Shulou(Shulou.com)06/03 Report--

What the editor shares today is a detailed introduction to the NTP time server. Maybe you are no stranger to the NTP time server, or you have never known the NTP time server. But don't worry, today the editor will explain the principle of NTP time server with the simplest description.

Linux NTP server configuration

NTP server [Network Time Protocol (NTP)] is a protocol used to synchronize computer time. It enables computers to synchronize their servers or clock sources (such as quartz clock, GPS, etc.). It can provide high-precision time correction (the difference between LAN and standard is less than 1 millisecond, tens of milliseconds on WAN), and can prevent malicious protocols by means of encryption confirmation.

Time propagates according to the level of the NTP server. All servers are grouped into different Stratum (tiers) according to the distance from the external UTC source. NTP provides accurate time, first of all, there must be an accurate source of time, this time should be the international standard time UTC. The time sources for NTP to obtain UTC can be from atomic clocks, observatories, satellites, or from Internet. In this way, there is an accurate and reliable source of time. Time propagates according to the level of the NTP server. All servers are grouped into different Stratum (tiers) according to their distance from the external UTC source. Stratum-1 is at the top level and has external UTC access, while Stratum-2 gets time from Stratum-1, Stratum-3 gets time from Stratum-2, and so on, but the total number of Stratum layers is limited to 15. All these servers logically form a ladder architecture to connect to each other, and Stratum-1 's time server is the foundation of the whole system. (Baidu encyclopedia)

NTP is generally installed by default on Linux hosts. Use the yum install ntp command if it is not installed.

Configuration file

# allow all local operations restrict 127.0.0.1 restrict-6:: "allowed LAN segment restrict 10.0.0.0 mask 255.0.0.0 nomodify motraprestrict 192.168.0.0 mask 255.255.0.0 nomodify motrap# use the upper internet ntp server server 210.72.145.44 prefer # an internal clock source default by server 0.cn.pool.ntp.org# of the National time receiving Center of China When there is no external NTP server, use it to provide services for LAN users server 127.127.1.0 # local clock# set the local clock source level to 1, so that if the NTPD service acquires time from the local clock source, NTPD declares a time level of 2. Fudge 127.127.1.0 stratum calculation of the frequency error between this ntpserver and the upper ntpserver driftfile / var/lib/ntp/drift preset time difference analysis files and temporarily unused keys, etc., do not need to change it: # Key file containing the keys and key identifiers used when operating# with symmetric key cryptography. Keys / etc/ntp/keys# log file logfile / var/log/ntp.log

= = restrict option format =

Restrict [client IP] mask [IP mask] [parameters]

"client IP" and "IP mask" specify which range of computers in the network to control. If the default keyword is used, all computers are controlled. The parameters specify specific restrictions. Common parameters are as follows:

◆ ignore: refuse to connect to the NTP server

◆ nomodiy: the client cannot change the time parameter of the server, but the client can calibrate the time on the network through the server.

◆ noquery: no client time query is provided

◆ notrap: does not provide trap remote login function, trap service is a remote time logging service.

◆ notrust: unless the client is authenticated, the client source is considered an untrusted subnet.

◆ nopeer: provides time services, but not as peers.

◆ kod: sends Kiss-Of-Death messages to insecure visitors.

= = server option format =

Server host [key n] [version n] [prefer] [mode n] [minpoll n] [maxpoll n] [iburst]

Where host is the IP address or domain name of the upper-layer NTP server, and the following parameters are explained as follows:

◆ key: indicates that all messages sent to the server contain authentication information encrypted by the secret key. N is a 32-bit integer indicating the key number.

◆ version: indicates the version number used for messages sent to the upper server. N defaults to 3, which can be 1 or 2.

◆ prefer: if you have more than one server option, the server with this parameter is limited.

◆ mode: specifies the value of the Datagram mode field.

◆ minpoll: specifies that the minimum time interval between querying the server and the server is 2 to the power of n, n defaults to 6, and the range is 4-14.

◆ maxpoll: specifies that the maximum time interval between querying the server and the server is 2 to the power of n, n defaults to 10, and the range is 4-14.

◆ iburst: when the initial synchronization request is made, the burst mode is used to send 8 messages in succession with an interval of 2 seconds.

View the gateway method

[command 1] route-n

[command 2] ip route show

[command 3] netstat-r

Check to see if the ntp server is connected to the upper ntp

[command] ntpstat

Check the status of the ntp server and the upper ntp

[command] ntpq-p

Windows client configuration method 1: registry method

Registry key: HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ W32Time\ TimeProviders\ NtpClient

As shown in the figure:

Step 1: create a "SpecialPollInterval" with a value of 300

[this key value means the interval of time synchronization, in seconds]

The Windows system only synchronizes time once a week by default, and the frequency is too low. It can be changed from 604800 to 86400 seconds or less. [seven days is 7243600 604800 seconds, and one day is 24243600 = 86400 seconds]

Step 2: create a DWORD value named "SpecialInterval" with a value of 1

Step 3: restart the Windows Times service

Method 2: plan tasks

In a Windows system, there is a w32tm.exe that synchronizes time through one parameter of the program: w32tm / resync

As shown in the figure:

We can create a new scheduled task and execute it once a day.

Test whether the time synchronization is effective:

NTP server address and IP commonly used in China

210.72.145.44 (server IP address of National time Service Center)

Ntp.sjtu.edu.cn 202.120.2.101 (NTP server address of Shanghai Jiaotong University Network Center)

S1a.time.edu.cn Beijing University of posts and Telecommunications

S1b.time.edu.cn Tsinghua University

S1c.time.edu.cn Peking University

S1d.time.edu.cn Southeast University

S1e.time.edu.cn Tsinghua University

S2a.time.edu.cn Tsinghua University

S2b.time.edu.cn Tsinghua University

S2c.time.edu.cn Beijing University of posts and Telecommunications

S2d.time.edu.cn Southwest Regional Network Center

S2e.time.edu.cn Northwest Regional Network Center

S2f.time.edu.cn Northeast Regional Network Center

S2g.time.edu.cn Southeast China Network Center

S2h.time.edu.cn Network Management Center of Sichuan University

S2j.time.edu.cn Network Center of Dalian University of Technology

S2k.time.edu.cn CERNET Guilin Master Node

S2m.time.edu.cn Peking University

What is a NTP time server? I believe you can see here that we have a certain understanding of the concept, characteristics and working principle of the server. If you think this article is helpful to you, you might as well share it for more people to see.

As a senior professional cloud computing service provider and cloud security service provider in the industry, it is committed to providing cloud host rental services such as "cloud servers, bare metal servers, high defense servers, Hong Kong servers, American servers" and comprehensive solutions on cloud for the vast number of Internet enterprise users and enterprise users in traditional industries. It has the characteristics and advantages of "security and stability, easy to use, high service availability, high performance-to-price ratio". It is specially customized for enterprises on the cloud, and can meet the needs of rich and diversified application scenarios.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.