DokuWiki » Infrastructure » Operating System » CentOS 9

h1. Install Procedure for ntp-server

h2. Requirements

To install ntpd you will need the following:

* a installed and supported operating system (e.g. CentOS 9.x)

* root-access

* a fast internet connection

h2. Preliminary Note

This procedure is based on a documentation supplied by 

* http://www.cyberciti.biz/faq/rhel-fedora-centos-configure-ntp-client-server/

* http://http://www.gtkdb.de/index_7_576.html

* http://linuxwave.blogspot.com/2007/08/setting-up-your-own-ntp-server.html

h2. Install 

Install ntp:

<pre><code class="bash">

yum install ntpsec

</code></pre>

h2. Configure ntp Server 

<pre><code class="bash">

vim /etc/ntp.conf

</code></pre>

h3. Use external ntp-Server as reference

Basically the ntp.conf is ready configured, so there is nothing to change

If there is need to use additional or different ntp-server then add it to the @server@ section

<pre><code class="bash">

server 10.13.109.241 iburst

</code></pre>

h3. Use internal clock as reference

This is only necessary if there is no reliable time-source or ntp-server available at all

<pre><code class="bash">

server 127.127.1.0     # local clock

fudge  127.127.1.0 stratum 4          # set stratum to any value from 0 to 16, the higher the safer, defaults to 10, 4 is working with WinXP and Win7

</code></pre>

h3. restrict access from outside

<pre><code class="bash">

restrict default nomodify noquery

# enable all access for localhost

restrict 127.0.0.1

restrict ::1

# enable access from subnet

restrict 10.13.109.1/24 nomodify

restrict 10.13.108.0/24

</code></pre>

h2. Start ntp Server

manually start ntp Server:

<pre><code class="bash">

systemctl start ntpd

</code></pre>

automatically start the service at boot time:

<pre><code class="bash">

systemctl enable ntpd

</code></pre>

you can check by

<pre><code class="bash">

systemctl is-enabled ntpd

</code></pre>

h2. configure firewall

When you are not running the CentOS Firewall yet, then start it:

<pre><code class="shell">

systemctl enable firewalld

systemctl start firewalld

</code></pre>

add chronyd to the firewall if you are going to serve ntp

<pre><code class="shell">

firewall-cmd --add-service=ntp --permanent

firewall-cmd --reload

</code></pre>

h2. Usage 

try to connect via windows machine and enter as a internet-time-source the ip-adress of the new ntp-server. (e.g. 192.168.2.53)

try to connect via linux machine and use to sync time:

<pre><code class="shell">

ntpdate 192.168.2.53

</code></pre>

<pre><code class="shell">

ntpq -p

</code></pre>

h2. troubleshooting

h3. check telegrams on port 123

<pre><code class="shell">

tcpdump port 123

</code></pre>

h3. check telegrams of a specific server/client

<pre><code class="shell">

tcpdump host 10.13.108.175

</code></pre>