Server/Client mode NTP server configuration

Source: Internet
Author: User
Tags aliyun

1, NTP service introduction

Network time Protocol (NTP) is a protocol used to synchronize the computer's timing, which allows the computer to synchronize its servers or clock sources (such as quartz clocks, GPS, and so on), which provides high-precision time correction (less than 1 milliseconds between the LAN and the standard difference, Dozens of MS on the WAN), and can be referred to as a cryptographic acknowledgment to prevent malicious protocol attacks. NTP can take advantage of multiple paths and sources of time servers to more accurately calibrate time.

Most of the operating systems now support NTP, such as having their own NTP services in UNIX and Windows. For example, SNTP in Windows. Because the system vendors will be based on their own system to optimize NTP and set up, more suitable for his own system, the compatibility of other systems will be much worse. There are different versions of the NTP service that are used by the system at various times. The latest version bit V4, because each version has his own characteristics. So there are some compatibility issues when setting up an NTP server. Therefore, in a multi-type operating system environment, try to use the software provided by the NTP official organization instead of using the NTP server provided by the other vendors in the system. NTP official organization for Www.ntp.org


2. How NTP servers operate


NTP servers are used in a way that includes fixed connections and dynamic connections. In a fixed connection, the client receives only the specified server-side connection and does not switch to another server-side receive time, regardless of whether the service side is connected properly. General client/server mode for this mode. In addition, the client is constantly receiving the server-side broadcast information, and when a server stops the service, the client can update the time normally, as long as the server broadcasts the correct and reliable time information. It is generally connected by broadcast mode.

1. server/Client Mode

Client server is the most widely used method on the Internet, after setting up the server, he can configure the client flexibly, let the client choose whether to use NTP server or use that NTP server. The client server uses common RPC (remote-procedure-call) mode to transfer time information. They run the process for the client to make time requests to the server side, and then adjust the time based on the server-side response.

In general, the client can define the interval between their synchronization time, and they request the maximum and minimum time intervals. Clients will be based on their own clock time and NTP server time comparison, if the client's native clock is more accurate, their query time interval will be longer, if the local time error is large, the client will be in a relatively short time to make time requests to ensure the accuracy of client time.

2. Broadcast/multicast mode

Multicast and broadcast methods use broadcast and multicast protocols on Ethernet for time synchronization, and the time server sends broadcast and multicast information to the specified network segment on a timed basis. Using broadcast and multicast requires network devices to support the protocol, and the client also supports the protocol. You can use multicasting and manycasting to broadcast information on different network segments to provide NTP services using broadcast and multicast in complex networks with multiple network segments.

Active/Passive Mode

Active/Passive mode is used at most in the cluster system, because the cluster system for all servers in the same cluster time synchronization requirements are more stringent, they are configured for the NTP server side and the client, in the non-stop clock synchronization service, when one of the servers will not immediately affect the time synchronization of other servers. Can be said to be prepared in a way to synchronize time services.


3. NTP Server Installation

Installation Environment:

[Email protected] ~]# cat/etc/redhat-release CentOS release 6.8 (Final) [[email protected] ~]# uname-r2.6.32-642.el6.x86 _64

