntpq,ntpc
Notrap: Do not provide trap remote login: Deny the matching host to provide mode 6 control message Trap Service. The Trap service is a subsystem of the NTPDQ Control Message Protocol, which is used for remote event logger applications.
Nopeer: Used to prevent the host from attempting to peer to the server and allow the fraudulent server to control the clock
Kod: The Kod package is sent when an access violation occurs.
RESTRICT-6 represents the permission settings for the IPV6 address.
So we're going to add a rule to release the local network segment.
Restrict 192.168.1.0 mask 255.255.255.0 nomdify notrap
Change the time that the upper-level time server is used to update the machine.
Comment out the CentOS time server to increase the server in China
#server 0.centos.pool.ntp.org Iburst
#server 1.centos.pool.ntp.org Iburst
#server 2.centos.pool.ntp.org Iburst
#server 3.centos.pool.ntp.org Iburst
Server 1.cn.pool.ntp.org prefer #prefer Express priority
Server 127.127.1.0 #127.127.1.0 represents the native hardware clock, which is used when the network is not available!
Save exit
/ETC/INIT.D/NTPD restart
Ntpstat View server sync with upper layer
[Email protected] ~]# Ntpstat
Synchronised to NTP server (110.75.186.248) at Stratum 3
Time correct to within 1974 MS
Polling server every S
Sync successfully
View status
Ntpq-p
[Email protected] ~]# ntpq-p
Remote refID St T when poll reach delay offset jitter
==============================================================================
*ntp2.aliyun.com 10.137.38.86 2 u 11 64 77 35.382 0.544 0.520
LOCAL (0). Locl. 5 l-64 0 0.000 0.000 0.000
Remote-the IP or hostname of the native and upper NTP, "+" is preferred, "*" indicates a secondary priority
refID-refer to the previous level of NTP host address
St-stratum stratum
When-how many seconds ago the time has been synchronized
Poll-How many seconds after the next update
Reach-Number of times an update has been requested to the upper NTP server
Delay-Network latency
Offset-time compensation
Jitter-system time vs. BIOS difference
Watch "Ntpq-p" Check the status of this command process.
Then use Windows to request time synchronization to the 192.168.1.229 server successfully.
Configuration complete
Learn Bird Brother Linux service-ntp time server