Third party cookies may be stored when visiting this site. Please see the cookie information.

Linux - Network Time Protocol NTP on Linux

The computers have a reputation for not being particularly reliable in respect to the accuracy of their system clocks. They are better these days than when I had my first PC, that would lose a few seconds every week, but it is still better to have clocks that are kept in synchronisation. For some purposes, such as tracing security issues, it is important that the clocks for different computers are synchronised.

The Network Time Protocol (NTP) is used to allow computers to update their time from each other, and hence keep an accurate time. The protocol works by having a few extremely reliable time clocks, which are given the status stratum 1. These are set directly by a radio or GPS clock. Below these servers with stratum 2 derive their values from one or more stratum 1 clocks, and so on. Using this heirarchy means that you do not have to query the top level time servers. For most uses synchronisng against a stratum 4 server is adequate.

As I have a linux server used as my Internet Gateway and Firewall, then by running an NTP daemon on that server, I can synchronise all my windows and linux computers from that one server. If you had routers or other devices they could also be synchronised from that one server.

Setting up a local NTP Server

I am assuming you don't have your own ultra reliable physical clock, and so want to synchronise with other servers. Unless you have your own decaying radium or access to an accurate GPS clock then this will be the case.

The first step is to ensure that the date on the computer is about right. It doesn't have to be very accurate (taking it from a home clock or watch will do), but if the date differs too much from that being provided by the NTP servers then it will fail.

Now you can install the ntp server package. This means referring back to your original installation CDs using whatever tool is provided with your distribution, or downloading the package from the Internet.

On a Mandriva Server (or other rpm based server) this is done using:

rpm -i ntp-vernumber-1mdk.i586.rpm

(from the RPMS directory on one of the CDs).

On Ubuntu this could be done using

apt-get install ntp

apt-get install ntp-server

The configuration file is:

/etc/ntp.conf

which should include a list of the servers you want to syncrhronise against. You may be provided with some specific ntp servers, but if not then the is a Public DNS Pool.

I added the pool servers for the UK

server 0.uk.pool.ntp.org

server 1.uk.pool.ntp.org

server 2.uk.pool.ntp.org

See: Public DNS Pool for details of your local servers. If you have Internet server you may also want to consider becoming part of the pool.

You should reload the configuration file using

/etc/init.d/ntpd restart

or

/etc/init.d/ntp-server restart

Checking the Server

The query command will give details of the servers you are synching with using

ntpq -p

You can check that it is acting as a server for other computers to connect to using:

ntpdate -q 127.0.0.1

There is also a -d (debug) option which will give more information:

ntpdate -qd 127.0.0.1

7 Jun 12:23:54 ntpdate[23431]: ntpdate 4.2.0a@1:4.2.0a+stable-8-r Fri Sep 9 16:44:49 UTC 2005 (1)

transmit(127.0.0.1)

receive(127.0.0.1)

transmit(127.0.0.1)

receive(127.0.0.1)

transmit(127.0.0.1)

receive(127.0.0.1)

transmit(127.0.0.1)

receive(127.0.0.1)

transmit(127.0.0.1)

server 127.0.0.1, port 123

stratum 3, precision -18, leap 00, trust 000

refid [127.0.0.1], delay 0.02577, dispersion 0.00002

transmitted 4, in filter 4

reference time: c8313562.216cd6c2 Wed, Jun 7 2006 12:22:10.130

originate timestamp: c83135ca.7a795703 Wed, Jun 7 2006 12:23:54.478

transmit timestamp: c83135ca.7a71ac14 Wed, Jun 7 2006 12:23:54.478

filter delay: 0.02606 0.02599 0.02577 0.02577

0.00000 0.00000 0.00000 0.00000

filter offset: 0.000132 0.000045 -0.00000 -0.00000

0.000000 0.000000 0.000000 0.000000

delay 0.02577, dispersion 0.00002

offset -0.000001

7 Jun 12:23:54 ntpdate[23431]: adjust time server 127.0.0.1 offset -0.000001 sec

These can be run from another UNIX based machine to test that it is accessible from elsewhere.

Local Zone Information

If you find that the time is out by a multiple of hours then the most likely problem is that your timezone is wrong. This is set by having a link called /etc/localtime, which links to the appropriate data file in /usr/share/zoneinfo

In my case a: ls -l /etc/localtime

gives an entry pointing to the London entry.

localtime -> /usr/share/zoneinfo/Europe/London

Configuring Clients

Linux / UNIX

These can be configured as above using your new ntp server as the source. This will help reduce the load on more distant NTP servers. For Linux systems there is normally an option in the graphical system configuration choices, but this differs between the different distributions.

MS Windows

If you have some windows machines then you can set the time server using the command:

net time /setsntp:"address of new ntpserver"

or by launching the Date & Time viewer (double click on the clock in the bottom right), and using the Internet Time Tab. This may not be available if you use a domain login which sets the time for you.


» PenguinTutor Facebook page