I. Installing the NTP software
1. Check if the NTP-related package is installed.
Rpm-qa | grep NTP
2. Install NTP software.
Yum-y Install NTP
Two. Parameter explanation
Ignore: Turn off all NTP Online Services
Nomodify: The client cannot change the time parameter of the server, but the client can use the server to do the network school.
Notrust: Client sources will be treated as untrusted subnets unless authenticated
Noquery: Do not provide client time query: User side can not use NTPQ,NTPC and other commands to query NTP server
Notrap: Do not provide trap remote login: Deny mode 6 control message Trap Service for matching hosts. The Trap service is the subsystem of the NTPDQ Control Message protocol, used for remote event logging programs.
Nopeer: Used to prevent the host from attempting to peer to the server and allow the rogue server to control the clock
Kod: Send Kod package when access violation.
Three. Modify the configuration file
1. View the unmodified configuration file
# grep ^[^#]/etc/ntp.conf
driftfile/var/lib/ntp/drift
restrict default nomodify notrap
nopeer Restrict 127.0.0.1
Restrict:: 1
Server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
INCLUDEFILE/ETC/NTP/CRYPTO/PW
Keys/etc/ntp/keys
Disable monitor
1. Set a client that allows any IP to synchronize time (modified profile)
# grep ^[^#]/etc/ntp.conf
driftfile/var/lib/ntp/drift
restrict default nomodify notrap
restrict 127.0.0.1
Restrict:: 1
Server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
Server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
INCLUDEFILE/ETC/NTP/CRYPTO/PW
Keys/etc/ntp/keys
Disable monitor
2. Allow time synchronization only for clients with 192.168.1.0 network segment (modified configuration file)
# grep ^[^#]/etc/ntp.conf
driftfile/var/lib/ntp/drift
restrict default nomodify notrap
nopeer Restrict 127.0.0.1
Restrict:: 1
Restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
server 0. centos.pool.ntp.org iburst
Server 1.centos.pool.ntp.org iburst
server 2.centos.ntp.org iburst
server 3. centos.pool.ntp.org iburst
includefile/etc/ntp/crypto/pw
keys/etc/ntp/keys
Disable monitor
Four. Start NTP service and firewall
Systemctl Start NTPD
Systemctl Enable NTPD
Iptables-a input-p udp-i eno16777736-s 192.168.1.0/24--dport 123-j ACCEPT
Setsebool-p Ntp_disable_trans 1#selinux Settings
vi/etc/sysconfig/ntpd# allows the BIOS to synchronize with the system time, adding the following line.
Sync_hwclock=yes
Five. Detect NTP
1. Detect if NTP service is running
# NETSTAT-TLUNP | grep NTP
UDP 0 0 192.168.1.101:123 0.0.0.0:* 2563/ntpd
UDP 0 0 127.0.0.1:123 0.0.0.0:* 2563/ntpd
UDP 0 0 0.0.0.0:123 0.0.0.0:* 2563/ntpd
udp6 0 0 fe80::20c:29ff:fe7b:123:::* 2563/ntpd
udp6 0 0:: 1:123 :::* 2563/ntpd
udp6 0 0:: 123 :::* 2563/ntpd
2. See if the NTP server is connected to the upper level NTP
# Ntpstat
Synchronised to NTP Server (120.25.108.11) in stratum 3 time
correct to within the MS
polling Serv ER every
3. View the status of NTP server and upper NTP
# ntpq-p
remote refid St T when poll reach delay offset jitter
============================= =================================================
news.neu.edu.cn. INIT. U - 0 0.000 0.000 0.000
x202.118.1.130 202.118.1.47 2 U 7 377 153.659 9.605 19.941
*time4.aliyun.co 10.137.38.86 2 U 377 39.666- 47.661 15.944
Remote -native and upper NTP IP or host name, "+" is preferred, "*" is the secondary priority
refID -Reference up to the NTP host address
St - Stratum class
When -how many seconds ago has synchronized time
poll -the next update in how many seconds after reach -the number of times that the upper NTP server has been asked to update
delay -Network delay
offset -time compensation
jitter -system time and BIOS lag
Six. Configure time synchronization Client
1. Execute ntpdate command:
Ntpdate 192.168.1.101 #192.168.1.101 for NTP server IP address
2. Write to Bios
Hclock-w
3.crond Service
Vi/etc/crontab
8 * * * root/usr/sbin/ntpdate 192.168.1.101; /sbin/hwclock-w
4. Restart Crond Service
Service Crond Restart
The above is small series for everyone to bring the Linux configuration NTP server method All content, I hope that we support cloud-Habitat Community ~