Environment: ubuntu 12.04 server/64 version (server and client are the same)
ntp server IP (intranet): 192.168.10.2
intranet server IP: 192.168.10.*
Steps:
1. Install ntp software
$sudo apt-get install ntp
2. Modify the configuration file
$sudo vim /etc/ntp.conf
driftfile /var/lib/ntp/ntp.drift statistics loopstats peerstats clockstats filegen loopstats file loopstats type day enable filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable server ntp.ubuntu.com restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery restrict 192.168.10.0 mask 255.255.255.0 nomodify restrict 127.0.0.1 restrict ::1
Mainly in the configuration file:
restrict -6 default kod notrap nomodify nopeer noquery
statement:
restrict 192.168.10.0 mask 255.255.255.0 nomodify
restrict 192.168.10.0 mask 255.255.255.0 nomodify---mainly where servers that can be synchronized are located
Note :
1>, permission setting part The
permission setting is mainly set with the parameter restrict, the main syntax is:
restrict IP mask netmask_IP parameter
where IP can be the software address or default, default is Similar to 0.0.0.0
, the paramter has:
ignore: close all NTP connection services
nomodify: means that the client cannot change the time parameters of the server, but the client can still use the server to perform network time comparison.
notrust: Unless the client is authenticated, the source of the client will be regarded as an untrusted domain
noquery: no time query is provided for the client
If paramter is not set at all, it means that the IP (or domain) "doesn't have any restrictions! 』
2>, upper host settings
The upper host chooses ntp.ubuntu.com. To set the upper host, it is mainly set by the parameter server. The syntax is: server [IP|FQDN] [prefer]
Server is followed by our upper Time Server! And if the server parameter is followed by perfer, it means that our NTP host mainly uses this host as the corresponding time correction. In addition, in order to solve the transmission delay of the update time packet, the driftfile can be used to specify the time that our host spends in communicating with the Time Server, which can be recorded in the file following the driftfile.
3. If there is a firewall set, the 123 port restrictions
iptables -t filter -A INPUT -p udp --destination-port 123 -j ACCEPT
4. Restart the ntp service
sudo /etc/init.d/ntp restart
5. Client synchronization (that is, the intranet server to be synchronized)
sudo ntpdate 192.168.10.2
can view and change the hardware clock of the server at the same time:
sudo hwclock
sudo hwclock -w
6. Common faults The
client appears at the same time: no server suitable for synchronization found error message
Reason :
After restarting the ntp service on the ntp server, the ntp server itself or its synchronization needs a period of time, this process may be 5 minutes, within this time when the client runs the ntpdate command An error of no server suitable for synchronization found will be generated.
So how do you know when the ntp server has finished synchronizing with itself?
Use the command on the ntp server:
#ntpq -p
Source: http://blog.csdn.net/mmz_xiaokong/article/details/8700979