NTP Server

NTP
[root@server1 ~]# yum install ntp

/usr/sbin/ntpd —> Service
/etc/ntp.conf —> Main File
/etc/ntp/keys —> Contains Encryption keys
/var/lib/ntp/drift —> Hardware clock drift statistic ( A file that will be used to store information about the inaccuracy of the local hardware clock.
/etc/ntp/step-trickers —> Optional server to use for initial clock syncronize at boot
/etc/sysconfig/ntpd —> Passes command-line option to ntpd

Utilities:-
/usr/sbin/ntpdate —> Set the system clock once from NTP Server
/usr/sbin/ntp-genkeys —> Generate a encryption key for Security
/usr/sbin/ntpq —> Standard Ntp query tool
/usr/sbin/ntpdc —> Special Ntp query tool
/usr/sbin/ntptrace —> Trace the chain of NTP Server back to initial time source

At least three Ntp Server as time source use for Organization.

Client Configuration:

[root@server3 ~]# vim /etc/ntp.conf
server 10.10.10.1
driftfile /var/lib/ntp/drift

[root@server ~]# iptables -t filter -I INPUT -p udp –dport 123 -j ACCEPT
[root@server1 ~]# /etc/init.d/iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]

Server Configuration:
[root@server1 ~]# vim /etc/ntp.conf

server 1.asia.pool.ntp.org —> Public NTP Server
peer 10.10.10.2 —> Server Peer
server 127.127.29.0 —> A Trimble GPS (On a serial port)
server 127.127.1.0 —> Motherboard Hardware Clock
fudge 127.127.1.0 stratum 10 —> Which is advertise as high (unreliable) stratum 10-15

[root@server1 ~]# iptables -t filter -I INPUT -p udp –dport 123 -j ACCEPT
[root@server1 ~]# /etc/init.d/iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]

Restrict and Access control:-
[root@server1 ~]# cat /etc/ntp.conf | grep restrict
restrict 10.10.10.2 —> No restriction
restrict 10.10.10.3 ignore —> Ignore all packet from this host
[root@server3 ~]# ntpdate 10.10.10.1
30 Jul 20:00:36 ntpdate[3212]: no server suitable for synchronization found
restrict 10.10.10.0 mask 255.255.255.0 nomodify —> Ignore remote config. request
noquery —> Ignore all status query and config req.

Advertisements

About bpn4it

Feel Free in Linux. Bipin Patel bpn4it@gmail.com Ahmadabad, Gujarat, India
This entry was posted in Bipin hands-on. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s