Shulou(Shulou.com)06/02 Report--

This paper introduces NTP server in detail from NTP communication protocol, NTP server hierarchy concept, NTP server installation and configuration, Client installation and configuration, NTP start-up and observation, etc.

Previous Previous post: Firewall

The clock recorded inside the computer is recorded in the BIOS(CMOS), but if the CMOS battery on the computer is dead, or some special factors cause the BIOS data to be cleared, then the time of the computer will be inaccurate. In real life, we can adjust our watches through TV stations, radio stations, and telephones, so on the Internet, we need NTP servers to keep our hosts accurate at all times.

How many time zones are there in the world? GMT in which time zone?

There are 24 time zones in the world, because 360 degrees around the earth, this 360 degrees is divided into 24 time zones, of course, a time zone is 15 degrees, and because Greenwich Mean Time (GMT) is the standard time, although Beijing time is used later as the standard time, but linux does not reflect this change, so Beijing time is not seen when defining time zones by default in linux. And because China is east of Greenwich, Beijing time (local time) will be 8 hours earlier than GMT time (GMT +8)

1 NTP communication protocol

Network Time Protocol, how do you synchronize the time between server and client?

1) First of all, the host must start this daemon.

2) After that, the client will check the time message to NTP server.

The NTP Server then sends the current standard time to the Client.

4) After receiving the time from the Server, the Client adjusts its own time and achieves network timing.

ntp This daemon uses port 123 as the connection port (using UDP packets), so if we want to use Time Server to synchronize the time update, we have to use ntpdate provided by NTP software to connect to port 123.

2 Hierarchy concept of NTP servers

Because NTP time servers use a similar hierarchy to handle time synchronization, they use a master-slave architecture similar to that of a normal server/client. There are primary and secondary time servers in the network society, which belong to the first and second order time servers (stratum-1, stratum-2).

Tips: NTP hierarchy is similar to DNS. When you set up an NTP host, the primary host that NTP requests synchronization is stratum-1, then your NTP is stratum-2. For example, if our NTP requests time synchronization from tock.stdtime.gov.tw, the stratum-2 host in Taiwan, then our host is stratum-3. If there are other NTP hosts requesting time synchronization from us, then this host will be stratum-4! That's it ~ how many classes can there be at most? Up to 15 levels.

3 NTP Server Installation and Settings 3.1 Check whether the NTP service component rpm -qa is installed| grep "ntp" #Check whether ntp components are installed. There are two components as follows: ntpdate-4.2.6p5-1.el6.centos.x86_64ntp-4.2.6p5-1.el6.centos.x86_643.2 yum installation yum -y install ntp1.3 ntp3.3 configuration file

profile

/etc/ntp.conf

Profile Default Content

egrep -v "^$|#" ntp.conf The requested URL/var/lib/ntp/drifrestrict/was not found on this server. #restrict -6 default kod nomodify notrap nopeer noqueryrestrict 127.0.0.1 #Allow all operations on local address restrict -6 ::1

server 0.centos.pool.ntp.org iburst #Default upper time server 1.centos.pool.ntp.org iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburstincludefile /etc/ntp/crypto/pwkeys /etc/ntp/keys

modify the configuration

cat /etc/ntp.confdriftfile /var/lib/ntp/driftrestrict default kod nomodify notrap nopeer noquery #restrict -6 default kod nomodify notrap nopeer noqueryrestrict 127.0.0.1 #Allow all operations on this machine restrict 192.168.1.0 mask 255.255.255.0 nomodify #Allow all clients in the local area network to connect to this server restrict -6 ::1 Synchronization time. But refused to let them modify the time on the server #server 0.centos.pool.ntp.org iburst#server 1.centos.pool.ntp.org iburst#server www.example.com iburst#server 2.centos.pool.ntp.org iburst#server ntp1.aliyun.com 3.centos.pool.ntp.org #Synchronizing public network time server 127.127.1.0 #If you cannot connect to the public network, use your own time as the standard time. fudge 127.127.1.0 stratum 10 #Set stratum level includefile /etc/ntp/crypto/pwkeys /etc/ntp/keys3.4 restrict security-related parameters

ignore: Turn off all NTP online services

nomodify: The client cannot change the time parameter of the server, but the client can correct the network time through the server.

notrust: Unless the client is authenticated, the client origin is considered an untrusted subnet.

noquery: does not provide client time query

4 Client installation and configuration

Client installation is the same as server, as above.

4.1 configuration file driftfile /var/lib/ntp/driftrestrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noqueryrestrict 127.0.0.1

restrict -6 ::1

#server 0.centos.pool.ntp.org iburst #

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.