Setup ntp server » Historie » Version 2
Jeremias Keihsler, 17.04.2024 10:13
| 1 | 1 | Jeremias Keihsler | h1. Install Procedure for ntp-server |
|---|---|---|---|
| 2 | |||
| 3 | h2. Requirements |
||
| 4 | |||
| 5 | To install ntpd you will need the following: |
||
| 6 | * a installed and supported operating system (e.g. CentOS 9.x) |
||
| 7 | * root-access |
||
| 8 | * a fast internet connection |
||
| 9 | |||
| 10 | h2. Preliminary Note |
||
| 11 | |||
| 12 | This procedure is based on a documentation supplied by |
||
| 13 | * http://www.cyberciti.biz/faq/rhel-fedora-centos-configure-ntp-client-server/ |
||
| 14 | * http://http://www.gtkdb.de/index_7_576.html |
||
| 15 | * http://linuxwave.blogspot.com/2007/08/setting-up-your-own-ntp-server.html |
||
| 16 | |||
| 17 | h2. Install |
||
| 18 | |||
| 19 | Install ntp: |
||
| 20 | <pre><code class="bash"> |
||
| 21 | yum install ntpsec |
||
| 22 | </code></pre> |
||
| 23 | |||
| 24 | h2. Configure ntp Server |
||
| 25 | |||
| 26 | <pre><code class="bash"> |
||
| 27 | vim /etc/ntp.conf |
||
| 28 | </code></pre> |
||
| 29 | |||
| 30 | h3. Use external ntp-Server as reference |
||
| 31 | Basically the ntp.conf is ready configured, so there is nothing to change |
||
| 32 | |||
| 33 | If there is need to use additional or different ntp-server then add it to the @server@ section |
||
| 34 | |||
| 35 | <pre><code class="bash"> |
||
| 36 | server 10.13.109.241 iburst |
||
| 37 | </code></pre> |
||
| 38 | |||
| 39 | h3. Use internal clock as reference |
||
| 40 | |||
| 41 | This is only necessary if there is no reliable time-source or ntp-server available at all |
||
| 42 | <pre><code class="bash"> |
||
| 43 | server 127.127.1.0 # local clock |
||
| 44 | fudge 127.127.1.0 stratum 4 # set stratum to any value from 0 to 16, the higher the safer, defaults to 10, 4 is working with WinXP and Win7 |
||
| 45 | </code></pre> |
||
| 46 | |||
| 47 | h3. restrict access from outside |
||
| 48 | |||
| 49 | <pre><code class="bash"> |
||
| 50 | restrict default nomodify noquery |
||
| 51 | # enable all access for localhost |
||
| 52 | restrict 127.0.0.1 |
||
| 53 | restrict ::1 |
||
| 54 | # enable access from subnet |
||
| 55 | restrict 10.13.109.1/24 nomodify |
||
| 56 | restrict 10.13.108.0/24 |
||
| 57 | </code></pre> |
||
| 58 | |||
| 59 | |||
| 60 | h2. Start ntp Server |
||
| 61 | |||
| 62 | manually start ntp Server: |
||
| 63 | <pre><code class="bash"> |
||
| 64 | systemctl start ntpd |
||
| 65 | </code></pre> |
||
| 66 | |||
| 67 | automatically start the service at boot time: |
||
| 68 | <pre><code class="bash"> |
||
| 69 | systemctl enable ntpd |
||
| 70 | </code></pre> |
||
| 71 | |||
| 72 | you can check by |
||
| 73 | <pre><code class="bash"> |
||
| 74 | systemctl is-enabled ntpd |
||
| 75 | </code></pre> |
||
| 76 | |||
| 77 | h2. configure firewall |
||
| 78 | |||
| 79 | When you are not running the CentOS Firewall yet, then start it: |
||
| 80 | |||
| 81 | <pre><code class="shell"> |
||
| 82 | systemctl enable firewalld |
||
| 83 | systemctl start firewalld |
||
| 84 | </code></pre> |
||
| 85 | |||
| 86 | add chronyd to the firewall if you are going to serve ntp |
||
| 87 | |||
| 88 | <pre><code class="shell"> |
||
| 89 | firewall-cmd --add-service=ntp --permanent |
||
| 90 | firewall-cmd --reload |
||
| 91 | </code></pre> |
||
| 92 | |||
| 93 | h2. Usage |
||
| 94 | |||
| 95 | try to connect via windows machine and enter as a internet-time-source the ip-adress of the new ntp-server. (e.g. 192.168.2.53) |
||
| 96 | |||
| 97 | try to connect via linux machine and use to sync time: |
||
| 98 | <pre><code class="bash"> |
||
| 99 | ntpdate 192.168.2.53 |
||
| 100 | </code></pre> |
||
| 101 | 2 | Jeremias Keihsler | |
| 102 | <pre><code class="bash"> |
||
| 103 | ntpq -p |
||
| 104 | </code></pre> |