Linux Time Settings and Synchronization (NTP) __linux

Source: Internet
Author: User

remark: article reproduced from: http://www.cnblogs.com/liuyou/archive/2012/07/29/2614338.html

Summary:

GMT/UTC/CST;

/etc/localtime,/usr/share/zoneinfo/* time zone file,/etc/profile plus TZ variable;

Hardware time RTC, system time; date,hwclock,tzselect;

NTP relay SERVER;RPM–IVH ntp-*;ntpdate 0.uk.pool.ntp.org; Ntpq–p,watch ntpq–p;

/ETC/NTP.CONF;/ETC/INIT.D/NTPD start;chkconfig--level ntpd on;service ntpd status;

Setting up an NTP server is not difficult, but NTP itself is a very complex protocol.


1. Times and time zones
If someone asks you, what time is it? You look at the table and answer him that it's 8 o'clock in the evening. The answer seems to be no problem, but if you ask the person in Europe then your answer will make him very puzzled, because he still has the sun in the sky.
Here there is the creation of aHow to define the question of timeBecause in the 24 hours the Earth rotates around the sun, the time of sunrise and sunset is different around the world. So we have to divide the time zone (timezone) is necessary, that is, tothe world is divided into 24 different time zones. So we can interpret the definition of time as the value of a time plus the location of the time zone (note that this location can be accurate to the city)
We've all learned it in geography class.GMT (GMT),It is also0 Time Zone times. But what we often see on the computer isUTC. It's coordinated Universal time.'s Shorthand. While UTC and GMT can be considered equal (with a fairly small margin of error), UTC has been recognized as an international standard, so we should all adhere to the criteria of using only UTC
So if the local time in China is 8 o'clock in the evening, we can have the following two ways of saying it.
20:00 CST
12:00 UTC

Here'sCST is Chinese Standard time, which is what we usually call the Beijing times. Because China is in the utc+8 time zone., and so on, which is 12:00 UTC.
Why do you say this?
First, regardless of the time that we want to sync the system through any channel, the provider will usually give only the utc+0 time value and not the time zone (because it doesn't know where you are). So when we set the system time, it's the first thing to do
Second, many countries have daylight saving time (as I remember when I was a child in China), that is, one day of the year the clock dials for an hour (for example, from Utc+8 to utc+9), then the same time will be back again. If we set the correct timezone, The system will automatically adjust for us when it's time to change.
Now let's take a look at how to set up a time zone under Linux, which is zone

2. How to set up Linux time Zone
Under Linux glibc provides many timezone files that have been compiled in advance, and they are placed in the/usr/share/zoneinfo directory, which basically covers most countries and cities.

# ls-f/usr/share/zoneinfo/
Africa/chile/factory Iceland Mexico/posix/universal
AMERICA/CST6CDT GB indian/mideast/posixrules us/
Antarctica/cuba gb-eire Iran MST PRC UTC
Arctic/eet GMT iso3166.tab mst7mdt PST8PDT WET
Asia/egypt GMT0 Israel Navajo right/w-su
Atlantic/eire GMT-0 Jamaica NZ ROC Zone.tab
Australia/est gmt+0 Japan nz-chat ROK Zulu
Brazil/est5edt Greenwich Kwajalein Pacific/singapore
Canada/etc/hongkong Libya Poland Turkey
CET europe/hst MET Portugal UCT

Here we can find the time zone file of our city. So if we want to see the current time for each zone we can use the Zdump command

# Zdump Hongkong
Hongkong Fri June 6 06:13:57 2007 HKT

So how do we tell the system which time zone are we in? There are a lot of ways, here are two kinds
The first is to modify the/etc/localtime file, which defines the local time zone that I am in.
We can find our time zone file under/usr/share/zoneinfo and then copy it to/etc/localtimezone (or do a symbolic link).
Let's say that our time zone is BST (that is, the British Daylight Savings Room, utc+1)

