Network Time Protocol Objectives to learn how to
Network Time Protocol • Objectives – to learn how to setup ntp • Contents – – – The NTP Server What is NTP? Download and Install The NTP Package The /etc/ntp. conf File How To Get NTP Started Determining If NTP Is Synchronized Properly
What is NTP? • Network Time Protocol – – – Used to keep clock’s syncronized within your nodes Important for logservers and logfiles Transaction servers Various applications, position system, mobilephones like GSM, transaction systems Time critical operations that needed to be syncronized • Stratum levels – Level 1 most accurate, directly connected to reference clock – Level 2 next accurate, connected to more than one Level 1 – Lower levels is connected to only one Level 1 or to Level 2 • DCF 77 receiver’s, LW radio carriers as reference – Available at very low price from various places • GSM time reference – Uses GPS satellites as timebase, all GPS satellites have atomic clocks • Atomic clock – Usally based on rugby or cesium Atomic Clock, based on atomic oscillations – Proposed 1943, first built 1949, practical 1955 • Important atomic clock servers that supports NTP http: //ntp. isc. org/bin/view/Servers/Web. Home http: //www. ntp. org/ http: //ntp. isc. org/bin/view/Servers/Stratum. One. Time. Servers
Download and Install The NTP tar-boll • Check if NTP is there, remove if it is there, keep yast # rpm -qa | grep -i ntp xntp-4. 2. 0 a-35 yast 2 -ntp-client-2. 11. 3 -3 # rpm –e xntp-4. 2. 0 a-35 • NTP comes from ISC Internet Systems Consortium – http: //ntp. isc. org/bin/view/Main/Software. Downloads • Download and unzip the tar ball # cd /usr/local/src # wget http: //www. eecis. udel. edu/~ntp/ntp_spool/ntp 4/snapshots/ntpdev/2006/01/ntp-dev-4. 2. 0 b-20060115. tar. gz # tar xvfz ntp-dev-4. 2. 0 b-20060115. tar. gz • Configure the source package # cd ntp-dev-4. 2. 0 b-20060115 ; . /configure • Make the source package and install # make && make test && make install
Download and Install The NTP rpm Package • Check if NTP is there, if not then download it # rpm -qa | grep -i ntp xntp-4. 2. 0 a-35 yast 2 -ntp-client-2. 11. 3 -3 # cd /usr/local/src # wget http: //ftp. sunet. se/pub/os/Linux/distributions/suse/i 386/9. 3/suse/i 586/xntp* • Install NTP after it is downloaded # rpm –ivh xntp-4. 2. 0 a-35. i 586. rpm • NTP is Su. SE standard, however it is not preconfigured and started. # insserv xntpd # rcxntpd start • First time insserv and rcxntpd will open iptables firewall as well, ntp used port 123 UDP
The /etc/ntp. conf File • First we specify the sample servers we're interested in: – Servers are used in order, average time can be calculated server ntp 1. gbg. netnod. se # A stratum 1 server gps. dix. dk # A stratum 2 server clock. isc. org # unknown strata • Then we restrict the type of access you allow these servers • restrict ntp 1. gbg. netnod. se mask 255 nomodify notrap noquery restrict gps. dix. dk mask 255 nomodify notrap noquery restrict clock. isc. org mask 255 nomodify notrap noquery Declare the networks this NTP server should serve restrict 192. 168. 0. 0 mask 255. 0 notrust nomodify notrap restrict 192. 168. 1. 0 mask 255. 0 notrust nomodify notrap • This NTP server should serve itself unrestricted restrict 127. 0. 0. 1
How To Get NTP Started (not RPM) • To get NTP configured to start at boot: # echo ”/usr/local/bin/ntpd” >> /etc/init. d/boot. local • To start/stop/restart NTP after booting: • To see if ntp is running: # pkill -9 ntpd # pkill -HUP ntpd # /usr/local/bin/ntpd # pgrep ntpd • If you like write your own start stop script and put in runlevel 3 and 5 • Logging in /var/log/messages driftfile /var/lib/ntp/drift/ntp. drift • Logging in /var/log/ntpd. log – Add in /etc/ntp. conf logfile /var/log/ntp. log
