NTP under Linux

First, the computer time error
As we all know, the computer host time is based on the computer crystal vibration at a fixed frequency oscillation, resulting in. Due to the different crystal oscillator, computer time and UTC time (Global Standard Time: Global standard Time refers to the time set by the world time standard. Originally also known as Greenwich Mean Time or GMT, there will always be differences. Therefore, in order to avoid the long-term accumulation of computer time caused by more and more time bias, it is necessary to regularly adjust the computer time settings. The user can calibrate the time by the watch, clock or TV time, for the computer user, the most convenient is to calibrate the computer time through the time server on the Internet, we call time synchronization.

second, the necessary time synchronization
Generally speaking, time synchronization is most widely applied to computers on the Internet. Computer clocks are used to log event time information, such as e-mail messages, file creation and access times, database processing time, and so on. The clock is also used to control the operation of the backup, to automatically construct the compiler for the design to check if the file has changed, and other applications. If the computer clock is inaccurate, many of these applications will not work correctly. In particular, some of the time-sensitive such as the financial industry server, EDI (Electronic data Interchange), large-scale distributed business database, aerospace control computer and so on, the time needs to be accurate to the second. The time display system of the transportation industry, such as the subway timetable display system, the airport timetable display system, if the deviation is large, also can affect the traveler's travel.
Here for example, in a certain area of the telecommunications network has a variety of functions of the sub-network system, such as controlled telephone network, in Intelligent Network, PHS wireless telephone network, data communication network, 160/168 sound system, multimedia communications network and other support network and management network in these networks of the billing, maintenance, Management and other functions, the demand for accurate time is high, it requires the transmission of information between the network in time to maintain a high degree of consistency, so as to achieve a unified information. The time deviation caused by the artificial error and time delay, and the quality difference of the internal time source of the equipment, can cause the time inconsistency of the equipment in the network by artificially correcting the internal time of the equipment periodically or irregularly. Therefore, the application of time synchronization is particularly important.

Third, what is NTP
In order to achieve time synchronization, we need the user NTP (Network time Protocol) this protocol. As shown in 1. Simply put, NTP is the protocol used to keep the system in sync with a precise time source. It is advisable for administrators to establish at least one time server in their own managed network to synchronize local time.
If in a company's local area network, let each employee manually to calibrate the time every time, not only is not conducive to management, and calibration target time source is not necessarily accurate. The time skew of different computers in the corporate local area network, especially the time skew between the client/server, can have an impact on some services that require time synchronization. For example, for ease of management, the server has set a time-out period before the account expires and the user cannot access the Internet network. And if your computer time is not synchronized with the server time, when you are out of work time, is preparing to send mail, perhaps in the server's time, your account expires, so that can not send mail. The solution to this problem is simple, is to establish a server that can provide accurate time, all the computers in the LAN unified through this time server for time synchronization, calibration.

Four, NTP server installation
Now, let's introduce how to build an NTP server under the Linux system. In this article, we use the Fedora 2 operating system as an example (other versions of Linux are also available, similar to the configuration of the system).

Installing with RPM

First, enter the following instruction
Rpm-q NTP
Queries whether the NTP package is installed on this machine. If it is not installed, locate your Linux installation CD, and after Mount, look for the package name that begins with NTP, and then install it!
RPM–IVH ntp-4.1.2-5.i386.rpm

Two, the NTP package is already installed, you can already use the NTP client function through the time server to network school time! However, before you begin, NTP services require some configuration.

Install using source code
If you want to use the latest version of the NTP software package, you need to use the source code to install, please go to the official NTP website to download the latest NTP suite: Http://ntp.isc.org/bin/view/Main/SoftwareDownloads, the author Ntp-4.2.0.tar.gz This version for example:
1. Unpack the package and switch to the unzip directory
TAR-ZXVF NTP-4.2.0.TAR.GZ–C/USR/LOCAL/SRC
cd/usr/local/src/ntp-4.2.0

2. Start setting parameters, compiling and installing:
./configure--PREFIX=/USR/LOCAL/NTP--enable-all-clocks--enable-parse-clocks
Make clean; Make
Make check
Make install
The installation is complete and your NTP is ready to use.

V. Settings for NTP services
1. The structure of the NTP software package
Configuration file for NTP service:
/etc/ntp.conf: This is the primary configuration file for the NTP service, and the directory of different Linux version files may be different!
Linux system files and directories related to NTP services:

/usr/share/zoneinfo: This is a directory in which the time setting files for each major time zone are specified, for example, the time zone settings file for mainland China is/usr/share/zoneinfo/asia/shanghai.

