Related Articles
ntp
| Article Index |
|---|
| ntp |
| Page 2 |
| Page 3 |
| All Pages |
### NTP DEAMON CONFIG###
It is recomended to issue command `ntpdate` for sinc server time with external source before configuration of ntp deamon in general, course, if a time is different significantly, it will take some time to sync betwen your server and ext source, if any
you don't tell ntpd how often to sync, it doesn't work like that, and it's kind of the case that you need to appreciate that it has reasons to do what it does.ntpd will eventually slow down automatically to synchronize once every 1024 seconds, about 17 minutes. but if it is doing it more often than this then it has a good reason to. i found ntpd to be real black magic until i found the ntpq command. run
"ntpq -pn"
and you can see the current state of the ntp daemon. how often it's query the remote servers, which one's it's using etc... it's really an eye opener once you look at that.
that said i've had awful trouble getting a reliable time source under vmware and did have to use a cold hard ntpdate command to reign it in, but that's a very different story.
oh hey, there was a 2nd page!
Verifying NTP is Running
To test whether the NTP process is running use the command
[root@bigboy tmp]# pgrep ntpd
You should get a response of plain old process ID numbers.
The /etc/ntp.conf file is the main configuration file for Linux NTP in which you place the IP addresses of the stratum 1 and stratum 2 servers you want to use. Here are the steps to create a configuration file using a pair of sample Internet-based NTP servers:
1) First we specify the servers you're interested in:
server otherntp.server.org # A stratum 1 server at server.org
server ntp.research.gov # A stratum 2 server at research.gov
2) Restrict the type of access you allow these servers.
In this example the servers are not allowed to modify the run-time configuration or query your Linux NTP server.
restrict otherntp.server.org mask 255.255.255.255 nomodify notrap noquery
restrict ntp.research.gov mask 255.255.255.255 nomodify notrap noquery
The mask 255.255.255.255 statement is really a subnet mask limiting access to the single IP address of the remote NTP servers.
3) If this server is also going to provide time for other computers, such as PCs, other Linux servers and networking devices, then you'll have to define the networks from which this server will accept NTP synchronization requests.
You do so with a modified restrict statement removing the noquery keyword to allow the network to query your NTP server. The syntax is:
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
In this case the mask statement has been expanded to include all 255 possible IP addresses on the local network.
4) We also want to make sure that localhost (the universal IP address used to refer to a Linux server itself) has full access without any restricting keywords:
restrict 127.0.0.1
5) Save the file and restart NTP for these settings to take effect.
You can now configure other Linux hosts on your network to synchronize with this new master NTP server in a similar fashion.
********************************************************************************************************************
------ Christopher wrote:
I've configured my ntpd to check no.pool.ntp.org for the right time. How often does ntpd sync with this server(s)?
ntpstat should tell you this. As should the different (l|o|n)peers commands in ntpq.
------ grep -v ^# /etc/ntp.conf |grep -v ^$
restrict default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org
fudge 127.127.1.0 stratum 10
driftfile /var/lib/ntp/drift
keys /etc/ntp/keys
restrict 0.rhel.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 1.rhel.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 2.rhel.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
********************************************************************************************************************