(NOTE: This documentation is based on my experience in SuSE Linux. Settings may vary in other flavour of Linux)
[ Tip: Time zone can be changed in /etc/sysconfig/clock file. Once changed, the service /etc/init.d/boot.clock should be restarted. ]
A server can determine its time in two ways.
(1) By synchronizing with another NTP time server (or
If a server synchronizes with an NTP time server, the stratum used on that server will be determined by the server it is synchronizing with; if a server synchronizes with a stratum 3 time server, it will automatically become a stratum 4 time server by itself. (What is stratum?)
(2) By using a reference clock
If a server uses a reference clock, the server does not get its time from a server on the Internet but will determine its own time. The default stratum used is determined by the type and brand of reference clock that is used. If it is a reliable clock such as a clock related to GPS, the default stratum setting will be high; if it is a less reliable clock (such as the local clock in a computer), the default stratum will be lower.
Configuring a Standard-Alone NTP Time Server
You need just 2 elements to configure your own NTP time server.
(1) The configuration file (/etc/ntp.conf)
(2) And the daemon process (/etc/init.d/xntpd)
The configuration file (/etc/ntp.conf)
(a) Configuring ntp.conf
Add following lines in /etc/ntp.conf file.
fudge 127.127.1.0 stratum 10
server ntp.yourprovider.somewhere minpoll 4 maxpoll 15
Second line defines what should happen when the server falls back to the local external reference clock mentioned on the first line. This line starts with the keyword fudge to indicate a situation that is not normal. In this situation, the server should use the local clock, and the server sets its stratum to 10. By using this stratum, the server indicates that it is not very trustworthy but ensures that it can be used as a time source anyway.
The last line shows what should happen under the normal circumstances. It refers to an IP address or server name on the network of the Internet provider. The values for the minpoll and maxpoll parameters are kind of weird; they refer to the power of 2 that should be used. Therefore, minpoll 4 in fact is 2^4, which equals 16 seconds. The default value is 1024 i.e. 2^10. You can use any value from 4 to 17. The minpoll determines how often a client should try to synchronize its time when time currently is not synchronized properly. The maxpoll value indicates how often synchronization should occur if time is synchronized properly.
[ Tip: Looking for an NTP time server, visit http://www.ntp.org/. You can also set pool.ntp.org as your time server, which is publicly available time server on the Internet. ]
(b) Tuning Your NTP Server
Using the NTP Drift File: No matter how secure the local clock on your computer is, it always has a small defect: either the clock is running too fast or the clock is running too slow. This difference is referred to as the drift factor of the clock. To adjust the clock, NTP Process maintains a file called drift file, which is automatically created when NTP started first time. The drift file default location is /var/lib/ntp/drift/ntp.drift. You can tune where the file is created by using the driftfile parameter in ntp.conf:
driftfile /var/lib/ntp/drift/ntp.drift
(c) Securing Your NTP Server
If you want to restrict rest of the world to access NTP server, but allow your local network, add following lines in ntp.conf file.
restrict default noquery notrust nomodify
restrict 127.0.0.1
restrict 192.168.0.0 mask 255.255.255.0
The Daemon xntpd
Once configurations setting are done successfully, start the NTP Daemon with following command:
rcxntpd restart
Adding this service to default run-levels:
insserv xntpd
No comments:
Post a Comment