/etc/sysconfig/clock: This file is the main time zone setting file for Linux. After each boot, Linux automatically reads this file to set the time that the system preset will be displayed! For example, the content of this file is "Zone=asia/shanghai", which means that our time setting uses/usr/share/zoneinfo/asia/shanghai this file!

/etc/localtime: This file is the time setting file of the Local system! Assuming that the clock file contains a time setting file for/usr/share/zoneinfo/asia/shanghai, the Linux system will copy Shanghai that file as a/etc/localtime, So the time display of the system will be based on Shanghai that time setting file. Assuming this host is in New York, you simply set the zone inside the/etc/sysconfig/clock to zone= "America/new_york" and will/usr/share/zoneinfo/america/new_ York copy becomes/etc/localtime, any other settings do not need to change, the system display time is the United States New York local time!

Execution files related to NTP and system time:

/bin/date:linux the date and time changes and output commands above the system.
/sbin/hwclock: Because the host's BIOS time is separate from the Linux system time, after adjusting the time with date, the Linux system time is adjusted and the Hwclock is used to write the modified time to the BIOS. This command must be the root user to execute

The daemon file for the/USR/SBIN/NTPD:NTP service needs to be started to provide the NTP service.
The/USR/SBIN/NTPDATE:NTP client is used to connect to the NTP server command file.

2. Settings for NTP service side
Edit/etc/ntp.conf File
About the Permission Settings section
The setting of the permission is mainly set by the Restrict parameter, the main syntax is:
Restrict IP address mask Subnet mask parameter
Where IP can be an IP address or default, default means all IP
The parameters are as follows:
Ignore: Turn off all NTP Online Services
Nomodify: The client cannot change the time parameters on the server side, but the client can perform the network calibration via the server.
Notrust: The client source will be treated as untrusted subnet unless authenticated
Noquery: Do not provide a time query for the client
Note: If the parameter is not set, it means that there is no limit to the IP (or subnet)!

Settings for the parent time server
Since the NTP server we have configured requires a more accurate NTP server on the network to update its time, it is necessary to configure a parent time server to calibrate on our NTP server! A lot of time servers are available on the Internet, and from the address below you can find a
Http://www.eecis.udel.edu/~mills/ntp/clock1a.html
Use the server parameter to set the parent time server, the syntax is:
Server IP address or domain name [prefer]
The IP address or domain name is the parent time server we specified, and if the server parameter is finally added prefer, it means that our NTP server is mainly calibrated with the host time of the unit.

To resolve delivery delay when NTP server calibration time
Use the Driftfile parameter setting:
Driftfile file name
The time that is spent in contacting the parent time server is recorded in the file following the Driftfile parameter.
Note: The files that follow the driftfile need to use the full path file name, cannot be a link file, and the permissions of the file need to be set to NTPD daemon can write.

ntp.conf File Examples:
Provisioning requirements: Do not provide services to the Internet and serve only internal subnet 192.168.0.0/24, NTP The server's ancestor Time Master is: clock.nc.fukuoka-u.ac.jp and ntp.nasa.gov, the client of the internal subnet cannot modify the time parameters of the NTP server.
Add the following to the ntp.conf:
Restrict default Ignore # Close all NTP Request packets

Restrict 127.0.0.1 # Open internal Recursive network interface lo
Restrict 192.168.0.0 mask 255.255.255.0 nomodify #在内部子网里面的客户端可以 for network school, but cannot modify the time parameters of the NTP server.
Server 133.100.9.2 prefer #用133.100.9.2 do a superior time server
Server 198.123.30.132 #198.123.30.132 as a parent time server reference
Restrict 133.100.9.2 #开放server permission to access our NTP services
Restrict 198.123.30.132
Driftfile/var/lib/ntp/drift
Save after exiting. Start the NTP service
Service NTPD Start
If you want the NTP service to start automatically every time your system starts, enter the following command: Chkconfig-level ntpd on Note:
The port of the 1.NTP service is 123, using the UDP protocol, so the NTP server's firewall must be open to UDP 123.
2.NTPD boot time usually need a period of time synchronization, so when the ntpd just started when the clock service is not normally available, the longest is about 5 minutes, if more than this time please check your configuration file.

Vi. Use of NTP clients
Linux Systems
It is very simple to perform a network school on Linux, and the ntpdate can be executed:
Ntpdate 192.168.0.1 #192.168.0.1 is the IP of the NTP server
Do not forget to use the Hwclock command to write time to the BIOS
Hwclock-w
If you want to schedule time calibration, you can use the Crond service to do it regularly.
Edit/etc/crontab File
Add the following line:
8 * * * root/usr/sbin/ntpdate 192.168.0.1; /sbin/hwclock-w #192.168.0.1 is the IP address of the NTP server
Then restart the Crond service
Service Crond Restart
In this way, every day the Linux system will automatically perform network time calibration.

