NTP - Howto make the clock show the correct time

From LinuxReviews
Jump to: navigation, search

How to get started with ntpdate, the tool for constantly adjusting the system clock to the internet.

Contents

[edit] Installing ntpd

First, make sure ntp/ntpdate are installed. The package is by default installed on Mandrake, Fedora, CentOS and Redhat. If you do not have ntp installed you will much likely find packages on your distributions install-cd(s).

The package is named ntp on most distributions (yum install ntp, apt-get install ntp, emerge ntp).

[edit] No IPv6 listening for you!

It must be mentioned that NTP <= atleast v4.2.0a does NOT support listening on IPv6 IPs. ntp-dev-4.2.5p16 can. However, NTP v4.x can use IPv6 NTP servers (they just can't be one).

[edit] The Setup: Client (Desktop) configuration

Most people just need a nice client setup which asks timeserver(s) what time it is and adjusts the local clock accordingly. The default /etc/ntp.conf configuration file is actually quite cool out-of-the-box most distributions, including Fedora Core and CentOS, but you may want to change it anyway.

This is a nice client setup, and the only thing you need to change is the line where timeservers to use is given:

File: /etc/ntp.conf
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1

# Timeserver(s) to (ab)use
server  ntp.xiando.com

server  127.127.1.0     # local clock
fudge   127.127.1.0 stratum 10

driftfile /var/lib/ntp/drift

[edit] Picking timeservers

There are two things to consider when picking timeservers: Distance (d), and stratum. stratum really means "How l33t is this sever?". Servers who are able to figure out what time it is all on their own, without using the Internet, are very l33t and thus; Stratum 1.

It is, for example, possible to figure out what time it is using GPS satellites. Servers who get the (supposedly) correct time using GPS are Stratum 1.

Easy picking: Use pool.ntp.org[1]. For example:

File: /etc/ntp.conf
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org

There are local ntp pools for most parts of the world, for example:

File: /etc/ntp.conf
server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
server 3.europe.pool.ntp.org

And there are also local country pools, such as dk.pool.ntp.org (Denmark), fr.pool.ntp.org (France), etc.

File: /etc/ntp.conf
server 0.fr.pool.ntp.org
server 1.fr.pool.ntp.org
server 2.fr.pool.ntp.org
server 3.fr.pool.ntp.org

[edit] What the fudge?

There are two lines you should have in your configuration:

File: /etc/ntp.conf
server  127.127.1.0     # local clock
fudge   127.127.1.0 stratum 10

server says that the local system clock is a timeserver. fudge says that this server is stratum 10. If you are connected to the Internet then you are likely using timeservers who are more l33t than stratum 10 what time it is, and these servers are used because they have lower stratum and thus; higher priority[2].

However, if you are disconnected from the Internet then they are unavailable and you're left with the local clock. Using fudge to say that the local clock is stratum 10 makes ntp use the local clock when no timeservers are available. This is good because it makes sure you can disconnect your box from the Internet without getting your clock screwed.

[edit] Client (Desktop) alternatives to using ntpd

It must be mentioned that you don't need to run ntpd to use timeservers.

Using ntpd is good because it kind of smooths things over and gradually adjusts the system clock. This is good because some software may become very confused if the clock suddenly and unexpectedly jumps 5 minutes back or forth.

However, ntpd does use like 5 MB system RAM, so there may be reasons why you don't want it running. There are small command-line tools can be used to set the clock to the correct time (you can also cron them, ie put'em in cron.hourly to set the clock every hour).

[edit] rdate

rdate[3] is a simple 3 kB tool for syncing the system clock to a server. It's options[4] are -p to print the date on the given server, -s to set the system clock according to it (must be done as root) and -u to use the UDP protocol. Example:

rdate -p sntp.lth.se

[edit] clockspeed

clockspeed[5] is a very small tool for setting the clock and is, for clients, a much better alternative than installing the 4+ MB ntp package.

[edit] The Setup: Timeserver configuration

You much likely want to run your own NTP server if you are a huge and profitable corporation, intelligence service or just a private citizen who happen to control a very large network.

The reason is this: Only one box really needs to get the correct time from the outside. This box can act as a timeserver for the rest of the boxes on your network.

Here's a nice "standard" configuration file for a timeserver:

File: /etc/ntp.conf
restrict default kod nomodify notrap
restrict -6 default kod nomodify notrap

server ntp6.remco.org prefer
server chime3.ipv6.surfnet.nl
server ntp1.ipv6.lrz-muenchen.de

server          127.127.1.0     # local clock
fudge           127.127.1.0 stratum 10

driftfile /var/lib/ntp/drift
broadcastdelay  0.008
keys            /etc/ntp/keys

[edit] Firewalls

It must be possible to connect to port 123, both UDP and TCP, from the outside / all boxes who will be (ab)using your timeserver.

[edit] Access restrictions

restrict is probably the least understood part of ntpd configuration.

[edit] Testing your time configuration

[edit] ntpq

ntpq, the NTP query program, can give you all sorts of interesting information about your timeserver. ntpq -pn prints out a list of timeservers with all kinds of details.

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*129.240.64.3    195.220.94.163   2 u   31   64  377   21.327   -1.920  51.885
+193.71.1.10     192.36.133.17    2 u   36   64  377   19.674    1.051  21.248
+81.92.65.150    193.10.7.250     2 u   29   64  377   13.729   -2.967  14.251
+81.216.247.88   .PPS.            1 u   29   64  377   19.368   -2.663  46.154
+83.227.8.228    83.221.139.150   3 u   27   64  377   14.522   -7.704  45.818
+130.236.254.17  .GPS.            1 u   29   64  377   16.732   -2.492  47.149
+130.236.254.47  192.36.143.150   2 u   22   64  377   27.132    4.013  27.054
+130.236.254.102 130.236.254.17   2 u   30   64  377   14.999   -3.004  42.214
+193.11.184.180  193.10.7.250     2 u   25   64  367   27.519   -6.415  59.658
+193.13.9.98     192.36.143.150   2 u   27   64  377   22.964   -2.979  53.819
+80.252.175.45   192.36.143.150   2 u   14   64  377   37.822   13.056  77.190
 127.127.1.0     .LOCL.          10 l   22   64  377    0.000    0.000   0.001

ntpq manpage story[6] is that:

-n Output all host addresses in dotted-quad numeric format rather than converting to the canonical host names.
-p Print a list of the peers known to the server as well as a summary of their state. This is equivalent to the peers interactive command.

[edit] ntptrace

ntptrace is another nice command you may consider running. It prints out a nice list like this:

localhost: stratum 3, offset 0.013693, synch distance 0.122109
2001:618:400:5f49:1337::1: stratum 2, offset -0.000785, synch distance 0.071681
truetime.uoregon.edu: stratum 1, offset 0.000000, synch distance 0.003931, refid 'GPS'

You're localhost, you're stratum 3, you're using a server which is 2, and that server is using a server which is very l33t (stratum 1).


Cite error: <ref> tags exist, but no <references/> tag was found
Personal tools
hardware tests
Categories
Privacy policy
linux events
ipv6
Networking
IPv6

Search:

linux newz | random page | poetry | free blog