CentOS NTP server installation and configuration

Introduction to NTP:
NTP (Network Time Protocol) is a protocol used to synchronize computer time. It can synchronize a computer to its server or clock source, and it can provide high-precision time correction. This example explains how to configure the NTP server and NTP client on CentOS6.3, so that the time of multiple clients can be consistent with the time of the specified NTP server. So as to ensure the time synchronization of multiple servers.

Server environment
Operating system: CentOS 6.5 x86_x64
Server ip: 192.168.17.253

One, install NTP server

yum install ntp

Two, configure NTP
NTP configuration file path: /etc/ntp.conf

# For more information about this file, see the man pages
# ntp.conf(5),ntp_acc(5),ntp_auth(5),ntp_clock(5),ntp_misc(5),ntp_mon(5).
 
driftfile /var/lib/ntp/drift
 
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6default kod nomodify notrap nopeer noquery
restrict 210.72.145.44
 
# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.//Limit which hosts can synchronize time from this NTP server
restrict 127.0.0.1 
restrict -6::1
 
# Hosts on local network are less restricted.
# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
 
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool(http://www.pool.ntp.org/join.html).//The address of the remote time server (the following NTP server address is recommended)
server 210.72.145.44 perfer   #China National Time Service Center
server ntp.sjtu.edu.cn        #NTP server of Shanghai Jiaotong University
server 202.112.10.36             # 1.cn.pool.ntp.org
server 59.124.196.83             # 0.asia.pool.ntp.org
 
# broadcast 192.168.1.255 autokey	# broadcast server
# broadcastclient			# broadcast client
# broadcast 224.0.1.1 autokey		# multicast server
# multicastclient 224.0.1.1		# multicast client
# manycastserver 239.255.254.254		# manycast server
# manycastclient 239.255.254.254 autokey # manycast client
 
# Enable public key cryptography.
# crypto
 
includefile /etc/ntp/crypto/pw
 
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography. 
keys /etc/ntp/keys
 
# Specify the key identifiers which are trusted.
# trustedkey 4842
 
# Specify the key identifier to use with the ntpdc utility.
# requestkey 8
 
# Specify the key identifier to use with the ntpq utility.
# controlkey 8
 
# Enable writing of statistics records.
# statistics clockstats cryptostats loopstats peerstats

Three, firewall
The NTP service uses the UPD protocol by default and uses port 123. If you enable the firewall, you need to configure the firewall.

vim /etc/sysconfig/iptables

Open the firewall configuration file. Add the following configuration items:

# open port for NTP server
- A  INPUT -m state --state NEW -m udp -p udp --dport 123-j ACCEPT

Restart the firewall server:

service iptables restart

Four, test configuration
After the NTP service is started, it takes about 3 to 5 minutes to synchronize time. I waited about 10 minutes when I configured it. We can check the synchronization by command ntpstat.

Note: The NTP client can synchronize the time only after the NTP server is successfully synchronized. If you need to synchronize the time from the specified time server immediately, you can use the "ntpdate" command. When using the "ntpdate" command, you need to close the ntp service first:

 service ntpd stop

Then execute "ntpdate NTPSERVERIP" to complete the time synchronization immediately.
Five, related commands
ntpdate //Manually update the NTP server time
ntpq -p //Query the NTP server in the network, and display the relationship between the client and each server
watch ntpq -p //Monitor ntpq -p command

  1. Relevant literature
    NTP official website: http://ntp.org
    Bird brother NTP configuration: http://vbird.dic.ksu.edu.tw/linux_server/0440ntp_2.php

[ box style=”warning”]

Thanks to adamfei for reminding that port 123 is vulnerable to file upload attacks. Hope everyone pays attention!

[ /box]

Recommended Posts

CentOS NTP server installation and configuration
Centos mysql installation and configuration
Centos7 installation and configuration prometheus
CentOS 7 installation and configuration PPTP
CentOS installation and configuration cmake
Centos7.5 installation and configuration MongoDB4.0.4
CentOS 7 installation and configuration PPTP
Installation and configuration of rsync server under CentOS 6.5
Centos7 installation and configuration of Jenkins
Centos7 hadoop cluster installation and configuration
CentOS 7 Tomcat service installation and configuration
Centos7 mysql database installation and configuration
CentOS 7 system installation and configuration graphic tutorial
Tomcat installation and configuration under CentOS 7 (Tomcat startup)
Installation and configuration of redis under centos7
Centos7 hive stand-alone mode installation and configuration
DLNA/UPnP Server installation and configuration under Ubuntu 12.04
OpenMPI-Ubuntu installation and configuration
Mysql8.0.15 installation configuration (centos7)
CentOS 6.5 system installation and configuration graphic tutorial (detailed graphic)
CentOS 7 installation and configuration graphic tutorials under VMware10
Installation and configuration of CentOS 7 in VMware Workstation
MySQL 8.0 installation, deployment and configuration tutorial on CentOS 8
centos7 kvm installation and use
CentOS7 postgresql installation and use
Ubuntu PostgreSQL installation and configuration
Centos7 elk7.1.1 installation and use
CentOS 8 install Git and basic configuration
Centos6.5 installation and deployment of KVM
Detailed explanation of Spark installation and configuration tutorial under centOS7
CentOS7 installation and maintenance of Gitlab
CentOS configuration git server in VirtualBox
Centos 7 RAID 5 detailed explanation and configuration
CentOS7 install and use SQL Server
Ubuntu 19.1 installation and configuration Chinese environment
Configuration and beautification after Ubuntu installation (1)
2019-07-09 CentOS7 installation
centos7_1708 installation
Nginx installation and configuration load (ubuntu12.04)
CentOs7 installation and deployment Zabbix3.4 original
Erlang 20.2 installation and deployment under CentOS 7
Ubuntu configuration source and installation software
Installation and use of Mysql under CentOS
Centos-6.5 installation and deployment of LNMP environment
Linux kernel compilation and CentOS system installation
Centos7.6 operating system installation and optimization record
Ubuntu18.04 Server version installation and use (graphic)
Centos python3 compile installation and compile gcc upgrade
Zabbix installation and deployment and localization under CentOS
CentOS7 installation zabbix 4.0 tutorial (graphics and text)
Jenkins installation and deployment tutorial under CentOS 7
KVM installation and preliminary use under CentOS 7.2
Centos7 installation and deployment of Airflow detailed
Centos7 configuration host name and IP address
Centos5 installation guide
CentOS7.0 network configuration
CentOS 7.0 network configuration
Python - centos6 installation
CentOS7 basic configuration
Docker installation (CentOS7 installation)
CentOS7 docker installation