# date
Thu June 5 23:33:40 BST 2007 We'd like to change time zone to Shanghai.

# Cp/usr/share/zoneinfo/asia/shanghai/etc/localtime
# date
Fri June 6 06:35:52 CST 2007 So the time zone has been changed (note that the time has also been adjusted accordingly)
the second method also sets the value of the TZ environment variable . Many programs and commands use the value of this variable. The TZ value can have multiple formats, and the easiest way to set it up is to use the Tzselect command

# Tzselect
...

You can make this change permanent for yourself by appending
tz= ' Asia/hong_kong '; (Permission denied?) Export TZ
To the file '. Profiles ' in your home directory; Then log out and log in again.

the value of the TZ variable is override/etc/localtime. That is, when the TZ variable is undefined, the system uses/etc/localtime to determine time zone. So you want to permanently change times Zone then you can write the TZ variable to the/etc/profile.

3. Real Time Clock (RTC) and System Clock
Say set time here's another idea is that we have two clocks on a single computer: A hardware time clock (RTC), and a system clock called the Clock
Hardware Clock is a special circuit embedded in the motherboard, its existence is usually we shut down after the computer can also calculate the reason for time
The system clock is the clock used by the operating system's kernel to compute the time. It is based on the value of the sum of seconds from January 1, 1970 00:00:00 UTC so far in Linux the system time will be synchronized with the hardware time (synchronization) and then independently run
So now that two clocks are running on their own, there's always going to be an error in time, so let's take a look at an example

# Date
Fri June 6 00:27:13 BST 2007

[root@rhe5/]# hwclock--help
Hwclock-query and set the hardware clock (RTC)

Usage:hwclock [function] [options ...]

Functions:
--help Show this Help
--show read hardware clock and print result
--set set the RTC to the time given with--date
--hctosys set the system time from the hardware clock
--SYSTOHC set the hardware clock to the current system time
--adjust Adjust the RTC to account for systematic drift since
The clock is last set or adjusted
--getepoch print out the kernel ' s hardware clock epoch value
--setepoch set the kernel ' s hardware clock epoch value to the
Value given with--epoch
--version print out of the version of Hwclock to stdout

Options:
 --utc         The hardware clock is kept in coordinated u Niversal Time
 --localtime   the hardware clock are kept in local time
 --DIRECTISA &NBS P Access the ISA bus directly instead OF/DEV/RTC
 --badyear     ignore RTC ' s year because the The BIOS is broken
 --date        specifies the time to which to set the Hardwar E Clock
 --epoch=year  Specifies the year which is the beginning of the
     & nbsp;          hardware clock ' s epoch value
 --noadjfile    do not access/etc/adjtime. Requires the use of
                Either--UTC or--localtime

# Hwclock--show
Fri 2007 12:27:17 AM BST-0.968931 seconds through the Hwclock--show command we can view the hardware time on the machine (always in the local time zone) and we can see it and system times There is a certain amount of error, then we need to synchronize them
# Hwclock–hctosys to set the hardware time into system time

# HWCLOCK–SYSTOHC Set the system time to hardware time

# Hwclock--set--date= "Mm/dd/yy hh:mm:ss" Set the hardware time we can set the boot up in the BIOS. You can also use the Hwclock command

# date-s "dd/mm/yyyy hh:mm:ss" Modify system time the date command is the easiest.

Now we know how to set the time for the system and hardware. But the question is, what if these two times are inaccurate? Then we need to find a server on the Internet that can provide us with the right time and then a protocol to synchronize our system time, then this protocol is NTP . The next thing we're going to say about synchronization is the synchronization between the system time and the network server.

4. Before setting up NTP server
In fact, the title should be changed to set the "NTP Relay Server" before the preparation is more appropriate. Because no matter how well our computer is configured to run for a long time, it will cause errors, so it is not enough to do NTP server for other servers on the Internet. It is the atomic clock that really can measure time accurately. But because the atomic clocks are so expensive that only a small number of organizations have them, they connect to the computer and become a real NTP Server. All we have to do is connect to these servers and synchronize our systems, and then make our own servers into NTP Relay server to provide synchronization services to the Internet or to users on the local area network.

