Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to install and deploy ntp time server". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to install and deploy ntp time server".

Brief introduction of ntp time Server ntp

NTP (Network Time Protocol, Network time Protocol) is a protocol used to synchronize the time of various computers in the network. Its purpose is to put

The computer clock is synchronized to UTC UTC, its accuracy can reach 0.1ms in the local area network, and its accuracy can reach 1-in most places on the Internet.

50ms .

NTP server uses NTP protocol to provide time synchronization service.

Environment preparation [root@ntpserver ~] # cat / etc/redhat-releaseCentOS Linux release 7.5.1804 (Core) Host Planning NTP server: ntpserver IP:10.0.0.61NTP client: ntpclient IP:10.0.0.7 server installation and deployment

Install ntp and ntpdate

Yum install ntp ntpdate-y

Start ntp

Systemctl start ntpd.servicesystemctl enable ntpd.service

Check to see if it is successful

Netstat-lntup | grep ntpd

Configure ntp Profil

[root@ntpserver] # vim / etc/ntp.confdriftfile / var/lib/ntp/driftrestrict default kod nomodify notrap nopeer noqueryrestrict-6 default kod nomodify notrap nopeer noqueryrestrict 127.0.0.1restrict-6:: allow synchronization time of other machines in the private network restrict 172.16.1.0 mask 255.255.255.0 nomodify notrap#server 0.centos.pool.ntp.org iburst#server 1.centos.pool.ntp.org iburst#server 2.centos.pool.ntp.org iburst#server 3. Upstream ntp server used by centos.pool.ntp.org iburst# definition The original annotation server time1.aliyun.comserver ntp1.aliyun.com# allows the upper time server to actively modify the local time restrict time1.aliyun.com nomodify notrap noqueryrestrict ntp1.aliyun.com nomodify notrap noquery# when the external time server is not available, use the local time as the time service server 127.127.1.0fudge 127.127.1.0 stratum 10includefile / etc/ntp/crypto/pwkeys / etc/ntp/keys

Restart the ntp service

Systemctl restart ntpd.service

= Note: if a scheduled task has synchronization time, it should be logged out. Otherwise, there will be conflict.

Check the status of the ntp server and the upper ntp

[root@ntpserver ~] # ntpq-premote refid st t when poll reach delay offset jitter====203.107.6.88 10.165.84.13 2 u 66 64 7 27.784 10.499 1.787 ntp 120.25.115.20 10.137.53.7 2 u 3 64 17 33.749 9.611 1.618LOCAL (0) .LOCL. 10 l 10 64 17 0.000 0.000 0.00parameters remote: the ip or hostname of the local and upper ntp, "+" indicates priority "*" indicates the second priority refid: refer to the upper layer ntp host address st:stratum hierarchy when: how many seconds ago have you synchronized the time poll: how many seconds after the next update reach: the number of updates requested from the upper ntp server delay: network delay offset: time compensation jitter: time difference between system time and bios client deployment

Install ntp and ntpdate

Yum install ntp ntpdate-y

Configure ntp service profile

[root@web01 ~] # cat / etc/ntp.conf.restrict 127.0.0.1restrict:: add this line Configure permissions restrict 172.16.1.0 mask 255.255.255.0 nomodify notrap# Hosts on local network are less restricted.#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap# Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).# comments or deletes the original server address Add the local server address server 172.16.1.61 prefer#broadcast 192.168.1.255 autokey # broadcast server#broadcastclient # broadcast client.

Manually synchronize the time (server host IP, here you need to shut down the NTP service first)

[root@ntpclient ~] # ntpdate 172.16.1.6125 Mar 14:38:04 ntpdate [2937]: step time server 172.16.1.51 offset 139055.717574 sec

Note: the client will have to wait a few minutes before synchronizing with the newly started ntp server, otherwise it will prompt the following error.

No server suitable for synchronization found

Here, you can set up scheduled tasks to synchronize time to the server, or you can start the ntp service to automatically synchronize time to the server.

