LAN ntp server settings (windows time synchronization server NetTime) (ubuntu systemd-timesyncd ntp client) 123 port, ntp time correction

background

The customer has a LAN, and the devices in the LAN have inconsistent times, which may cause problems during interaction;

Now there happens to be a host with two Ethernet interfaces, one of which can be connected to the external network and can obtain the network time. We can make this host an NTP server for time synchronization with other hosts in the LAN;

The following are the relevant steps;

How to configure ntp server in windows

Manual configuration

1. Open the Registry Editor. You can press Win+R keys, then enter regeditand press Enter.

2. Navigate toHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer

3. In the right panel, double-click "Enabled" and enter "1" in the data value field.
   

4. Navigate toHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config

5. In the right panel, double-click AnnounceFlags and enter "5" in the data value field.
   

6. Close Registry Editor.

7. Open a command prompt (as administrator) and enter the following command to restart the Windows Time service:

net stop w32time && net start w32time

The Windows host has been set up as an NTP server, and other devices (such as Linux hosts and NVR devices) should be able to obtain time information from this host. For Linux hosts and NVR devices, you need to point their NTP clients to the IP address of the Windows host.

Configuration parameters AnnounceFlagsand Enabledmeaning

In the Windows registry settings, AnnounceFlagsthese Enabledtwo key values ​​​​have special meanings for the configuration of the NTP server.

1. AnnounceFlags: This key controls whether (and how) the W32Time service (Windows Time) announces itself to the network as an available time source. Its value is a bitmask representing different flags. When AnnounceFlagsthe value of is set to 5, it means the following two conditions:

   • A value of 4 (binary 100) tells the W32Time service to advertise itself as a time server only if the local machine is a reliable time server (for example, it has been configured to manually synchronize to a hardware clock or an external NTP server).

   • A value of 1 (binary 001) causes the W32Time service to always advertise itself as a time server, regardless of whether it has received legitimate time updates.

2. Enabled: This key determines whether to enable NTPServer. If this value is set to 1, then NTPServer will be enabled, that is, the W32Time service will serve as an NTP server to provide time to other devices.

Please note that before modifying the registry, be sure to create a restore point or back up the registry. Wrong modifications may cause system instability.

Using software configuration (NetTime)

On Windows, there are third-party applications that allow you to set up an NTP server easily.

For example, "NetTime". NetTime is a simple, easy-to-use time synchronization client that can also run as a server. Here are the steps on how to set it up:

1. Download and install NetTime: http://www.timesynctool.com/

2. Run NetTime, then right-click the NetTime icon in the system tray and select "Settings".

3. In the "Settings" window, check the "Always provide time" option to make NetTime serve as a server to provide time services.

4. Click "OK" to save the settings.

In this way, you set your Windows host as an NTP server. Then you can point their NTP clients on other devices (such as Linux hosts and NVR devices) to the IP address of the Windows host to achieve time synchronization within the LAN.

Practical operation

Download it:

After the download is complete, click on the default installation:

click Settings, check Allow other computers to sync to this computer:

a warning pops up, reminding us that when using this host for the ntp server, we need to ensure the accuracy of this host's time. Just click No:

Related questions: What is 0.nettime.pool.ntp.org?

0.nettime.pool.ntp.orgIs a public Network Time Protocol (NTP) server address that is part of the NTP Pool Project.

The NTP Pool Project is a large pool of NTP servers maintained by volunteers and sponsors. It provides accurate time services to Internet users around the world. The "pool.ntp.org" project uses DNS round robin to distribute traffic to various time servers, which means that when you query "pool.ntp.org", the DNS server will return the IP address of any server in the pool.

In 0.nettime.pool.ntp.orgthis address, 0it indicates the logical number of the server in the NTP Pool, and nettimeit may be the name of the server group, but I did not find nettimespecific information about it. Typically, you'll see addresses like this 0.pool.ntp.org, 1.pool.ntp.orgwhere the numbers (like 0, 1) represent different servers or groups of servers.

However, if your network does not have access to the Internet, then you will not be able to use this address because it requires access to the NTP Pool's servers over the Internet. In this case, you need to set up an internal NTP server as I described before.

Precautions

Please be sure to check whether the Windows host port 123 is occupied. For methods, please refer to: Windows Check Port Occupancy, Find the Process ID through the Port (Find Process ID), Locate the Application Name through the Process ID (Find Application) (netstat, tasklist)

How to synchronize ntp server time in ubuntu20.04?

Using timedatectl systemd-timesyncd service

Ubuntu 20.04 uses systemd-timesyncdthe service to synchronize time by default, and you do not need to install NTP separately. Here's how to timedatectlsynchronize the time on an NTP server:

1. First open a terminal.

2. Check systemd-timesyncdthe status of the service using the following command:

timedatectl status

3. If NTP service: activethe line reads yes, it means systemd-timesyncdthe service is running. If not, you can start it with:

sudo timedatectl set-ntp on

4. Your system should now automatically synchronize time from the default NTP server. You can also modify /etc/systemd/timesyncd.confthe file to change the NTP server. For example, using the nano editor:

sudo nano /etc/systemd/timesyncd.conf

5. In this file, find #NTP=the lines starting with, delete #and add your NTP servers, separating multiple servers with spaces. For example:

NTP=server1 server2

6. Save and close the file. Then restart systemd-timesyncdthe service to apply the changes:

sudo systemctl restart systemd-timesyncd

7. Check whether the time synchronization is successful .
Use timedatectlthe command to check. If the synchronization is successful, the time on my box's RTC Time will be displayed correctly instead of 1970xxxx:

timedatectl

Use systemctl status systemd-timesyncd.service --no-pagerthe command to view the status of the systemd-timesyncd service and important logs:

systemctl status systemd-timesyncd.service --no-pager

If the synchronization is successful, the following line of text will be displayed:

Initial synchronization to time server 192.168.19.232:123 (192.168.19.232).

timedatectlThese are the steps used to synchronize NTP server time on Ubuntu 20.04 .

Set up outbound and inbound traffic for windows ntp server (alternative)

Note: This method is an alternative. When ntp cannot be synchronized, you can test turning it on to see if it can be synchronized after being turned on.

In Windows, you can check and configure the firewall to allow inbound and outbound traffic on UDP port 123 by following these steps:

1. Open the Control Panel.

2. Click "System and Security".

3. Click on "Windows Defender Firewall".

4. In the left menu, click "Advanced Settings."

5. In the new window, you will see two options: "Inbound Rules" and "Outbound Rules." First, let's create a rule that allows inbound UDP port 123.

6. Click "Inbound Rules" and then click "New Rule" on the right.

7. In the pop-up wizard, select "Port" and click "Next".

8. Select "UDP", then enter "123" in "Specific local port" and click "Next".

9. Select "Allow connection" and click "Next".

10. Make sure all network types are checked and click "Next".

11. Give the rule a name (for example, "NTP UDP 123 Inbound") and click Done.

Next, we create a rule that allows UDP port 123 outbound.

12. In the left menu, click "Outbound Rules," then click "New Rule" on the right.

13. Repeat steps 7-11, except select "Allow connection" in step 9.

Windows Firewall should now be configured to allow inbound and outbound traffic on UDP port 123.

Reference article

Reference article: Time synchronization server