Linux - Network Time Protocol su Centos

1) Installiamo ntp:

[root@ns ~]# yum -y install ntp

[root@ns ~]# mv /etc/ntp.conf /etc/ntp.conf.bk

[root@ns ~]# vim /etc/ntp.conf


Vedere la fine dell'articolo per vedere come settare correttamente i vari parametri.


2) Finito ciò bisogna sincronizzare l'ora del sistema:


[root@ns ~]#  ntpdate -b pool.ntp.org

3) Per vedere se i client sono sincronizzati correttamente si usa il comando ntpq
 
- L'opzione -p si usa per vedere tutti i client.
- L'opzione -4 permette di risolvere il nome del client nell'IP





4) ntpq -4 -p localhost

5) Va aperta la porta del firewall locale per il protocollo NTP TCP/UDP 123 con il comando:


[root@ns ~]# system-config-securitylevel-tui

e la sintassi 123:tcp 123:udp

6) [root@ns ~]# /etc/init.d/ntpd start

[root@ns ~]# chkconfig ntpd on

[root@ns ~]# ntpq -p

[root@ns ~]# chkconfig --level 2345 ntpd on
 
[root@ns ~]# /etc/init.d/ntpd restart

7) Per settare il sntp in windows xp/2000

C:\net time /querysntp
 
This computer is not currently configured to use a specific SNTP server.

To configure the client to use the time server time.windows.com, use the following command:

C:\net time /setsntp:192.168.91.128

It may be necessary to restart the w32time service. To do this from the command line, use the following two commands:

net stop w32time

net start w32time

These settings will persist after the system reboots.

8) di seguito un esempio del file ntp.conf

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# Hosts on local network are less restricted.
restrict 192.168.91.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org

#broadcast 192.168.91.255 key 42         # broadcast server
#broadcastclient                 # broadcast client
#broadcast 224.0.1.1 key 42             # multicast server
#broadcast 224.0.1.1 key 42             # multicast server
#multicastclient 224.0.1.1              # multicast client
#manycastserver 239.255.254.254         # manycast server
#manycastclient 239.255.254.254 key 42  # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server  127.127.1.0     # local clock
fudge   127.127.1.0 stratum 10

# Drift file.  Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpq utility.
#controlkey 8


 

720check