Download and Install
The NTP Package
Downloading and installing RPMs isn't hard. Type
"yum -y ntp install" to install and update the ntp RPM
The
/etc/ntp.conf File
The /etc/ntp.conf file is the main configuration
file for Linux NTP in which we place the IP addresses or server names we want
to use. Here are the steps to create a configuration file using a pair of
sample Internet-based NTP servers:
1) First we specify the servers we're interested
in:
server
0.centos.pool.ntp.org
server
1.centos.pool.ntp.org
server
2.centos.pool.ntp.org
2) Restrict the type of access we will allow
these servers. In this example the servers are not allowed to modify the
run-time configuration or query your Linux NTP server.
restrict
0.centos.pool.ntp.org mask 255.255.255.255 nomdify notrap noquery
restrict
1.centos.pool.ntp.org mask 255.255.255.255 nomdify notrap noquery
restrict
2.centos.pool.ntp.org mask 255.255.255.255 nomdify notrap noquery
The mask 255.255.255.255 statement is really a
subnet mask limiting access to the single IP address of the remote NTP servers.
3) If this server is also going to provide time
for other computers, such as PCs, other Linux servers and networking devices,
then we'll have to define the networks from which this server will accept NTP
synchronization requests. We do so with a modified restrict statement removing
the noquery keyword to allow the network to query your NTP server. The syntax
is:
restrict 192.168.1.0
mask 255.255.255.0 nomodify notrap
In this case the mask statement has been
expanded to include all 255 possible IP addresses on the local network.
4) We also want to make sure that localhost (the
universal IP address used to refer to a Linux server itself) has full access
without any restricting keywords:
restrict 127.0.0.1
5) Save the file and restart NTP for these
settings to take effect. You can now configure other Linux hosts on your
network to synchronize with this new master NTP server in a similar fashion.
We have to restart the NTP process every time
you make a change to the configuration file for the changes to take effect on
the running process.
To get NTP configured to start at boot, use the
line:
[root@]# chkconfig ntpd on
To start, stop and restart NTP after booting,
follow these examples:
[root@localhost]#
service ntpd start
[root@localhost]#
service ntpd stop
[root@localhost]#
service ntpd restart
Testing And Troubleshooting NTP
After configuring and starting NTP, we should
test it to make sure it is working. Here are some guidelines to follow to get
NTP working correctly.
To test whether the NTP process is running use
the command
[root@localhost]#
pgrep ntpd
We should get a response of plain old process ID
numbers.
If the time on the local server is very
different from that of its primary time server the NTP daemon will eventually
terminate itself leaving an error message in the /var/log/messages file. We
should run the ntpdate -u command to force your server to become instantly
synchronized with its NTP servers before starting the NTP daemon for the first
time. The ntpdate command doesn't run continuously in the background, you will
still have to run the ntpd daemon to get continuous NTP updates.
Take a look at some sample output of the ntpdate
command in which a server whose initial time was set to midnight, was correctly
set to 8:03 am.
The date was originally
set to midnight which was verified by using the date command.
[root@localhost]# date
Wed Jul 12 00:00:00
PKT 2010
[root@localhost]#
The ntpdate command is run
three times to synchronize drc-blade03's clock to server 192.168.1.50, but it
must be run while the ntpd process is stopped. So we'll have to stop ntpd, run
ntpdate and then start ntpd again.
[root@localhost]#
service ntpd stop
[root@localhost]# ntpdate -u 192.168.1.50
Looking for host 192.168.1.50 and service ntp
host found : time.server.com
14 July 08:03:38 ntpdate[2472]: step time server 192.168.1.50
offset 28993.084943 sec
[root@localhost]# ntpdate -u 192.168.1.50
Looking for host 192.168.1.50 and service ntp
host found : time.server.com
14 July 08:03:38 ntpdate[2472]: step time server 192.168.1.50
offset 28993.084943 sec
[root@localhost]# ntpdate -u 192.168.1.50
Looking for host 192.168.1.50 and service ntp
host found : time.server.com
14 July 08:03:38 ntpdate[2472]: step time server 192.168.1.50
offset 28993.084943 sec
[root@localhost]# service ntpd start
[root@localhost]#
The date is now
corrected.
[root@localhost]# date
Wed Jul 14 08:03:45
PKT 2010
[root@localhost]#
We can use NTP to synchronize time on a variety
of devices including networking equipment. I have included the necessary NTP commands
for a variety of Cisco Systems products because it is one of the most popular
manufacturers of networking equipment and would feature in the overall
architectures of many home office/small office (SOHO) environments and
corporate departments.
To make your router synchronize with NTP servers
with IP addresses 192.168.1.50, use the commands:
ciscorouter> enable
password: *********
ciscorouter# config t
ciscorouter(config)#
ntp update-calendar
ciscorouter(config)#
ntp server 192.168.1.50
ciscorouter(config)#
exit
ciscorouter# wr mem
The ntp server command forms a server
association with another system, and ntp update-calendar configures the system
to update its hardware clock from the software clock at periodic intervals.
To make your router synchronize with NTP servers
with IP addresses 192.168.1.50, use the commands:
ciscoswitch> enable
password: *********
ciscoswitch# set ntp
client enable
ciscoswitch# ntp
server 192.168.1.50
ciscoswitch# exit
The ntp server command forms a server
association with another system, and set ntp client enable activates the NTP
client.
Windows clients that are part of an Active
Directory domain automatically get their time synchronized from the domain server.
If your client is not part of a domain you can add your new NTP server to your
Windows client. Here's how:
Click on the time at the
bottom right hand side of your screen.
Click on the
"Internet Time" tab of the dialog box
Click the check box
labeled "Automatically synchronize with an Internet time server" and
enter the name or IP address in the box underneath it.
Click on the
"Update Now" button
You will get a message saying "Your time
has been successfully synchronized" when the operation is complete.
No comments:
Post a Comment