Linux implementation of the NTP server deployment practice

The Linux Combat Deployment series of NTP server----theory to introduce the concept of time and the principles of NTP, this blog will bring you to deploy a production environment to achieve simple load balancing and highly available NTP server.

Simple architecture Diagram:

Environment:

CentOS6.4 x86_64 Server-1 192.168.1.111 NTP server 1 Server-2 192.168.1.112 NTP server 2 Client 192.168.1.113 as a business Server for clients Ntp-4.2.4p8-3.el6.centos.x86_64

One, NTP service side

1. Check and install NTP service

[Root@c64-ntp-1 ~]# rpm-qa|grep NTP #如果出现下面两个就说明本机已经有了 Ntpdate-4.2.4p8-3.el6.centos.x86_64 Ntp-4.2.4p8-3.el6.centos.x86_64

If not, we perform the following command to install

[root@c64-ntp-1~]# Yum Install ntp-y

2, synchronization NTP server time

Due to the limitations of NTP, if the system time is faster than the correct time, NTP will not help you to make adjustments, and when your time settings and the correct time difference is very large, the NTP would spend a long time to adjust the synchronization, so in view of this, we need to do a synchronization.

First of all, we have to determine their own time zone, preferably based on the location of the new time zone, this case in Shanghai as an example

[Root@c64-ntp-1 ~]#/bin/cp/usr/share/zoneinfo/asia/shanghai/etc/localtime #这样我们就将时区设置成上海了 [Root@c64-ntp-1 ~]# Date Sat Nov 2 23:17:36 CST 2013 #可以看到我们的时区已经设置过来了

The next step is to synchronize time with the NTP server on the Internet. If you don't have an NTP server address, you can go to http://www.pool.ntp.org to find the most recent NTP server from your city. Since I am using the address of Shanghai, I will post 3 NTP servers from Shanghai.

Server 1.cn.pool.ntp.org Server 3.asia.pool.ntp.org Server 0.asia.pool.ntp.org

The command to synchronize native time is

[Root@c64-ntp-1 ~]#/usr/sbin/ntpdate 1.cn.pool.ntp.org 2 Nov 23:05:34 ntpdate[11560]: adjust Timeserver 218.75.4.130 offset-0.114499 sec [Root@c64-ntp-1 ~]#/usr/sbin/ntpdate 1.cn.pool.ntp.org #为了减少时延, we'd better execute it two times. 2 Nov 23:05:41 ntpdate[11561]: adjust Timeserver 218.75.4.130 offset-0.111105 sec

3. Configure NTP server

In fact, at this time we use/USR/SBIN/NTPD start to provide the client with a time update service. However, this is not enough to meet the security needs of the enterprise. The following is an explanation of NTP's main configuration file settings.

1) Resolution of the NTP server calibration time when the transmission delay

Using the Driftfile parameter setting: Driftfile file name

Purpose: The time spent in contacting the superior time server, recorded in the file specified after the Driftfile parameter

Note: Driftfile must be followed by a complete file path, cannot be a linked file, and must have permissions that the NTPD daemon can write to.

Corresponding default configuration items:

1	Driftfile/var/lib/ntp/drift