Recently, the server was forced to shut down once and suddenly wanted to get the time synchronization service all together (in an intranet environment, unable to connect to the Internet)
Why should I record this article?
It took me almost a day because it was so simple.
Always make mistakes, try to modify the configuration, continue to make errors, and then when I almost despair and want to spit out the linux ntpd garbage, it suddenly takes effect.
Just because a configuration interface listen 10.100.2.242 was added, or perhaps because it happened to be time to wait.
I don't understand why the Internet says it will take a few minutes to take effect? I sync with ntpdate-d-v $IP, why give me
There was an error. I don't know how to fix it yet.
This linux is so hard to use.
ntpd server configuration (10.100.2.242)
vim ntp.conf
# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. #restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap restrict 10.100.2.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.centos.pool.ntp.org iburst #server 1.centos.pool.ntp.org iburst #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst server 127.127.1.1 burst true prefer #fudge 127.127.1.1 stratum 8 interface listen 10.100.2.242 #...omitted from the back
The key points are:
Active for specified LAN segment
restrict 10.100.2.0 mask 255.255.255.0 nomodify notrap
Set up the server itself to serve as a separate ntpd server
server 127.127.1.1 burst true prefer
After the above configuration increases, it doesn't take effect yet. Amazingly, I found almost no one mentioned the configuration below. It seems to have worked
interface listen 10.100.2.242
I can't see this in the man manual. What's wrong?
fudge 127.127.1.1 stratum 0
The fudge parameter does not appear to be valid
ntpd --version ntpd 4.2.6p5
According to ntp.org's records, the latest version is the 4.2.8pX series, which should be a version problem;
ntp client configuration (10.100.2.243-249) all uses 10.100.2.242 time configuration
Clients are simple, and when I test ok, I do batch operations:
yum install ntpd -y sed -i 's/^server/#server/g' /etc/ntp.conf line=`grep "#server" /etc/ntp.conf -n|tail -n 1|cut -d ':' -f 1` if test -z "$line";then echo "not found server ";return;fi sed -i -e "$line a server 10.100.2.242 prefer iburst" /etc/ntp.conf systemctl enable ntpd||chkconfig --level 345 ntpd on systemctl restart ntpd||service ntpd restart ntpstat ; ntpq -p; ntpdate -d date ntpdate -v -d 10.100.2.242 date
Finally, it works. Start various ntpd services. It is best not to use crontab to write ntpdate timer commands. ntpdate is only suitable for manual operation.
Later, we checked that the original windows w32time service also supports ntpd, which can be configured as either ntpd server or ntp client
Link ntpd server (win s or linux, pass-through support), the most critical is that the configuration is simple and the use is simple.
So linux works really well.
REF: http://doc.ntp.org/
ntp.conf: Things rarely mentioned
interface listen configuration for ntp, binding listening