Windows clock Sync problem
During the system deployment process, the clock synchronization problem is required, which only illustrates the problem of Windows clock synchronization
1, the clock server settings
Windows Server 2000 has the Time service program running-〉 Computer Configuration-〉 Management Templates-〉 system-〉windows Time service, start time service.
2, client settings
NET Time/setsntp:[server NAME]
Network Time Protocol (N T P) is a T C p/i P protocol that is used to distribute exact time throughout the network, and its own transmission is based on U D P, preserving the port number 123. It can make a computer or network device to its server or clock source (such as a clock, GPS, etc.) to synchronize, can provide high accuracy of time correction (LAN and standard difference is less than 1 milliseconds, wan dozens of milliseconds), and can be encrypted by the way to prevent malicious protocol attacks. NTP provides accurate time, first of all to have an accurate time source, this time should be international standard UTC. NTP can obtain UTC in time from atomic clocks, observatories, satellites, or from the Internet. This will have an accurate and reliable time source. Time is propagated at the level of the NTP server. All servers are grouped into different stratun (layers) According to the distance from the external UTC source. Stratum-1 at the top, with external UTC access, while Stratum-2 gets time from Stratum-1, Stratum-3 gets time from Stratum-2, and so on, but the total number of stratum layers is limited to 15. All of these servers logically form a ladder-type architecture that is interconnected, while the Stratum-1 time server is the foundation of the entire system. Computer host is usually connected with multiple time servers, using statistical algorithms to filter the time from different servers to select the best path and source to correct the host time. The NTP service works even if the host is unable to connect with a time server for a long time. To prevent malicious damage to the time server, NTP used the identification (authentication) mechanism to check whether the information from the right time was actually coming from the declared server and checking the return path of the data to provide protection against interference.
The implementation of NTP
The implementation under Windows System (PC-PC):
Server-side (Windows2000 OR Windows XP):
Method One:
First step: Specify the primary time server. In DOS type "net TIME/SETSNTP:", here we specify is the main time server, also can be other address.
Step two: Start synchronizing with the main time server. Turn off the Windows Time service before opening the service. You can do this in the services interface of the administrative tools, or you can enter "net stop W32Time", "net start W32Time" in DOS.
Step three: Set the computer's Windows Time service to start automatically. Done under the services interface of the administrative tools. Note This Windows host cannot join any domains, or the Windows Time service cannot be started. At this point, the Windows computer is already connected to the main time server customers, and every time the computer starts, will automatically check time with the main time server. If the network does not work, the computer will automatically proofread the time again after 45 minutes. Note that the computer clock and standard Time error can not exceed 12 hours, or can not automatically proofread, but to manually correct.
Step Fourth: Make this computer a time server for computer proofing time inside the LAN. Run "regedit" to the "Hkey_local_machine_system_currentcontrolset_services_w32time_parameters" in the localntp change to 1.
Method Two:
Install the third party NTP server software and recommend the use of NTP V4.1
1. Prompt to set the server address when installing, enter the IP address of NTP server
CONTROLS: Control Panel->; management Tools->; Component Services-networktimeprotocol
3. You can start the ntpd daemon to keep time synchronized
4. There is an NTP configuration file under the C:\WINNT directory
Set to:
Server. 1.0 prefer
Fudge. 1.0 Stratum 10
5. Determine if NTP is working: NTPQ? Cp
Client:
The client's primary task is to connect to a time server within the LAN to keep the computer's clock synchronized with the server. Introduction to several Linux, Windows98, 2000, XP
1, Linux Host
In fact, in the above introduction of the NTP service in the Linux system, has mentioned the NTP Time service is also a Time service client, as long as the "server" in the/etc/file is changed to "Server internal time server IP address." If you do not want to use the NTP service, you can also use the Ntpdate command that is brought in the NTP package, as long as you manually execute the ntpdate time server IP address. If you want to automatically pair on a daily basis, you can put this command in cron and note that the NTP service and the Ntpdate command cannot be used at the same time on the same computer.
2, Windows2000 Host
The first three steps when you perform a set time server
3, Windows XP mainframe
You can press the Windows2000 host's method setting, or double-click the clock icon in the lower-right corner of the taskbar to open the Date-Time Properties dialog box, and on the Internet time card, select Auto sync with Internet time server. And on the server to fill in the internal time server IP address can be.
4, Windows98 Host
Need to install third party software, recommend using Achron. Software simple operation, as long as the "Hostname or IP Address" in the LAN time server IP addresses, "Protocol" selected SNTP can be. Of course, performing a "net Time machine name or IP address/set/yes" on a windows98 computer may also sync clocks with other Windows computers, provided they are on the same network segment and have a NetBIOS protocol installed. Put the command in, you can do the power-on automatically.
II. Implementation of UNIX systems (PC-PC):
Server-side
Take Linux REDHAT 9.0 for example:
Step one: Check to see if the NTP package is already installed. Enter "Rpm-qa|grep NTP" and if it is already installed, "" should be displayed.
Step two: Install the NTP software, download the RPM package from ftp://, and enter "RPM-IVH" to perform the installation.
Step three: Configure the NTP service. After backing up the original/etc/file, enter the following
Server
Server
Server
Driftfile/etc/ntp/drift
3 Rows Server is set up to provide connectivity redundancy, when the first address fails, the following address provides a time service, note the corresponding set of IP addresses here, assigned by DNS randomly.
