Network Time Protocol (NTP) is one of the most reliable methods to keep your system clock synchronized across servers and clients. In Linux, the NTP service ensures precise time synchronization, which is crucial for distributed systems, databases, and security.
This guide will walk you through the installation, configuration, and verification of NTP service on Linux, using both Aliyun public NTP servers and a local private NTP server setup.
Configuration with Aliyun NTP Servers #
Example: /etc/ntp.conf
Below is a sample configuration file for using Aliyun’s public NTP servers as the upstream time sources:
# /etc/ntp.conf
# Aliyun Public NTP Servers
server ntp1.aliyun.com prefer
server ntp2.aliyun.com
server ntp3.aliyun.com
server ntp4.aliyun.com
# Security restrictions
restrict default nomodify notrap nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
restrict -4 default kod notrap nomodify nopeer noquery
# Allow local network synchronization
restrict 192.168.122.0 mask 255.255.255.0 nomodify notrap
# Broadcast settings
broadcast 224.0.1.1
# Drift file configuration
filegen driftfile /var/lib/ntp/drift
# Logging configuration (optional)
logging {
# Enable as needed
# debugtrace;
# warningtrace;
# packettrace;
}
After modifying the configuration, restart the NTP service:
systemctl restart ntpd
Preparing the Environment #
- System version: CentOS 7.x
- NTP server IP:
192.168.1.111 - Client IP:
192.168.1.179
Before proceeding:
- Disable the firewall or open UDP port
123. - Disable SELinux (if it interferes).
Installing and Configuring NTP Server #
1. Install NTP #
[root@vxworks ~]# yum install ntp -y
2. Configure /etc/ntp.conf
#
[root@vxworks ~]# cp /etc/ntp.conf{,.bak}
[root@vxworks ~]# vim /etc/ntp.conf
server 127.127.1.0 # Use local machine as time source
fudge 127.127.1.0 stratum 10 # Define server stratum level
restrict 127.0.0.1 # Allow local machine
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # Allow local subnet
driftfile /var/lib/ntp/ # Record drift data
logfile /var/log/ntp/ntp.log # Define log file
3. Create Log Files #
[root@vxworks ~]# mkdir -p /var/lib/ntp/
[root@vxworks ~]# touch /var/log/ntp/ntp.log
4. Start and Enable Service #
[root@vxworks ~]# systemctl start ntpd
[root@vxworks ~]# systemctl enable ntpd
5. Verify Synchronization #
[root@vxworks ~]# ntpstat
synchronised to local net at stratum 6 time correct to within 11 ms polling server every 64 s
Or check peers:
[root@vxworks ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*LOCAL(0) .LOCL. 5 l 13 64 377 0.000 0.000 0.000
Installing and Configuring NTP Client #
1. Install Packages #
[root@vxworks ~]# yum install ntp ntpdate -y
2. Configure Client /etc/ntp.conf
#
[root@vxworks ~]# cp /etc/ntp.conf{,.bak}
[root@vxworks ~]# vim /etc/ntp.conf
server 192.168.1.111 # Use local NTP server
restrict 127.0.0.1
logfile /var/log/ntp/ntp.log
3. Create Log Directory #
[root@vxworks ~]# mkdir -p /var/log/ntp
[root@vxworks ~]# touch /var/log/ntp/ntp.log
4. Initial Time Sync #
[root@vxworks ~]# ntpdate 192.168.1.111
5. Start NTP Daemon #
[root@vxworks ~]# systemctl start ntpd
6. Verify Client Synchronization #
[root@vxworks ~]# ntpstat
unsynchronised
time server re-starting
polling server every 8 s
Or with ntpq:
[root@vxworks ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
192.168.1.111 LOCAL(0) 6 u 11 64 1 0.502 0.009 0.000
Conclusion #
By following this guide, you can set up a reliable NTP server and client environment on Linux. Proper time synchronization ensures:
- Accurate system logs
- Reliable database transactions
- Secure authentication mechanisms
Whether using Aliyun public NTP servers or deploying a local private NTP server, Linux provides flexible and robust options to keep your system clocks accurate.