Network Time Protocol
From Christoph's Personal Wiki
Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.
Install and configure ntpd on CentOS
- Install the necessary packages:
$ yum install ntp ntpdate ntp-doc
- Turn on the
ntpdservice persistently:
$ chkconfig ntpd on
- Synchronize the system clock with
0.pool.ntp.orgserver:
$ ntpdate pool.ntp.org
- Start the NTP server. The following will continuously adjusts system time from upstream NTP server (i.e., o need to run
ntpdate):
$ /etc/init.d/ntpd start $ #~OR~ $ service ntpd start
- Locate your geographically closest server pools from http://www.pool.ntp.org/en/
$ for i in africa asia europe north-america south-america; do \ curl -s http://www.pool.ntp.org/zone/$i|sed -n -e '/<pre>/,/<\/pre>/p'|sed -e 's/<[^>]*>//g'; done server 0.africa.pool.ntp.org server 1.africa.pool.ntp.org server 2.africa.pool.ntp.org server 3.africa.pool.ntp.org server 0.asia.pool.ntp.org server 1.asia.pool.ntp.org server 2.asia.pool.ntp.org server 3.asia.pool.ntp.org server 0.europe.pool.ntp.org server 1.europe.pool.ntp.org server 2.europe.pool.ntp.org server 3.europe.pool.ntp.org server 0.north-america.pool.ntp.org server 1.north-america.pool.ntp.org server 2.north-america.pool.ntp.org server 3.north-america.pool.ntp.org server 0.south-america.pool.ntp.org server 1.south-america.pool.ntp.org server 2.south-america.pool.ntp.org server 3.south-america.pool.ntp.org
- Since I am in North America, I will add the lines above for North America to the following two files:
$ cat >> /etc/ntp.conf <<EOF server 0.north-america.pool.ntp.org server 1.north-america.pool.ntp.org server 2.north-america.pool.ntp.org server 3.north-america.pool.ntp.org EOF $ cat >> /etc/ntp/step-tickers <<EOF 0.north-america.pool.ntp.org 1.north-america.pool.ntp.org 2.north-america.pool.ntp.org 3.north-america.pool.ntp.org EOF
- Finally, restart the NTP daemon:
$ service ntpd restart
- You can also list out your server pools and get details with the following:
$ ntpdc -l $ ntpdc -p
- Use
tcpdumpto watch the NTP traffic:
$ tcpdump dst port 123
- Add iptables rules (note: NTP uses UDP port 123 to conduct its business, either connecting out to another NTP server or accepting incoming connections. If you have iptables filtering incoming traffic on the main NTP server in your cluster, then you will need to open port 123 to UDP traffic to allow the other servers to connect to it. You can open port 123 for UDP traffic with the following iptables arguments):
-I INPUT -p udp --dport 123 -j ACCEPT -I OUTPUT -p udp --sport 123 -j ACCEPT