Testing And Troubleshooting NTP • Verifying NTP is Running # pgrep ntpd –you should get a response of plain old process ID numbers • Doing An Initial Synchronization against one server –First check current idea of time –Then syncronize against NTP server # date Thu Sep 7 00: 00 PDT 2004 # ntpdate –u ntp. research. gov Looking for host ntp. research. gov and service ntp host found : ntp. research. gov 7 Sep 08: 03: 38 ntpdate[2472]: step time server ntp. research. gov offset 28993. 084943 sec # date Sep 7 08: 03: 38 PDT 2004 –Last check that time was adjusted –If time it was to big difference in time you might want to set the time as exact you can manually and do the sync again
Determining If NTP Is Synchronized Properly • With ntpq command see the servers you sync with # ntpq -p remote refid st t when poll reach delay offset jitter ======================================= -jj. cs. umb. edu gandalf. sigmaso 3 u 95 1024 377 31. 681 -18. 549 1. 572 milo. mcs. anl. go ntp 0. mcs. anl. go 2 u 818 1024 125 41. 993 -15. 264 1. 392 -mailer 1. psc. edu ntp 1. usno. navy. 2 u 972 1024 377 38. 206 19. 589 28. 028 -dr-zaius. cs. wis ben. cs. wisc. edu 2 u 502 1024 357 55. 098 3. 979 0. 333 +taylor. cs. wisc. ben. cs. wisc. edu 2 u 454 1024 347 54. 127 3. 379 0. 047 -ntp 0. cis. strath harris. cc. strat 3 u 507 1024 377 115. 274 -5. 025 1. 642 *clock. via. net . GPS. 1 u 426 1024 377 107. 424 -3. 018 2. 534 ntp 1. conectiv. c 0. 0 16 u - 1024 0 0. 000 4000. 00 • Jitter should be less than 100 • Try to use NTP server close to you with high strata level
Your Linux NTP clients cannot Synchronize Properly • Your test show something like this # ntpq -p remote refid st t when poll reach delay offset jitter ======================================= LOCAL(0) 10 l - 64 7 0. 000 0. 008 ntp-cup. externa 0. 0 16 u - 64 0 0. 000 4000. 00 snvl-smtp 1. trim 0. 0 16 u - 64 0 0. 000 4000. 00 nist 1. aol-ca. tr 0. 0 16 u - 64 0 0. 000 4000. 00 • This could be caused by the following – Older versions of NTP must have IP addresses, not FDQN – A firewall blocking access to your Stratum 1 and 2 NTP servers, port 123 UDP must be opened. – NTPd is not running on server or is not syncronized yet
Configuring Cisco router To Use An NTP Server • Cisco IOS ciscorouter> enable password: ***** ciscorouter# config t ciscorouter(config)# ntp update-calendar ciscorouter(config)# ntp server 192. 168. 0. 10 ciscorouter(config)# ntp server 192. 168. 1. 201 ciscorouter(config)# exit ciscorouter# wr mem • ntp server: Forms a server association with another system. • ntp update-calendar: Configures the system to update its hardware clock from the software clock at periodic intervals.
Configuring Cisco switch To Use An NTP Server • Cisco CATalyst OS ciscoswitch> enable password: ***** ciscoswitch# set ntp client enable ciscoswitch# ntp server 192. 168. 0. 10 ciscoswitch# ntp server 192. 168. 1. 201 ciscoswitch# exit • ntp server: Forms a server association with another system. • set ntp client enable: Activate the NTP client
Configuring A Windows NTP Client • You can add your new NTP server to your Windows client. Here's how: 1. Click on the time at the bottom right hand side of your screen. 2. Click on the "Internet Time" tab of the dialog box 3. Click the check box labeled "Automatically synchronize with an Internet time server" and enter the name or IP address in the box underneath it. 4. Click on the "Update Now" button You will get a message saying "Your time has been successfully synchronized" when the operation is complete
Summary • • • NTP server is adjust time and date on nodes Configuration sit in /etc/ntpd. conf Calibration files sit in /etc/ntpd/ Strata levels tells system accuracy Strata level 1 is most accurate Strata level 2 is next accurate Many applications rely on exact time NTPD is the name of client and server demon Show ntp status with ntpq –p Update time manually: ntpdate –u ntp. research. gov Most routers/Switches has NTP timesettings
- Slides: 13