Time Server Role:
And generating large data processing system is a cluster of various computing devices, computing devices will be unified, standard time synchronization is used to record the timing of various events,
E-MAIL information such as file creation and access time, database processing time.
Large system control data between different computing devices, computing, processing, application or data has sequential operations,
If the computer does not synchronize time, these applications or operations, or will not work correctly.
Large systems are time-sensitive data calculation processing system, time synchronization is possible to obtain a large data base and for proper treatment, the data is a large technical support to function.
Big Data era, large data throughout the communication processing through a network computing systems are carried out.
The same is true time synchronization, time information transmission standard Internet using a large data, time synchronization large data system.
Network Time Protocol (NTP) is the technical basis for time synchronization.
(A) mounting confirmation ntp
1) confirm whether the installation ntp
Syntax rpm -qa | grep ntp
If only ntpdate and no ntp, you need to delete the original ntpdate. Such as:
ntpdate-4.2.6p5-22.el7_0.x86_64
fontpackages-filesystem-1.44-8.el7.noarch
python-ntplib-0.3.2-1.el7.noarch
2) Delete install ntp
【命令】yum –y remove ntpdate-4.2.6p5-22.el7.x86_64
3) re-install ntp
Syntax yum -y install ntp
(B) configuration ntp service
1) modify all nodes /etc/ntp.conf
Syntax vi /etc/ntp.conf
【content】
restrict 192.168.6.3 nomodify notrap nopeer noquery // IP address of the current node
restrict 192.168.6.2 mask 255.255.255.0 nomodify segment notrap // cluster where the Gateway (Gateway), subnet mask (Genmask)
2) select a master node, modify its /etc/ntp.conf
Syntax vi /etc/ntp.conf
[Content] Adding server part about the part, and comment server 0 ~ n
server 127.127.1.0
Fudge 127.127.1.0 stratum 10
3) other than the master node, continue to modify /etc/ntp.conf
Syntax vi /etc/ntp.conf
SUMMARY server] add the following statement in part, will be directed to the primary server node.
server 192.168.6.3
Fudge 192.168.6.3 stratum 10
(C) start ntp service, view status
1) Start ntp service
Syntax service ntpd start
2) check to see whether or ntp server communication and the upper ntp
Syntax ntpstat
When viewing ntp status, there may be circumstances as follows
① unsynchronised time server re-starting polling server every 8 s
② unsynchronised polling server every 8 s
This situation is normal, after ntp server configuration, you should wait 5-10 minutes to configure the standard time /etc/ntp.conf in synchronization.
Etc. After some time, again using the ntpstat command to view the status, it will become a normal result of the following:
3) ntp server and view the status of the upper ntp
Syntax ntpq -p
remote: The machine and the upper ntp ip or host name, "+" indicates priority, "*" denotes a lower priority
refid: ntp host address on the reference layer
st: stratum class
when: number of seconds before had had time synchronization
poll: how many seconds after the next update
reach: the number of updates have been requested to the upper ntp server
delay: network delay
offset: Time Compensation
jitter: time difference between the system time and bios
4) Check the status of the process ntpd
Syntax watch "ntpq -p"
[Termination] Press Ctrl + C to stop viewing process.
Mass indicates the source of the character in the first column. An asterisk (*) indicates that the current source is quoted.
remote: lists the IP address or host name of the source.
when: indicate the start elapsed time (in seconds) from the polling source.
poll: polling interval noted. This value will increase according to the precision of the local clock.
reach: is an octal number indicating the accessibility of sources. Value of 377 indicates that the source has the first eight sequential polling response.
offset: the time difference is the source clock and the local clock (ms).
(D) Setting the boot
Syntax chkconfig ntpd on
(E) an excerpt from a number of reference other blog
=== / etc / ntp.conf configuration content ===
# 1. The first deal with the issue terms of rights, including the release of the upper server LAN users and open source: the restrict default KOD nomodify notrap nopeer The NOQUERY <== refused to IPv4 users restrict -6 default kod nomodify notrap nopeer noquery <== refused to IPv6 users restrict 220.130.158.71 <== release into the present tock.stdtime.gov.tw NTP server restrict 59.124.196.83 <== release into the present tick.stdtime.gov.tw NTP server restrict 59.124.196.84 <== release time. stdtime.gov.tw into the present NTP server restrict 127.0.0.1 <== under two is the default, native sources release the restrict -6 ::. 1 the restrict 192.168.100.0 mask 255.255.255.0 nomodify <== release source LAN users or listed separately IP # 2. setting the host source, first the original [0 | 1 | 2] .centos.pool.ntp.org set out annotation: Server 220.130.158.71 the prefer <== to this Ministry hosts the highest priority of the Server Server 59.124.196.83 Server 59.124.196.84 # 3. Default an internal clock data, used when no external NTP server, which provides services to LAN users: # # local Server 127.127.1.0 Clock # Fudge 127.127.1.0 Stratum 10 # 4. Profile Analysis predetermined time difference and other keys used temporarily, it does not need to cover modifications: the driftfile / var / lib / NTP / Drift keys / etc / NTP / keys
=== === restrict option format
the restrict [Client IP] mask [IP Mask] [parameter ]
"Client IP" and "IP mask" specifies which computers on the network-wide control, if you use the default keyword, then control all the computers parameter specifies the specific content restrictions, common parameters are as follows :
◆ ignore: refuse to connect to the NTP server
◆ nomodiy: The client can not change the time parameters of the server, but the client can through the school network server.
