Home  >  Article  >  Operation and Maintenance  >  How to configure NTP?

How to configure NTP?

PHP中文网
PHP中文网Original
2017-06-20 13:17:331842browse

In the linux system, in order to avoid the time deviation of the host time caused by long-term operation, time synchronization is performed (synchronize) work is very necessary. linux Under the system, the ntp service is generally used to synchronize the time of different machines. NTP is the abbreviation of Network Time Protocol (Network Time Protocol), which synchronizes time between computers through network protocols.

InstallNTPPackage

Check whether it is installedntpRelated packages. If you install ntp related packages, use rpm or yum to install, it is very simple .

[root@localhost ~]# rpm -qa |grep ntp

fontpackages-filesystem-1.41-1.1.el6.noarch

ntpdate-4.2.6p5 -10.el6.centos.2.i686

ntp-4.2.6p5-10.el6.centos.2.i686

NTP Configuration

A.Configuration/etc/ntp.conf

The main configuration file of NTP server It is /etc/ntp.conf, the unmodified ntp. confThe file is the same as the following:

[root@localhost ~]# more /etc/ntp.conf

# For more information about this file, see the man pages

# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not

# permit the source to query or modify the service on this system.

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could

# be tightened as well, but to do so would effect some of

# the administrative functions.

restrict 127.0.0.1

restrict -6 ::1

# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool ().

server 0.rhel.pool.ntp.org iburst

server 1.rhel.pool.ntp.org iburst

server 2.rhel.pool.ntp.org iburst

server 3.rhel.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey # broadcast server

#broadcastclient # broadcast client

#broadcast 224.0.1.1 autokey   #manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.

#crypto

includefile /etc /ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating

# with symmetric key cryptography.

keys / etc/ntp/keys

# Specify the key identifiers which are trusted.

#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.

#requestkey 8

# Specify the key identifier to use with the ntpq utility.

#controlkey 8

# Enable writing of statistics records.

# statistics clockstats cryptostats loopstats peerstats

1) Set NTP host source (prefer means priority Host), 192.168.66.131 is the local NTP server, so the priority is to specify the synchronization time from this host

server 192.168.66.131 prefer

server 0.centos.pool.ntp.org iburst

server 1.centos.pool.ntp.org iburst

server 2 .centos.pool.ntp.org iburst

server 3.centos.pool.ntp.org iburst

2) Limit the type of access you allow to these servers, in this example The server in is not allowed to modify the runtime configuration or query your linux ntpserver

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

The above mask address is expanded to 255, so servers from 192.168.1.1-192.168.1.254 can use us NTP Server to synchronize time

#Set the default policy to allow any host to synchronize time

restrict default ignore

3)Make surelocalhost has sufficient permissions and use the syntax without any restriction keywords

restrict 127.0.0.1

restrict -6 ::1

B.Configuration/etc/ntp/step-tickers File

Modify the /etc/ntp/step-tickers file with the following content (when ntp When the service starts, it will automatically check the time with the upper-level NTP service recorded in the file)

[root@localhost ~]# more /etc /ntp/step-tickers

# List of servers used for initial synchronization.

server 192.168.66.131 prefer

server 0.centos.pool.ntp.org iburst

server 1.centos.pool.ntp.org iburst

server 2.centos.pool.ntp.org iburst

server 3.centos.pool.ntp.org iburst

The above is passed viModification

C.Configuration/etc /sysconfig/ntpdFile

ntp service, the default smart synchronization system time. If you want ntp to synchronize hardware time at the same time, you can set the /etc/sysconfig/ntpd file in / Add SYNC_HWCLOCK=yes to the etc/sysconfig/ntpd file so that the hardware time can be synchronized with the system time.

##IPTABLESConfiguration

Due tontpThe service needs to use UDPThe port number is 123, so when the system firewall (iptables) must be opened when UDPport number123

StartNTPService

##service ntpd status

service ntpd start

netstat -lntup|grep ntp


The above is the detailed content of How to configure NTP?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Linux boot stepsNext article:Linux boot steps