1. set up an NTP Relay server in fact very simple, we first need to the RPM packaging

# RPM-IVH ntp-4.2.2p1-5.el5.rpm

2). To find the NTP server that provides us with Sync services on the Internet, http://www.pool.ntp.org is the official website of NTP, where we can find the most recent NTP server from our city. NTP recommends that we find at least two NTP servers to ensure the accuracy of the time
So for example, in the UK, you can choose the following two servers
0.uk.pool.ntp.org
1.uk.pool.ntp.org
Its general format is number.country.pool.ntp.org.

China's NTP server address:

Server 133.100.11.8 prefer
Server 210.72.145.44
Server 203.117.180.36
Server 131.107.1.10
Server time.asia.apple.com
Server 64.236.96.53
Server 130.149.17.21
Server 66.92.68.246
Server www.freebsd.org
Server 18.145.0.30
Server Clock.via.net
Server 137.92.140.80
Server 133.100.9.2
Server 128.118.46.3
Server ntp.nasa.gov
Server 129.7.1.66
Server ntp-sop.inria.fr

Server (National Timing Center Servers IP address)

3). Do a synchronization with these servers before opening the NTP server, making our machines as close to standard time as possible. We can use the Ntpdate command here.

# ntpdate 0.uk.pool.ntp.org
6 June 01:21:49 ntpdate[4528]: Step time Server 213.222.193.35 offset-38908.575181 sec
# ntpdate 0.pool.ntp.org
6 June 01:21:56 ntpdate[4530]: Adjust time server 213.222.193.35 offset-0.000065 sec

If your time difference is very outrageous, you will see the adjustment is relatively large, so it is safe to run two times. So why do you have to run the sync manually before you open the NTP service?
1. Because according to the NTP setting, if your system time is faster than the correct time then the NTP will not help you adjust, so either you set the time back, or do a manual synchronization
2. When your time settings and NTP server time difference is very large, NTP will spend a long time to adjust. So manual sync can reduce this time

5. Configure and run NTP Server
Now we're going to create the NTP configuration file, which is/etc/ntp.conf. All we need to do is join the above NTP server and a driftfile.

# vi/etc/ntp.conf
Server 0.uk.pool.ntp.org
Server 1.uk.pool.ntp.org
Driftfile/var/lib/ntp/ntp.drift

It's very simple. Next we start the NTP Server and set it to run automatically after powering on

#/ETC/INIT.D/NTPD Start
# chkconfig--level ntpd on

6. View the health of the NTP service
Now that we've started the NTP service, is our system time synchronized with the server? This NTP provides a good viewing tool: NTPQ (NTP query)
I suggest that you can run the NTPQ command to monitor the operation of the server after you open the NTP server. Here we can use the Watch command to view the changes in server values over time

# Watch Ntpq-p
Every 2.0s:ntpq-p Sat June 7 00:41:45 2007
Remote refID St T when poll reach delay offset jitter
==============================================================================
+193.60.199.75 193.62.22.98 2 U 52 64 377 8.578 10.203 289.032
*mozart.musicbox 192.5.41.41 2 U 54 64 377 19.301-60.218 292.411

