Setup ntp server » Historie » Version 1
Jeremias Keihsler, 17.04.2024 10:12
1 | 1 | Jeremias Keihsler | h1. Install Procedure for ntp-server |
---|---|---|---|
2 | |||
3 | h2. Requirements |
||
4 | |||
5 | To install ntpd you will need the following: |
||
6 | * a installed and supported operating system (e.g. CentOS 9.x) |
||
7 | * root-access |
||
8 | * a fast internet connection |
||
9 | |||
10 | h2. Preliminary Note |
||
11 | |||
12 | This procedure is based on a documentation supplied by |
||
13 | * http://www.cyberciti.biz/faq/rhel-fedora-centos-configure-ntp-client-server/ |
||
14 | * http://http://www.gtkdb.de/index_7_576.html |
||
15 | * http://linuxwave.blogspot.com/2007/08/setting-up-your-own-ntp-server.html |
||
16 | |||
17 | h2. Install |
||
18 | |||
19 | Install ntp: |
||
20 | <pre><code class="bash"> |
||
21 | yum install ntpsec |
||
22 | </code></pre> |
||
23 | |||
24 | h2. Configure ntp Server |
||
25 | |||
26 | <pre><code class="bash"> |
||
27 | vim /etc/ntp.conf |
||
28 | </code></pre> |
||
29 | |||
30 | h3. Use external ntp-Server as reference |
||
31 | Basically the ntp.conf is ready configured, so there is nothing to change |
||
32 | |||
33 | If there is need to use additional or different ntp-server then add it to the @server@ section |
||
34 | |||
35 | <pre><code class="bash"> |
||
36 | server 10.13.109.241 iburst |
||
37 | </code></pre> |
||
38 | |||
39 | h3. Use internal clock as reference |
||
40 | |||
41 | This is only necessary if there is no reliable time-source or ntp-server available at all |
||
42 | <pre><code class="bash"> |
||
43 | server 127.127.1.0 # local clock |
||
44 | fudge 127.127.1.0 stratum 4 # set stratum to any value from 0 to 16, the higher the safer, defaults to 10, 4 is working with WinXP and Win7 |
||
45 | </code></pre> |
||
46 | |||
47 | h3. restrict access from outside |
||
48 | |||
49 | <pre><code class="bash"> |
||
50 | restrict default nomodify noquery |
||
51 | # enable all access for localhost |
||
52 | restrict 127.0.0.1 |
||
53 | restrict ::1 |
||
54 | # enable access from subnet |
||
55 | restrict 10.13.109.1/24 nomodify |
||
56 | restrict 10.13.108.0/24 |
||
57 | </code></pre> |
||
58 | |||
59 | |||
60 | h2. Start ntp Server |
||
61 | |||
62 | manually start ntp Server: |
||
63 | <pre><code class="bash"> |
||
64 | systemctl start ntpd |
||
65 | </code></pre> |
||
66 | |||
67 | automatically start the service at boot time: |
||
68 | <pre><code class="bash"> |
||
69 | systemctl enable ntpd |
||
70 | </code></pre> |
||
71 | |||
72 | you can check by |
||
73 | <pre><code class="bash"> |
||
74 | systemctl is-enabled ntpd |
||
75 | </code></pre> |
||
76 | |||
77 | h2. configure firewall |
||
78 | |||
79 | When you are not running the CentOS Firewall yet, then start it: |
||
80 | |||
81 | <pre><code class="shell"> |
||
82 | systemctl enable firewalld |
||
83 | systemctl start firewalld |
||
84 | </code></pre> |
||
85 | |||
86 | add chronyd to the firewall if you are going to serve ntp |
||
87 | |||
88 | <pre><code class="shell"> |
||
89 | firewall-cmd --add-service=ntp --permanent |
||
90 | firewall-cmd --reload |
||
91 | </code></pre> |
||
92 | |||
93 | h2. Usage |
||
94 | |||
95 | try to connect via windows machine and enter as a internet-time-source the ip-adress of the new ntp-server. (e.g. 192.168.2.53) |
||
96 | |||
97 | try to connect via linux machine and use to sync time: |
||
98 | <pre><code class="bash"> |
||
99 | ntpdate 192.168.2.53 |
||
100 | </code></pre> |