Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to configure the NTP server on the CentOS server". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to configure the NTP server on the CentOS server".

Network time Protocol (NTP) is used to synchronize the system time of different hosts on the network. All hosts you manage can synchronize their time with a designated time server called a NTP server. A NTP server, on the other hand, synchronizes its time with any public NTP server, or any server of your choice. All system clocks managed by NTP are synchronized to the millisecond level.

In a corporate environment, if they do not want to turn on the firewall for NTP transport, it is necessary to set up an internal NTP server and then let employees use the internal server instead of the public NTP server. In this guide, we will show you how to configure a CentOS system as a NTP server. Before going into the details, let's take a brief look at the concept of NTP.

Why do we need NTP?

Due to the variety of manufacturing processes, all (non-atomic) clocks do not travel at exactly the same speed. Some clocks go faster and some go more slowly. So after a long period of time, the time of one clock slowly deviates from the other, which is often called "clock drift" or "time drift". To minimize the impact of clock drift, hosts using NTP should periodically interact with designated NTP servers to keep their clocks synchronized.

Time synchronization between different hosts is important for scheduled backups, intrusion detection records, distributed task scheduling, or transaction order management. It should even be part of daily tasks.

The hierarchical structure of NTP

NTP clocks are organized in a hierarchical model. Each layer in the hierarchy is called a stratum (hierarchy). The concept of stratum describes how many NTP hops a machine has to an authorized time source.

Stratum 0 consists of clocks that have no time drift, such as atomic clocks. This kind of clock cannot be used directly on the network. The Stratum N (N > 1) tier server synchronizes time from the Stratum Nmer tier 1 server. Stratum N clocks can be interconnected with each other through the network.

NTP supports up to 15 levels of stratum. Stratum 16 is considered unsynchronized and cannot be used.

Prepare the CentOS server

Now let's start setting up the NTP server on CentOS.

First, we need to make sure that the server's time zone is set correctly. In CentOS 7, we can use the timedatectl command to view and change the time zone of the server (for example, "Australia/Adelaide", LCTT note: China can be set to Asia/Shanghai)

The code is as follows:

# timedatectl list-timezones | grep Australia

# timedatectl set-timezone Australia/Adelaide

# timedatectl

Continue and use yum to install the required software

The code is as follows:

# yum install ntp

Then we will add a global NTP server to synchronize time.

The code is as follows:

# vim / etc/ntp.conf

Server 0.oceania.pool.ntp.org

Server 1.oceania.pool.ntp.org

Server 2.oceania.pool.ntp.org

Server 3.oceania.pool.ntp.org

By default, the logs for the NTP server are saved at / var/log/messages. If you want to use custom log files, you can also specify them.

The code is as follows:

Logfile / var/log/ntpd.log

If you choose a custom log file, be sure to change its owner and SELinux environment.

The code is as follows:

# chown ntp:ntp / var/log/ntpd.log

# chcon-t ntpd_log_t / var/log/ntpd.log

Now initialize the NTP service and make sure it is added to boot.

The code is as follows:

# systemctl restart ntp

# systemctl enable ntp

Verify the NTP Server clock

We can use the ntpq command to check how the clock on the local server is synchronized through NTP.

The following table explains the output column.

The remote source is defined in ntp.conf. The'* 'indicates the currently used and best source; the' + 'indicates that these sources can be used as NTP sources; and the source of the'-'tag is not available.

Refid the IP address of the remote server used to synchronize with the local clock.

St Stratum (hierarchy)

T type. 'u 'means unicast (unicast). Other values include local (local), multicast (multicast), and broadcast (broadcast).

The time (in seconds) that has elapsed since when last interacted with the server.

The polling interval between the poll and the server, in seconds.

Reach indicates whether there are any errors in the octal number when interacting with the server. A value of 337 indicates 100% success (that is, decimal 255).

The time between the delay server and the remote server back and forth.

Offset the time difference between our server and the remote server in milliseconds.

The average time difference between jitter samples is measured in milliseconds.

Control access to the NTP server

By default, the NTP server allows queries from all hosts. If you want to filter NTP synchronous connections, you can add rules to your firewall to filter traffic.

# iptables-An INPUT-s 192.168.1.0 pound 24-p udp-- dport 123-j ACCEPT

# iptables-An INPUT-p udp-- dport 123-j DROP

This rule allows NTP traffic from 192.168.1.0 to 24 (port UDP/123), and traffic from any other network will be dropped. You can change the rules as needed.

Configure the NTP client

1. Linux

The NTP client host requires a ntpupdate package to synchronize time with the server. You can easily install this package using yum or apt-get. After installing the package, run the following command with the server's IP address.

The code is as follows:

# ntpdate

RHEL-based and Debian-based system commands are the same.

2. Windows

If you are using Windows, look for Network time (Internet Time) under date and time Settings (Date and Time settings).

3. Cisco equipment

If you want to synchronize the time of Cisco devices, you can use the following command in global configuration mode.

The code is as follows:

# ntp server

NTP-enabled devices from other manufacturers have their own parameters for network time. If you want to synchronize the device with the NTP server, please check the documentation for the device.

Thank you for reading, the above is the content of "how to configure the NTP server on the CentOS server". After the study of this article, I believe you have a deeper understanding of how to configure the NTP server on the CentOS server, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.