NTP Server Installation and Configuration

1.  Setting up your Local NTP server (e.g. 10.121.122.17)

 

NTP or network time protocol is a protocol that will synchronize the time of a computer client or server to another server or reference time source, such as a radio or satellite receiver or modem. Typical NTP configurations utilize multiple redundant servers and diverse network paths in order to achieve high accuracy and reliability.

Follow the below setup to install your ntp server and ntp client machine:

$ yum install -y ntp ntpdate

2.  If the server you are setting up do not have internet connection, you can synchronize it with the local time of the server itself. Just comment the server part, and change it to 127.127.1.0. The sratum level is for determining what level this time server is set up for. Stratum 0 usually refers to real clock, for example atomic (cesium, rubidium) clocks or GPS clocks or other radio clocks. Stratum 1 is the machine connected to stratum 0 devices.

#server mst.sirim.my prefer

#server my.pool.ntp.org

server 127.127.1.0

fudge 127.127.1.0 stratum 10

Now edit ntp.conf: $ vi /etc/ntp.conf

#For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default kod nomodify notrap nopeer noquery #restrict default ignore restrict -6 default kod nomodify notrap nopeer noquery # Permit all access over the loopback interface.  This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict -6 ::1 # Hosts on local network are less restricted. #restrict 10.121.122.0 mask 255.255.255.224 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.rhel.pool.ntp.org #server 1.rhel.pool.ntp.org #server 2.rhel.pool.ntp.org #broadcast 192.168.1.255 autokey        # broadcast server #broadcastclient                        # broadcast client #broadcast 224.0.1.1 autokey            # multicast server #multicastclient 224.0.1.1              # multicast client #manycastserver 239.255.254.254         # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Undisciplined Local Clock. This is a fake driver intended for backup # and when no outside source of synchronized time is available. #server 10.121.122.17   # local clock server 127.127.1.0 fudge   127.127.1.0 stratum 10 # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats

4. Synchronize the server's time with the ntp server:

                                $ ntpdate -u 10.121.122.17

5. Start ntpd service:

                                             $ service ntpd start

6. Check NTP server is running or not:

$ntpq –p

[root@10.121.122.17 ~]# ntpq -p      remote           refid      st t when poll reach   delay   offset  jitter ============================================================================== *LOCAL(0)        .LOCL.          10 l   50   64  377    0.000    0.000   0.000

7.   Add the following rule in firewall to allow 123 port connectivity for the NTP client machine. NTP runs on UDP port.

               -A INPUT -p udp -m state --state NEW -m udp --dport  123 -j ACCEPT

8. Add ntpd in the service list:

                      $chkconfig ntpd on

2.  Setting up your Local NTP Client

1. In the client machine, stop ntpd to avoid conflict:

                    $ service ntpd stop

2. Add the following line in  /etc/ntp.conf file to point to NTP server

server 10.121.122.17

3. Run ntpdate to sync with the NTP server

                          $ ntpdate -u 10.121.122.17.

4. Check that your ntp client machine is sync with the server NTP:

[root@10.121.122.18 ~]# ntpq -p      remote           refid      st t when poll reach   delay   offset  jitter ============================================================================== *10.121.122.17   LOCAL(0)        11 u  655 1024  377    0.225   -4.319   0.187

You can also put this command in crontab for the client to be update frequently.

5. Add ntpd in the service list:

                                         $chkconfig ntpd on

6. Now finally you can start the ntpd service:

                                        $service ntpd start