The NTP service will be installed by default when the system is installed

[[email protected] ~]# Rpm-qa NTP

Ntp-4.2.6p5-10.el6.centos.x86_64

If not installed

1. Configure the Yum source

1) Backup

Mv/etc/yum.repos.d/centos-base.repo/etc/yum.repos.d/centos-base.repo.backup

2) Download the new Centos-base.repo to/etc/yum.repos.d/

CentOS 5

Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-5.repo

CentOS 6

Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-6.repo

CentOS 7

Wget-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-7.repo

3) After running the Yum Makecache generate cache

2. Installing the NTP service

Yum Install-y NTP


4. Configuration files

[[Email protected] ~]# cat /etc/ntp.conf# for more information about  this file, see the man pages# ntp.conf (5),  NTP_ACC (5),  ntp_auth ( 5),  ntp_clock (5),  ntp_misc (5),  ntp_mon (5) .driftfile /var/lib/ntp/drift# permit  Time synchronization with our time source, but do not# permit  the source to query or modify the service on this  system.restrict default kod nomodify notrap nopeer noqueryrestrict -6  default kod nomodify notrap nopeer noquery# permit all access  over the loopback interface.  this could# be tightened as  Well, but to do so would effect some of# the administrative  functions.restrict&nbSp;127.0.0.1 restrict -6 ::1# hosts on local network are less  restricted. #restrict  10.0.0.0 mask 255.255.255.0 nomodify notrap# use  public servers from the pool.ntp.org project.# Please consider  joining the pool  (http://www.pool.ntp.org/join.html). #server  0.centos.pool.ntp.org  iburst     comment out the default time server #server 1.centos.pool.ntp.org iburst      Comment out the default time server #server 2.centos.pool.ntp.org iburst     comment out the default time server #server  3.centos.pool.ntp.org iburst     comment out the default time server server pool.ntp.org                Configuring the time server server time.nist.gov               Configuring the time server #broadcast 192.168.1.255  autokey        # broadcast server#broadcastclient                         #  broadcast client#broadcast 224.0.1.1 autokey             # multicast server#multicastclient 224.0.1.1               # multicast client#manycastserver  239.255.254.254         # manycast server# Manycastclient 239.255.254.254 autokey # manycast client# enable public  key cryptography. #cryptoincludefile  /etc/ntp/crypto/pw# key file containing  the keys and key identifiers used when operating# with  Symmetric key cryptography. keys /etc/ntp/keys# specify the key identifiers which are trusted.# Trustedkey 4 8 42# specify the key identifier to use with  the ntpdc utility. #requestkey  8# specify the key identifier to  use with the ntpq utility. #controlkey  8# Enable writing of  Statistics records. #statistics  clockstats cryptostats loopstats peerstats


5. Start the NTP server

If there is a timed time synchronization first comment out, in order to avoid conflict

[Email protected] ~]# cat/var/spool/cron/root #*/5 * * * */usr/sbin/ntpdate pool.ntp.org &>/dev/null

Start the NTP service

[Email protected] ~]#/etc/init.d/ntpd startstarting ntpd: [OK]


NTPQ is used to monitor NTPD operations, NTPQ-P queries the NTP server in the network, while showing the relationship between the client and each server

[[email protected] ~]# ntpq-p remote refID St T when poll reach delay offset jitter============= =================================================================*news.neu.edu.cn 202.118.1.47 2 U 48 64 1 89 .492 25.310 0.000 Nist1-lnk.binar.          Init. u-64 0 0.000 0.000 0.000
Position
Sign
Meaning
Before remote
*
Responding to the NTP server and the most accurate server
+
The NTP server that responds to this query request
Blank (space)
No response to the NTP server
Above list
Remote
The name of the NTP server in response to this request
refID
The name of a higher-level server used by the NTP server
St
The level of the NTP server that is responding to the request
When
The number of seconds since the last successful request
Poll
Local and remote server how much time to synchronize, in seconds, at the beginning of the NTP run time this poll value will be relatively small, server synchronization frequency, can be adjusted to the correct time range as soon as possible, after the poll value will gradually increase, the frequency of synchronization will be correspondingly reduced
Reach
Used to test the ability to connect to a server, which is an octal value, and the value of each successful connection increases
Delay
Roundtrip time to send synchronization requests from the local machine to the NTP server
Offset
The time offset of the host through the NTP clock synchronization with the synchronized time source, in milliseconds, the closer the offset is to 0, the closer the host and the NTP server time
Jitter
The distribution of offset in a particular contiguous number of connections is counted. Simply put, the smaller the absolute value, the more accurate the host time

The Ntpstat command looks at the time synchronization state, which typically takes 5-10 minutes to connect and synchronize successfully.

[[email protected] ~]# ntpstatsynchronised to NTP Server (216.229.0.179) @ Stratum 2 time correct to within 4121 MS Polling server every s[[email protected] ~]# ntpdate 10.0.0.129 6 June 00:01:39 ntpdate[1496]: The NTP socket is on use , exiting

6. Client Time synchronization

The client waits a few minutes for time synchronization with the newly-started NTP server, otherwise it will prompt the no server suitable for synchronization found error.

[[email protected] ~]# ntpdate 10.0.0.129 8 Sep 15:43:16 ntpdate[2962]: Adjust time server 10.0.0.129 offset 0.117714 sec

The Ntpdate 10.0.0.129 is then written to the scheduled task


This article is from the "Linux" blog, so be sure to keep this source http://whitley.blog.51cto.com/11489734/1850769

Server/Client mode NTP server configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.