Now I'm going to explain what it means.
Remote: It refers to the long-range NTP server that the local machine is connected to
refID: It refers to a server that provides time synchronization to a remote server (e.g. 193.60.199.75)
ST: the level of the remote server. Because NTP is a layered structure, there are top servers, multi-tier relay server to client. So the server can be set to 1-16 from highest to lowest level. To slow down load and network congestion, you should avoid connecting directly to servers with level 1 in principle.
T: this ... I don't know what that means, ^_^.
When: I personally think of it as a timer to tell us how long the local machine needs to be synchronized with the remote server
Poll: How much time does the local machine and the remote server synchronize (in seconds). At the start of the NTP, this poll value will be relatively small, and the frequency of synchronization with the server has increased, you can adjust to the correct time range as soon as possible. Then the poll value increases and the frequency of synchronization decreases.
Reach: This is a octal value that is used to test whether it can connect to the server. The value of each successful connection increases.
Delay: Send sync request from local machine to round trip time of server
Offset: This is the most critical value, which tells us the time difference between the local machine and the server. The closer the offset is to 0, the closer we are to the server.
Jitter: This is a value for statistics. It counts the distribution of offset in a particular continuous number of connections. Simply put, the smaller the absolute value of the value, the more accurate the time we have with the server.
Then you will be careful to find two questions: first, we are connected to the 0.uk.pool.ntp.org why and remote server is not the same? What do you mean by the second, the front of the + and the *?
The first question is not difficult to understand, because NTP provides us with a cluster server so the resulting servers for each connection may not be the same. It also tells us that you should use hostname instead of IP when specifying NTP server
The second question is related to the first, since there are so many servers that other servers can normally provide services to us in the event of a problem. So how do you know the status of these servers? This is the message that the first sign will tell us.
*
It tells us that the remote server has been identified as our main NTP server and that the time of our system will be provided by this machine
+
It will serve as a secondary NTP server and a server with a * to provide us with synchronization services. It can take over when the * Number server is unavailable.
-
Remote server is clustering algorithm considered to be an unqualified NTP server
X
Remote server is not available
Once we know this, we can monitor our system's time synchronization situation in real time.

7. NTP Security Settings
Running an NTP server does not require a lot of system resources, so you can provide time synchronization services to many of the client without specifically configuring a separate server, but some basic security settings are necessary
So here's a very simple idea is the first we allow only a subset of users in the LAN to connect to our servers. The second is that these client cannot modify the time on our server
In the/etc/ntp.conf file we can use the Restrict keyword to configure the requirements above
First, we reject all actions for the default client

Restrict default Kod nomodify notrap nopeer noquery
Then allow the native address to operate everything

Restrict 127.0.0.1
Finally, we allow all client connections within the LAN to synchronize time with this server. But refused to let them change the time on the server

Restrict 192.168.1.0 mask 255.255.255.0 nomodify
Adding these three to the/etc/ntp.conf completes our simple configuration. NTP can also use key to do Authenticaiton, here is not introduced in detail

8. NTP Client Settings
To do this we already have a relay server of our own. If we want the other client in the local area network to synchronize time, then we should all build another relay server and point all the client to the two servers ( Be careful not to point all the client to a server on the Internet. Just add your own server to the client's ntp.conf.

Code:
Server ntp1.leonard.com
Server ntp2.leonard.com
9. Some additions and supplements
1. What is the driftfile in the configuration file?
The frequency of each of our system clock has a small error, which is why the machine will not be accurate after running for some time. NTP automatically monitors the error values of our clocks and adjusts them. But the problem is that it's a lengthy process, so it writes the recorded error first to Driftfile. So that even if you turn it back on, it won't be lost.
2. How to sync the hardware clock?
NTP generally only synchronizes system clock. But if we're going to sync the RTC, then we just need to open the following options.

You can see if your NTP service is started by Ps–ef |grep NTP or by using PGREP–LF NTP. The NTP can then be detected by the Snoop command.
Snoop |grep–i NTP for detection.
After establishing the NTP service, you can manage the NTP service with 2 tool commands. The
One is Ntpq is an interactive application command, and there are a lot of sub commands underneath it for everyone to use. Use peers to view the synchronization process. If you need additional commands, you can enter help for viewing. There is also a tool command ntpdate This command is typically used by the client for NTP. You can see the synchronization information for NTP in/var/adm/messages. If you need more detailed NTPQ and ntpdate information, you can use the man help to query.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Tags Index: