1, NTP service introduction
Network time Protocol (NTP) is a protocol used to synchronize the computer's timing, which allows the computer to synchronize its servers or clock sources (such as quartz clocks, GPS, and so on), which provides high-precision time correction (less than 1 milliseconds between the LAN and the standard difference, Dozens of MS on the WAN), and can be referred to as a cryptographic acknowledgment to prevent malicious protocol attacks. NTP can take advantage of multiple paths and sources of time servers to more accurately calibrate time.
Most of the operating systems now support NTP, such as having their own NTP services in UNIX and Windows. For example, SNTP in Windows. Because the system vendors will be based on their own system to optimize NTP and set up, more suitable for his own system, the compatibility of other systems will be much worse. There are different versions of the NTP service that are used by the system at various times. The latest version bit V4, because each version has his own characteristics. So there are some compatibility issues when setting up an NTP server. Therefore, in a multi-type operating system environment, try to use the software provided by the NTP official organization instead of using the NTP server provided by the other vendors in the system. NTP official organization for Www.ntp.org
2. How NTP servers operate
NTP servers are used in a way that includes fixed connections and dynamic connections. In a fixed connection, the client receives only the specified server-side connection and does not switch to another server-side receive time, regardless of whether the service side is connected properly. General client/server mode for this mode. In addition, the client is constantly receiving the server-side broadcast information, and when a server stops the service, the client can update the time normally, as long as the server broadcasts the correct and reliable time information. It is generally connected by broadcast mode.
1. server/Client Mode
Client server is the most widely used method on the Internet, after setting up the server, he can configure the client flexibly, let the client choose whether to use NTP server or use that NTP server. The client server uses common RPC (remote-procedure-call) mode to transfer time information. They run the process for the client to make time requests to the server side, and then adjust the time based on the server-side response.
In general, the client can define the interval between their synchronization time, and they request the maximum and minimum time intervals. Clients will be based on their own clock time and NTP server time comparison, if the client's native clock is more accurate, their query time interval will be longer, if the local time error is large, the client will be in a relatively short time to make time requests to ensure the accuracy of client time.
2. Broadcast/multicast mode
Multicast and broadcast methods use broadcast and multicast protocols on Ethernet for time synchronization, and the time server sends broadcast and multicast information to the specified network segment on a timed basis. Using broadcast and multicast requires network devices to support the protocol, and the client also supports the protocol. You can use multicasting and manycasting to broadcast information on different network segments to provide NTP services using broadcast and multicast in complex networks with multiple network segments.
Active/Passive Mode
Active/Passive mode is used at most in the cluster system, because the cluster system for all servers in the same cluster time synchronization requirements are more stringent, they are configured for the NTP server side and the client, in the non-stop clock synchronization service, when one of the servers will not immediately affect the time synchronization of other servers. Can be said to be prepared in a way to synchronize time services.
3. NTP Server Installation
Installation Environment:
[Email protected] ~]# cat/etc/redhat-release CentOS release 6.8 (Final) [[email protected] ~]# uname-r2.6.32-642.el6.x86 _64
The NTP service will be installed by default when the system is installed
[[email protected] ~]# Rpm-qa NTP
Ntp-4.2.6p5-10.el6.centos.x86_64
If not installed
1. Configure the Yum source
1) Backup
Mv/etc/yum.repos.d/centos-base.repo/etc/yum.repos.d/centos-base.repo.backup
2) Download the new Centos-base.repo to/etc/yum.repos.d/
CentOS 5
Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-5.repo
CentOS 6
Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-6.repo
CentOS 7
Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-7.repo
3) After running the Yum Makecache generate cache
2. Installing the NTP service
Yum Install-y NTP
4. Configuration files