Windows system
Using NTP for time calibration on Windows XP is also simple:
Double-click the time on the desktop taskbar to bring up the date and Time Properties window:
Select Internet time, fill in the server with the IP address or domain name of your NTP server, then click Update Now and your system time will be updated immediately. If you want to update regularly, check the upper left corner automatically with the Internet time server and click Apply in the lower right corner.
Yy-2-3.tif

If it is not a Windows XP system, but the NTP server is also a samba server, you do not need to install any time synchronization software for Windows, because Windows clients can use NET time\\ time server IP or server NetBIOS name/ Set/yes to synchronize. You can place the command in the startup item of the Start menu and automatically sync when you start Windows.

Because the net TIME command synchronizes times with the NetBIOS over TCP/IP protocol, the Windows Client installation time synchronization software is required when the NTP server is different from the Samba server. This is a lot of software, the use is very simple, readers can search the Internet.

Seven, NTPQ

Now that we have started the NTP service, is our system time synchronized with the server? This NTP provides a good viewing tool: NTPQ (NTP query)

I recommend that you run the NTPQ command after you open the NTP server to monitor the operation of the server. Here we can use the Watch command to see the changes in server values over time

Code:
# Watch Ntpq-p
Every 2.0s:ntpq-p Sat 7 00:41:45 2007

Remote refID St T when poll reach delay offset jitter
==============================================================================
+193.60.199.75 193.62.22.98 2 U 52 64 377 8.578 10.203 289.032
*mozart.musicbox 192.5.41.41 2 U 54 64 377 19.301-60.218 292.411

Now I'm going to explain what it means.

Remote: It refers to an NTP server that is connected to the local machine

refID: It refers to a server that provides time synchronization to a remote server (e.g. 193.60.199.75)

ST: the level of the remote server. Because NTP is a layered structure, there is a top-level server, multi-tier relay server, and then to the client. So the server can be set to 1-16 from the high to the low level. To slow down the load and network congestion, you should avoid connecting directly to a Level 1 server in principle.

T: this ..... I don't know what it means, ^_^.

When: I personally think of it as a timer to tell us how long the local machine needs to synchronize with the remote server once

Poll: How much time the local and remote servers synchronize (in seconds). The poll value will be smaller at the beginning of the NTP run, and the frequency of synchronization with the server will increase, as soon as possible to the correct time range. Then the poll value will gradually increase and the frequency of synchronization will decrease correspondingly.

Reach: This is an octal value that is used to test whether a connection to the server can be made. Each successful connection will increase its value

Delay: Round trip time to send synchronization requests from the local machine to the server

Offset: This is the most critical value, which tells us the time difference between the local machine and the server. The closer the offset is to 0, the closer we get to the server.

Jitter: This is a value used to do statistics. It counts the distribution of offset in a particular contiguous number of connections. To put it simply, the smaller the absolute value, the more accurate the time we have and the server.

Then the careful words will find two questions: The first we connect is 0.uk.pool.ntp.org why and remote server is not the same? What does the second and last + and * mean?

The first question is not difficult to understand, because NTP provides us with a cluster server so every connection to the resulting server may be different. This also tells us that you should use hostname instead of IP when specifying NTP server

The second question is related to the first one, since there are so many servers that are designed to serve us properly in the event of a problem. So how do you know the state of these servers? This is the message that the first sign will tell us.

*
It tells us that the remote server has been identified as our primary NTP server and that the time of our system will be provided by this machine

+
It will provide synchronization services for us as a secondary NTP server along with the server with the * number. When the * server is unavailable, it can take over

-
The remote server was clustering algorithm considered to be a non-conforming NTP server

X
Remote server not available

Knowing this, we can monitor the time synchronization of our system in real time.

Eight, time zone configuration file

The CentOS time zone configuration file is:/etc/sysconfig/clock. This configuration file supports several configuration options for Utc,arc,srm,zone, which are explained in detail in the following configuration options:

UTC-Specifies whether the time saved in the BIOS is GMT/UTC time, true indicates that the time saved in the BIOS is UTC time, and False indicates that the time saved in the BIOS is local time.
Zone-Specifies the time zone where the zone value is the relative path name of a file, which is a time zone file relative to the/usr/share/zoneinfo directory. such as the value of zone can be: "Asia/shanghai", "us/pacific", "UTC" and so on
ARC-This option is generally configured as false and is configured to true under some special hardware (Alpha).
SRM-with ARC, this option is generally configured to False, which is configured to false on special hardware.
The parameters inside this configuration file are very much related to the Hwclock command, and the system reads the contents of the/etc/sysconfig/clock file at startup, invoking the Hwclock command according to the contents.