Fourth step: Start NTP service. Enter "service NTP restart". In order to ensure that the NTP service can start automatically after Linux starts, enter "Chkconfig ntpd on". The NTP software of Linux not only can keep synchronized with the clock on the Internet automatically, at the same time it is already a SNTP server, it can be used for computer proofreading time in LAN. It is recommended that you start the NTP service by manually correcting the time with the date command, and then the system will automatically synchronize with the main time server on the Internet. NTP service also has a benefit, if the current system time and standard time error, it is not immediately corrected time, but gradually reduce the error with the standard time, so as to avoid the internal system time mutation.
Take HP-UX as an example:
The time zone configuration file on the HP-UX system is/etc/timezone, as follows
Tz=eat-8
Export TZ
The time zone is set up to configure the NTP server, modify the configuration file/etc/, and set the following parameters:
Server to synchronize the time of the superior servers, online there are a lot of free.
Restrict set access rights, note Restrict default ignore must comment out
Reference Setup Example:
Server
Restrict. 0.0 mask. 0 notrust nomodify Notrap
Allow network segment machines to access the server, but not allow them to modify.
Client settings are the same as the client settings implemented under Windows systems
Third, the network equipment NTP implementation (in Cisco IOS as an example):
The clock source for NTP can also use the clock on the router under normal circumstances. High-grade routers/switches provide hardware clocks, called Calendat, and clock independent of each other, when the system restarts clock use the calendar value. You can set the value of the hardware clock with the command calendar set, use the command clock Read-calendar to set the system clock to the calendar value, or use the command clock Update-calendar to write the current system clock value to the calendar. On the client, using NTP master x.x.x.x to specify the NTP server address (catos:set NTP server x.x.x.x), the command NTP update Update-calendar allows the NTP protocol to periodically update the value of the calendar. If you change the time of the clock source, it takes a few minutes to sync to the client, and it takes a long time to update the calendar. Common debugging commands are: Show NTP status and show NTP associations.
The convergence of N T P (c o n v e RG e n c e) may take up to half an hour, which means that after modifying the N T P main system clock, the other clocks are synchronized in half an hour. This is because n T p treats the change of the clock as the instability of the clock system. NTP needs to wait for system stability before synchronizing and passing clock changes
Commands and definitions to be used for NTP configuration in Cisco Network systems:
NTP access-group: This global command is used for access control of the router n T P service.
NTP authenticate: is a global command that enables n T p authentication.
NTP authentication-key: This global command defines the key value of n T p authentication.
NTP broadcast: is an interface command that specifies a specific interface to send n T p broadcast packets.
NTP broadcast client: is an interface command that enables routers to receive n T p broadcast packets through a specific interface.
NTP broadcast delay: is a global command that sets the estimate of the time required for a packet to return between the router and the N T P server.
NTP clock-period: This global command does not have to be entered, and when n T p is used to synchronize the system clock, the router automatically generates this command.
NTP disable: This interface command causes a specific interface to not receive n T p packets.
NTP master: This global command is used to configure the router to be the N T P primary clock, which is only used if there is no external n T p source available or for test purposes.
NTP peer: This global command synchronizes the router's system clock with its counterpart's clock (or synchronizes the peer's clock).
NTP server: This global command synchronizes the system clock of the router with the time server.
NTP Source: This global command forces the router to use a specific source address in its N T p package.
NTP trusted-key: This global command is used to confirm a specific authentication key value for a router.
NTP Update-calendar: This global command causes N T p to periodically update the calendars of Cisco 7XXX series routers.
Show NTP status: is a mode command that displays the N T p information for a router, which can indicate whether the router is synchronized through a N T P peer or through a N T P server.
Show NTP Association[detail]: This execution mode command displays information about n T p, such as polling cycles.
Brief Configuration Example:
EXAMPLE 1
Router A and router B are connected through a serial port, router A is set to n T p main clock, and Router B is configured to synchronize the clock according to Router a.
...
Routera#clock Set Xx:xx:xx:xx
Routera (config) # int S0
Routera (config-if) #ip Add. 1.1.0
routera# NTP Master 1
ROUTERB#NTP Server. 1.1
...
EXAMPLE 2
Router A is set to n T p main clock, router B is configured to clock sync with Router a via N T P server, and router C is configured as a peer of Router B, synchronizing with B's clock. Three routers are connected through a serial port, and connections between routers A and B, between routers B and C, use crossover cables.
...
Routera#clock Set Xx:xx:xx:xx
Routera (config) # int S0
Routera (config-if) #ip Add. 1.1.0
routera# NTP Master 1
ROUTERB#NTP Server. 1.1
Routerb (config-if) IP Add. 1.2.0
ROUTERC#NTP Peer. 1.2
...
EXAMPLE 3
Cisco NTP with LAN broadcast
3 routers connect to the same network segment via Ethernet, and router a acts as an NTP server to send an NTP broadcast to Ethernet via the E0 interface.
...
Routera#clock Set Xx:xx:xx:xx
Routera (Config0#int E0
Routera (config-if) #ip Add. 1.1.0
Routera (CONFIG-IF) #ntp broadcast
routera# NTP Master
Routerb (config) #int E0
Routerb (config-if) # IP Add. 1.2.0
Routerb (CONFIG-IF) #ntp broadcast Client
Routerc (config) #int E0
Routerc (config-if) # IP Add. 1.3.0
Routerc (CONFIG-IF) #ntp broadcast Client
PC clients are configured with the previous two methods.