Wednesday, October 1, 2014

How to Install and Configure NTP Server and Client in RHEL/CentOS6?

NTP Server

1) Install NTP package using yum

yum -y install ntp

2) Setup Restrict Values

vim /etc/ntp.conf               # Add below given lines

# Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

  • noquery prevents dumping status data from ntpd.
  • notrap prevents control message trap service.
  • nomodify prevents all ntpq queries that attempts to modify the server.
  • nopeer prevents all packets that attempts to establish a peer association.
  • Kod – Kiss-o-death packet is to be sent to reduce unwanted queries
The value -6 in the second line allows forces the DNS resolution to the IPV6 address resolution. For more information on the access parameters list, Please refer to documentation on “man ntp_acc”The value -6 in the second line allows forces the DNS resolution to the IPV6 address resolution.

3) Allow network / IP range for synchronizing time from this server

restrict 10.0.0.0 mask 255.255.255.0 nomodify notrap
restrict 127.0.0.1

4) Add local clock as backup

In case NTP server disconnected from internet, NTP server will provide time from its local system clock

server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10

5) Specify log files

driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp.log

6) Finally start NTP server

service ntpd start

NTP Client

1) Modify /etc/ntp.conf configuration file, 

Sample entries, for internet servers :

server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst

iburst: After every poll, a burst of eight packets is sent instead of one. When the server is not responding, packets are sent 16s interval. When the server responds, packets are sent every 2s.

Edit your NTP.conf to reflect appropriate entries for your own NTP server.

server 10.0.0.1 prefer

prefer: If this option is specified that server is preferred over other servers.

2) Start NTP service

service ntpd start

3) Finally check NTP status

ntpq -p

4) Set date and time synchronized with desired server

ntpdate -u SERVER-NAME

5) Get the current status of  ntpd:

ntpdc -c sysinfo

system peer:          web10.hnshosting.com
system peer mode:     client
leap indicator:       00
stratum:              3
precision:            -24
root distance:        0.20857 s
root dispersion:      0.27481 s
reference ID:         [120.88.46.10]
reference time:       d7d65c1f.14c6b054  Wed, Oct  1 2014 16:25:27.081
system flags:         auth monitor ntp kernel stats
jitter:               0.014099 s
stability:            0.000 ppm
broadcastdelay:       0.000000 s
authdelay:            0.000000 s

1 comment: