1) Installiamo ntp:
[root@ns ~]# yum -y install ntp
[root@ns ~]# mv /etc/ntp.conf /etc/ntp.conf.bk
[root@ns ~]# vim /etc/ntp.conf
Vedere la fine dell'articolo per vedere come settare correttamente i vari parametri.
2) Finito ciò bisogna sincronizzare l'ora del sistema:
[root@ns ~]# ntpdate -b pool.ntp.org
3) Per vedere se i client sono sincronizzati correttamente si usa il comando ntpq
- L'opzione -p si usa per vedere tutti i client.
- L'opzione -4 permette di risolvere il nome del client nell'IP
4) ntpq -4 -p localhost
4) ntpq -4 -p localhost
5) Va aperta la porta del firewall locale per il protocollo NTP TCP/UDP 123 con il comando:
[root@ns ~]# system-config-securitylevel-tui
e la sintassi 123:tcp 123:udp
6) [root@ns ~]# /etc/init.d/ntpd start
[root@ns ~]# chkconfig ntpd on
[root@ns ~]# ntpq -p
[root@ns ~]# chkconfig --level 2345 ntpd on
[root@ns ~]# /etc/init.d/ntpd restart
[root@ns ~]# chkconfig --level 2345 ntpd on
[root@ns ~]# /etc/init.d/ntpd restart
7) Per settare il sntp in windows xp/2000
C:\net time /querysntp
This computer is not currently configured to use a specific SNTP server.
To configure the client to use the time server time.windows.com, use the following command:
C:\net time /setsntp:192.168.91.128
It may be necessary to restart the w32time service. To do this from the command line, use the following two commands:
net stop w32time
net start w32time
These settings will persist after the system reboots.
8) di seguito un esempio del file ntp.conf
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
restrict 192.168.91.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org
#broadcast 192.168.91.255 key 42 # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 key 42 # multicast server
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
restrict 192.168.91.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org
#broadcast 192.168.91.255 key 42 # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 key 42 # multicast server
#broadcast 224.0.1.1 key 42 # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 key 42 # manycast client
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 key 42 # manycast client
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
#controlkey 8