[[Email protected] ~]# cat /etc/ntp.conf# for more information about this file, see the man pages# ntp.conf (5),  NTP_ACC (5), ntp_auth ( 5), ntp_clock (5), ntp_misc (5), ntp_mon (5) .driftfile /var/lib/ntp/drift# permit Time synchronization with our time source, but do not# permit the source to query or modify the service on this system.restrict default kod nomodify notrap nopeer noqueryrestrict -6 default kod nomodify notrap nopeer noquery# permit all access over the loopback interface. this could# be tightened as Well, but to do so would effect some of# the administrative functions.restrict&nbSp;127.0.0.1 restrict -6 ::1# hosts on local network are less restricted. #restrict 10.0.0.0 mask 255.255.255.0 nomodify notrap# use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.centos.pool.ntp.org iburst comment out the default time server #server 1.centos.pool.ntp.org iburst Comment out the default time server #server 2.centos.pool.ntp.org iburst comment out the default time server #server 3.centos.pool.ntp.org iburst comment out the default time server server pool.ntp.org Configuring the time server server time.nist.gov Configuring the time server #broadcast 192.168.1.255 autokey # broadcast server#broadcastclient # broadcast client#broadcast 224.0.1.1 autokey # multicast server#multicastclient 224.0.1.1 # multicast client#manycastserver 239.255.254.254 # manycast server# Manycastclient 239.255.254.254 autokey # manycast client# enable public key cryptography. #cryptoincludefile /etc/ntp/crypto/pw# key file containing the keys and key identifiers used when operating# with Symmetric key cryptography. keys /etc/ntp/keys# specify the key identifiers which are trusted.# Trustedkey 4 8 42# specify the key identifier to use with the ntpdc utility. #requestkey 8# specify the key identifier to use with the ntpq utility. #controlkey 8# Enable writing of Statistics records. #statistics clockstats cryptostats loopstats peerstats
5. Start the NTP server
If there is a timed time synchronization first comment out, in order to avoid conflict
[Email protected] ~]# cat/var/spool/cron/root #*/5 * * * */usr/sbin/ntpdate pool.ntp.org &>/dev/null
Start the NTP service
[Email protected] ~]#/etc/init.d/ntpd startstarting ntpd: [OK]
NTPQ is used to monitor NTPD operations, NTPQ-P queries the NTP server in the network, while showing the relationship between the client and each server
[[email protected] ~]# ntpq-p remote refID St T when poll reach delay offset jitter============= =================================================================*news.neu.edu.cn 202.118.1.47 2 U 48 64 1 89 .492 25.310 0.000 Nist1-lnk.binar. Init. u-64 0 0.000 0.000 0.000
Position
|
Sign
|
Meaning
|
Before remote
|
*
|
Responding to the NTP server and the most accurate server
|
+
|
The NTP server that responds to this query request
|
Blank (space)
|
No response to the NTP server
|
Above list
|
Remote
|
The name of the NTP server in response to this request
|
refID
|
The name of a higher-level server used by the NTP server
|
St
|
The level of the NTP server that is responding to the request
|
When
|
The number of seconds since the last successful request
|
Poll
|
Local and remote server how much time to synchronize, in seconds, at the beginning of the NTP run time this poll value will be relatively small, server synchronization frequency, can be adjusted to the correct time range as soon as possible, after the poll value will gradually increase, the frequency of synchronization will be correspondingly reduced
|
Reach
|
Used to test the ability to connect to a server, which is an octal value, and the value of each successful connection increases
|
Delay
|
Roundtrip time to send synchronization requests from the local machine to the NTP server
|
Offset
|
The time offset of the host through the NTP clock synchronization with the synchronized time source, in milliseconds, the closer the offset is to 0, the closer the host and the NTP server time
|
Jitter
|
The distribution of offset in a particular contiguous number of connections is counted. Simply put, the smaller the absolute value, the more accurate the host time
|
The Ntpstat command looks at the time synchronization state, which typically takes 5-10 minutes to connect and synchronize successfully.
[[email protected] ~]# ntpstatsynchronised to NTP Server (216.229.0.179) @ Stratum 2 time correct to within 4121 MS Polling server every s[[email protected] ~]# ntpdate 10.0.0.129 6 June 00:01:39 ntpdate[1496]: The NTP socket is on use , exiting
6. Client Time synchronization
The client waits a few minutes for time synchronization with the newly-started NTP server, otherwise it will prompt the no server suitable for synchronization found error.
[[email protected] ~]# ntpdate 10.0.0.129 8 Sep 15:43:16 ntpdate[2962]: Adjust time server 10.0.0.129 offset 0.117714 sec
The Ntpdate 10.0.0.129 is then written to the scheduled task
This article is from the "Linux" blog, so be sure to keep this source http://whitley.blog.51cto.com/11489734/1850769
Server/Client mode NTP server configuration