For multiple Linux servers, it is necessary to keep the time consistent. According to the accuracy requirements, there should be a corresponding time interval for time synchronization. If you do not synchronize time, long time will be very different, when the problem is difficult to locate. Because of the coordination of multiple devices, log may have a cause-and-result, time is an important basis for the synchronization of events.
In general, a time server can be set up for a machine in a computer room, from which it periodically obtains time from a standard time server. Other servers can be synchronized from this server through an intranet connection. This will not only coincide with time, but also take care of some devices that have no public network.
This paper tests the system:
[Email protected] ~]# cat/etc/*release
CentOS Release 5.2 (Final)
[Email protected] ~]# RPM-QF/USR/SBIN/NTPD
Ntp-4.2.2p1-8.el5.centos.1
You should make sure that the NTP package is installed at the time of installation.
Start the server
If the NTPD is already installed, you can start directly:
[[Email protected] ~]# service NTPD start
Starting ntpd: [OK]
At the same time, you need to check the configuration file, the CentOS default is configured.
[Email protected] ~]# vi/etc/ntp.conf
Server 0.centos.pool.ntp.org
Driftfile/var/lib/ntp/drift
Keys/etc/ntp/keys
Check to see if the time server is available:
[[email protected] ~]# Ping 0.centos.pool.ntp.org
PING 0.centos.pool.ntp.org (74.88.39.232) bytes of data.
Bytes from ool-4a5827e8.dyn.optonline.net (74.88.39.232): icmp_seq=1 ttl=54 time=251 ms
If it is not available, determine if the network can connect to the extranet. Check that the domain name resolution is configured.
[Email protected] ~]# cat/etc/resolv.conf
NameServer 8.8.8.8
Set NTPD self-boot
[Email protected] ~]# find/etc/rc.d/-name "*NTPD"
/etc/rc.d/rc6.d/k74ntpd
/etc/rc.d/init.d/ntpd
/etc/rc.d/rc3.d/k74ntpd
/etc/rc.d/rc4.d/k74ntpd
/etc/rc.d/rc5.d/k74ntpd
/etc/rc.d/rc2.d/k74ntpd
/etc/rc.d/rc1.d/k74ntpd
/etc/rc.d/rc0.d/k74ntpd
[Email protected] ~]#/sbin/chkconfig--level 345 ntpd on
[Email protected] ~]#!find
find/etc/rc.d/-name "*NTPD"
/etc/rc.d/rc6.d/k74ntpd
/etc/rc.d/init.d/ntpd
/etc/rc.d/rc3.d/s58ntpd
/etc/rc.d/rc4.d/s58ntpd
/etc/rc.d/rc5.d/s58ntpd
/etc/rc.d/rc2.d/k74ntpd
/etc/rc.d/rc1.d/k74ntpd
/etc/rc.d/rc0.d/k74ntpd
Description at 3,4,5 three levels are already self-booting.
Check the firewall
[Email protected] ~]# iptables-l
For a more stringent firewall, NTP Port 123 should be configured:
[[email protected] ~]# iptables-a input-p UDP--dport 123-j ACCEPT
[Email protected] ~]# iptables-l
Chain INPUT (Policy ACCEPT)
Target Prot opt source destination
ACCEPT UDP-Anywhere anywhere UDP DPT:NTP
Client Configuration
The client is updated with Ntpdate and configured in Crontab. Determine the frequency as needed. Set crontab on each device that requires sync time
[Email protected] ~]# CRONTAB-E
XX * * * */usr/sbin/ntpdate 192.168.12.31
192.168.12.31 is the intranet address of the test server.
Crontab sets the 0-point sync time per day.
To ensure that the time server is available, the command is executed at the command line first.
[Email protected] ~]# ntpdate 192.168.12.31
April 17:45:24 ntpdate[16495]: Step time server 192.168.12.31 offset 0.694312 sec
[[Email protected] ~]# Date
Tue Mar 17:45:37 CST 2010
Indicates that the synchronization time was successful.