NTP Service setup under Linux(CentOS)
1. installation
CentOS NTP service. If you are unsure whether you have installed The package can be ordered – QA|GREP NTP  check it out. If not installed, you can use the command YUM INSTALL NTP centos Installation disk installation (build simple yum source, Install disc image as source).
[[email protected] ~]# Rpm-qa |grep NTP
Ntp-4.2.6p5-1.el6.centos.x86_64
Fontpackages-filesystem-1.41-1.1.el6.noarch
Ntpdate-4.2.6p5-1.el6.centos.x86_64
2. Configuration
Vi/etc/ntp.conf
Add the following three lines
Server 127.127.1.0
Fudge 127.127.1.0 Stratum 12
Restrict default nomodify
Restart | Open | Close NTP Service
Service NTPD Restart | Start | Stop
Restart the NTP service
[Email protected] ~]# service ntpd restart
Close ntpd:[ OK ]
Starting ntpd:[ OK ]
3. Detailed Parameters
Server 127.127.1.0
Fudge 127.127.1.0 Stratum 10
If the second configured server 0.centos.pool.ntp.org iburst is not valid, the NTP Server will make its own time as The time of the NTP server is synchronized with itself.
Considering that some LAN can not access the external network, all here need to use this configuration item
turn on the internal recursive network interface loopback
Restrict 127.0.0.1
clients inside the internal subnet can be networked, but cannot modify The time parameters of the NTP server
Restrict 192.168.0.0 mask 255.255.255.0 nomodify
Edit the Scheduled task as Tom , and synchronize the time of day (commonly used in NTP clients)
[Email protected] ~]# crontab-e-U Tom
0 * * * * */usr/sbin/ntpdate 192.168.0.1
Modify hardware time on a system-time basis
[Email protected] ~]# hwclock-w
Modify the system time based on the hardware time
[Email protected] ~]# hwclock-s
Restrict IP address mask Subnet Mask parameter
where IP can be an IP address or default ,default means all IP
The parameters are as follows:
Ignore : Turn off all NTP Online Services
Nomodify: The client cannot change the time parameters on the server side, but the client can perform the network calibration via the server. notrust : The client source will be treated as untrusted subnet unless authenticated
Noquery : Do not provide a time query for the client
Note: If the parameter is not set, it means there is no limit to the IP ( or subnet ) .
Use the server parameter to set the parent time server, in the following format:
Server IP address or domain name [prefer] IP
The address or domain name is the parent time server that we specify, and if the server parameter is finally added prefer, it means that our NTP The server is mainly calibrated with the host time of the unit.
The Driftfile format is as follows :d riftfile file name
The time that is spent in contacting the parent time server is recorded in the file following the Driftfile parameter.
Note : The files that follow the driftfile need to use the full path file name, cannot be a link file, and the permissions of the file need to be set to ntpd Daemon can write.
4. firewall configuration, open UDP 123 port
[Email protected] ~]# iptables-a input-m State--state new-m udp-p UDP--dport 123-j ACCEPT
[Email protected] ~]#
[[Email protected] ~]# service iptables status
Table:Filter
Chain INPUT (Policy ACCEPT)
Num Target prot opt source destination
1 ACCEPT UDP--0.0.0.0/0 0.0.0.0/0 state NEW UDP dpt:123
5. manually set the time / time zone
set the current time to the year of the month number of points Ten minutes
[Email protected] ~]# date-s "11/11/14 14:10"
year by month Tuesday 14:10:00 CST
Ln-sf/usr/share/zoneinfo/asia/shanghai/etc/localtime
If you want to change to a different time zone, you can find it in /usr/share/zoneinfo and then link to /etc/localtime .
Of course, you must first delete the folder directory under the localtime file.
Of course, you can also modify /etc/sysconfig/clock
Zone=asia/shanghai (check /usr/share/zoneinfo the following file. )
Utc=false (whether the hardware clock is UTC or GMT clock.) )
Arc=false ( set to true if it is on the Alpha machine) . )
This article is from the "Network Technology" blog, please be sure to keep this source http://zqxiang.blog.51cto.com/2806551/1579182
NTP service setup under Linux (CentOS)