Start ntp

Systemctl start ntpd.servicesystemctl enable ntpd.service

Observe time synchronization

[root@ntpcilent] # ntpq-premote refid st t when poll reach delay offset jitter====172.16.1.61 203.107.6.88 3u-64 1 2.485 400.150 0.000

View time synchronization results

[root@ntpcilent ~] # ntpstatunsynchronisedtime server re-startingpolling server every 8 s# synchronization failed. Synchronization also takes time. You need to wait 5-10 minutes to query [root@ntpcilent ~] # ntpstatsynchronised to NTP server (172.16.1.61) at stratum 3time correct to within 28 mspolling server every 64 s#OK! Time synchronization is complete. Is date time consistent with server host time? extension 1: system time and hardware time synchronization.

If the master-slave service time exceeds 1000 seconds, the synchronization will no longer be carried out. At this time, you need to synchronize manually, that is, / usr/sbin/ntpdate command, if you are afraid of the server.

Jet lag can change a lot. You can add scheduled tasks to Linux, for example:

10 5 * root / usr/sbin/ntpdate 192.168.31.223 & & / sbin/hwclock-w

Ntp service, which only synchronizes system time by default. If you want ntp to synchronize hardware time at the same time, you can set the / etc/sysconfifig/ntpd file

In the / etc/sysconfifig/ntpd file, add SYNC_HWCLOCK=yes so that the hardware time is synchronized with the system time.

Hwclock-r reads the time parameter of BIOS hwclock-w writes the current system time into BIOS extension 2: time synchronization between different machines

In order to avoid the time deviation caused by the long-term operation of the host time, it is very necessary to carry out time synchronization (synchronize).

Synchronize the time, either using the ntpdate command or using the ntp service.

Method 1: it is relatively simple to use ntpdate. The format is as follows: [root@client ~] # ntpdate 172.16.1.623 May 19:50:44 ntpdate [7507]: step time server 172.16.1.61 offset 1.239826 sec

However, such synchronization is only mandatory to set the system time to the ntp server time. It's just a temporary cure, not a permanent cure. Therefore, generally cooperate with the cron command to enter

Line periodically synchronizes settings. For example, add the following to crontab:

[root@client ~] # crontab-e010 * / usr/sbin/ntpdate 172.16.1.61 method 2: use ntp service for synchronization

It is important to note that ntpd has a self-protection setting: if the time difference between the local machine and the source is too large, ntpd will not run. So the newly set time server one

Ntpdate must first get the initial value of time from the upper source. Then start the ntpd service.

The difference between ntp.ntpdate the following is the online information about the difference between ntpd and ntpdate. As shown below: before you use it, you need to figure out what is the difference between ntpd and ntpdate in update time. Ntpd is not only a time synchronization server, it can also be used as a client to synchronize time with a standard time server, and it is smooth synchronization, not ntpdate immediate synchronization. Ntpdate is used cautiously in a production environment, and both cannot be run at the same time. The jump of the clock can cause serious problems for some programs. Many applications rely on continuous clocks-after all, it is a common assumption that the time obtained is linear, and that some operations, such as database transactions, usually rely on the fact that time does not jump back. Unfortunately, the way ntpdate adjusts time is what we call a "jump": after getting a time, ntpdate uses settimeofday (2) to set the system time, which has several obvious problems: first, it is not safe to do so. The setting of ntpdate depends on the security of the ntp server, and attackers can take advantage of some software design flaws to take down the ntp server and make the servers synchronized with it perform certain consumptive tasks. Because ntpdate uses a jump approach, the server that follows it has no way of knowing if an exception has occurred (when the time is different, the only way is to check the service). Second, this is not accurate. Once the ntp server goes down, the servers that follow it will not be able to synchronize time. In contrast, ntpd can calibrate not only the computer's time, but also the computer's clock. Third, it is not elegant enough. As a result of jumping, rather than make time faster or slower, procedures that rely on timing will make mistakes thank you for reading, the above is the "ntp time server installation and deployment" of the content, after the study of this article, I believe that you have a deeper understanding of the ntp time server installation and deployment of this problem, the specific use of the need for you to practice verification. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.