Home > Article > Operation and Maintenance > How to configure NTP?
How to configure NTP?
- PHP中文网Original
- 2017-06-20 13:17:331808browse
In the linux system, in order to avoid the time deviation of the host time caused by long-term operation, time synchronization is performed (synchronize) work is very necessary. linux Under the system, the ntp service is generally used to synchronize the time of different machines. NTP is the abbreviation of Network Time Protocol (Network Time Protocol), which synchronizes time between computers through network protocols.
InstallNTPPackage
Check whether it is installedntpRelated packages. If you install ntp related packages, use rpm or yum to install, it is very simple .
[root@localhost ~]# rpm -qa |grep ntp
fontpackages-filesystem-1.41-1.1.el6.noarch
ntpdate-4.2.6p5 -10.el6.centos.2.i686
ntp-4.2.6p5-10.el6.centos.2.i686
NTP Configuration
A.Configuration/etc/ntp.conf
The main configuration file of NTP server It is /etc/ntp.conf, the unmodified ntp. confThe file is the same as the following:
[root@localhost ~]# more /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool ().
server 0.rhel.pool.ntp.org iburst
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey #manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc /ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys / etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
# statistics clockstats cryptostats loopstats peerstats
1) Set NTP host source (prefer means priority Host), 192.168.66.131 is the local NTP server, so the priority is to specify the synchronization time from this host
server 192.168.66.131 prefer
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2 .centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
2) Limit the type of access you allow to these servers, in this example The server in is not allowed to modify the runtime configuration or query your linux ntpserver
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
The above mask address is expanded to 255, so servers from 192.168.1.1-192.168.1.254 can use us NTP Server to synchronize time
#Set the default policy to allow any host to synchronize time
restrict default ignore
3)Make surelocalhost has sufficient permissions and use the syntax without any restriction keywords
restrict 127.0.0.1
restrict -6 ::1
B.Configuration/etc/ntp/step-tickers File
Modify the /etc/ntp/step-tickers file with the following content (when ntp When the service starts, it will automatically check the time with the upper-level NTP service recorded in the file)
[root@localhost ~]# more /etc /ntp/step-tickers
# List of servers used for initial synchronization.
server 192.168.66.131 prefer
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
The above is passed viModification
C.Configuration/etc /sysconfig/ntpdFile
ntp service, the default smart synchronization system time. If you want ntp to synchronize hardware time at the same time, you can set the /etc/sysconfig/ntpd file in / Add SYNC_HWCLOCK=yes to the etc/sysconfig/ntpd file so that the hardware time can be synchronized with the system time.
##IPTABLESConfiguration
Due tontpThe service needs to use UDPThe port number is 123, so when the system firewall (iptables) must be opened when UDPport number123
StartNTPService
##service ntpd statusservice ntpd startnetstat -lntup|grep ntpThe above is the detailed content of How to configure NTP?. For more information, please follow other related articles on the PHP Chinese website!