◆ noquery: The client does not provide the time of the query
◆ notrap: remote login feature is not available trap, trap service is a remote logging service time.
◆ notrust: Unless the client is authenticated, otherwise the client will be treated as a source of distrust subnet.
◆ nopeer: time service, but not as a peer.
◆ kod: Send Kiss-Of-Death packets to unsafe visitors.
=== === server option format
server host [ key n ] [ version n ] [ prefer ] [ mode n ] [ minpoll n ] [ maxpoll n ] [ iburst ]
Wherein the domain name or host IP address is the upper NTP server, subsequently explained with the following parameters:
◆ key: indicates that all packets sent to the server's secret key encrypted with the authentication information, n being an integer of 32 bits, indicates the secret key number.
◆ version: the version number of the message sent to the server using an upper layer, n is the default is 3, 1 or 2 may be.
◆ prefer: If there are multiple options for server, a server with limited use of this parameter.
◆ mode: the value of the text field to specify the datagram mode.
◆ minpoll: Specifies the minimum time interval query the server for the second n-th power of 2, n is 6 default, range 4-14.
◆ maxpoll: querying the server specifies a maximum time interval of 2 seconds to the power of n, n default is 10, the range of 4-14.
◆ iburst: When initial synchronization request, sending a burst mode eight successive packets, the time interval is 2 seconds.
=== === view gateway method
[1] command route -n
[2] command ip route show
[3] netstat -r command
=== level (stratum) ===
According to the level of the upper stratum server set (+1).
For the host to provide network time service provider's terms, stratum is set to be as accurate as possible.
As LAN time service provider, typically 10 to stratum
0 server layer uses atomic clock, GPS clock and other physical devices, stratum 1 and 0 are directly connected Stratum,
A layer of stratum and subsequent stratum connected over a network, the server may be the same layer interaction.
ntpd-Service is a lower layer client server, the server is that it is for the upper layer client.
ntpd clock to provide services to other servers based on parameter determines the profile or synchronous clock from the other server. All configurations are /etc/ntp.conf file.
=== === Note firewall port shield ntp
ntp server default port is 123, if the firewall is turned on, errors may occur in some operations, so remember to close the firewall.
=== === hardware clock synchronization
ntp service, only the default time synchronization system.
If you want to make hardware time synchronization ntp same time, you can set the / etc / sysconfig / ntpd file,
在/etc/sysconfig/ntpd文件中,添加【SYNC_HWCLOCK=yes】这样,就可以让硬件时间与系统时间一起同步。
允许BIOS与系统时间同步,也可以通过hwclock -w 命令。
===ntpd、ntpdate的区别===
下面是网上关于ntpd与ntpdate区别的相关资料。如下所示所示:
使用之前得弄清楚一个问题,ntpd与ntpdate在更新时间时有什么区别。
ntpd不仅仅是时间同步服务器,它还可以做客户端与标准时间服务器进行同步时间,而且是平滑同步,
并非ntpdate立即同步,在生产环境中慎用ntpdate,也正如此两者不可同时运行。
时钟的跃变,对于某些程序会导致很严重的问题。
许多应用程序依赖连续的时钟——毕竟,这是一项常见的假定,即,取得的时间是线性的,
一些操作,例如数据库事务,通常会地依赖这样的事实:时间不会往回跳跃。
不幸的是,ntpdate调整时间的方式就是我们所说的”跃变“:在获得一个时间之后,ntpdate使用settimeofday(2)设置系统时间,
这有几个非常明显的问题:
【一】这样做不安全。
ntpdate的设置依赖于ntp服务器的安全性,攻击者可以利用一些软件设计上的缺陷,拿下ntp服务器并令与其同步的服务器执行某些消耗性的任务。
由于ntpdate采用的方式是跳变,跟随它的服务器无法知道是否发生了异常(时间不一样的时候,唯一的办法是以服务器为准)。
【二】这样做不精确。
一旦ntp服务器宕机,跟随它的服务器也就会无法同步时间。
与此不同,ntpd不仅能够校准计算机的时间,而且能够校准计算机的时钟。
【三】这样做不够优雅。
由于是跳变,而不是使时间变快或变慢,依赖时序的程序会出错
(例如,如果ntpdate发现你的时间快了,则可能会经历两个相同的时刻,对某些应用而言,这是致命的)。
因而,唯一一个可以令时间发生跳变的点,是计算机刚刚启动,但还没有启动很多服务的那个时候。
其余的时候,理想的做法是使用ntpd来校准时钟,而不是调整计算机时钟上的时间。
NTPD during synchronization and time server, the oscillation frequency deviation will BIOS timer - Local Clock or natural drift (Drift) - recorded.
So even if a network problem, the machine is still able to maintain a fairly accurate when walking.