If you have a Linux machine (Ubuntu, Centos, Redhat) running in your environment and you would want to configure them as an NTP server it is pretty easy.
In our last blog, we took a look at what is NTP and how to configure the public and private NTP servers. In this blog, we are going to configure the Linux machines as the NTP server by pointing to the google time servers.
We would be using two NTP servers Centos and Ubuntu as primary and secondary respectively.
Note: The steps followed in the Centos is the same for the Redhat server as well.
Prerequisite for this NTP configuration
- Centos / Redhat / Ubuntu Linux distribution installed with internet access.
Linux NTP configuration Step by Step.
Step1. Most of the Linux distributions would not have NTP preinstalled by default. To install the NTP package and its dependencies on the Linux machine you can run the command below.
- Ntp installation on Centos and Rhel
yum -y install ntp
- NTP installation on Ubuntu
apt install -y ntp apt install -y ntpstat
Step 2. Once the NTP package installed you can go to the NTP config file and add the public NTP server.
The NTP configuration files are located at
/etc/ntp.conf on Centos, Rhel, and Ubuntu. To edit the file enter the command below.
You could also use a nano editor if you are comfortable with it.
In this lab, I am using google NTP server. You could also go to pool.ntp.org and find out the NTP servers near to your location and use them as well.
As you can see by default the Linux NTP config will have centos public NTP server pool from pool.ntp.org preconfigured in CentOS machine.
so does on the Ubuntu NTP configuration.
change the values to our google NTP time servers below.
Step 3. NTP Configuration Verification
I have now changed the existing configuration and pointed to google NTP server, let’s verify the same.
Centos and Redhat NTP server verification.
As you can see below is the new configuration.
NTP configuration from the Ubuntu machine.
What is iburst in NTP?
when you add iburst in the NTP configuration the NTP synchronization would become faster as in iburst mode the 10 NTP requests are sent within a minute otherwise it would be just one in a minute. It is actually a good practice to keep the iburst in the NTP configuration.
Step5. After you modify the file, you may go ahead and restart the NTP service
service ntpd restart
- And add the NTP service to start during the system boot.
chkconfig ntpd on
Step 6. Finally, you will have to allow port 123 in the centos firewall service by typing the below command
[[email protected]@gld ~]# firewall-cmd --add-service=ntp --permanent success [[email protected]@gld ~]#
sudo ufw allow ntp
- Restart the firewall service in Centos to take this effect.
[[email protected]@gld ~]# restart firewalld.service [[email protected]@gld ~]# service firewalld restartRedirecting to /bin/systemctl
Step6. Linux NTP status verification
After you finished the configuration, you may go ahead and check the NTP status on both the servers, as you can see both are synced with the google NTP servers.
[[email protected]@gld ~]# ntpstat synchronised to NTP server (220.127.116.11) at stratum 2 time correct to within 49 ms polling server every 64 s
[email protected]:/etc# ntpstat synchronised to NTP server (18.104.22.168) at stratum 2 time correct to within 26 ms polling server every 64 s
[[email protected]@gld ~]# clock Sun 21 Jul 2019 12:02:46 AM IST -0.645947 seconds
- We can also check NTP server synchronization status on all the servers
[[email protected]@gld ~]# ntpq -premote refid st t when poll reach delay offset jitter==============================================================================+time1.google.co .GOOG. 1 u 38 64 377 90.771 -3.560 12.827*time2.google.co .GOOG. 1 u 38 64 377 40.405 -6.920 21.720+time3.google.co .GOOG. 1 u 35 64 377 85.982 -8.006 20.105+time4.google.co .GOOG. 1 u 34 64 377 89.000 -9.192 10.081[[email protected]@gld ~]#
In ubuntu, you can also see some backup NTP server as well which I didn’t modify in ntp.conf
[email protected]:/# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== time1.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time2.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time3.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time4.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 ntp.ubuntu.com .POOL. 16 p - 64 0 0.000 0.000 0.000 +time1.google.co .GOOG. 1 u 27 64 77 89.655 1.639 0.906 +time2.google.co .GOOG. 1 u 31 64 77 43.757 -1.704 0.975 *time3.google.co .GOOG. 1 u 29 64 77 92.284 0.247 1.231 +time4.google.co .GOOG. 1 u 27 64 77 88.076 0.552 2.482 -pugot.canonical 22.214.171.124 2 u 37 64 77 133.805 -4.524 0.547 -chilipepper.can 126.96.36.199 2 u 34 64 77 136.376 -3.614 1.116 -golem.canonical 188.8.131.52 2 u 37 64 77 136.002 -3.193 0.751 +alphyn.canonica 184.108.40.206 2 u 35 64 77 226.162 0.073 2.878 [email protected]:/#
If I uncomment the ubuntu backup server in
/etc/ntp.conf file and restart the NTP server, you could see only google NTP servers are being synced just like we did see with Centos.
[email protected]:/# service ntp restart [email protected]:/# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== time1.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time2.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time3.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time4.google.co .POOL. 16 p - 64 0 0.000 0.000 0.000 time1.google.co .GOOG. 1 u 1 64 1 95.693 -2.491 0.000 time2.google.co .GOOG. 1 u 1 64 1 44.392 -2.687 0.000 [email protected]:/#
Step 7. Configure the NTP client that points to our NTP server.
We got our NTP server configured on both the CentOS and the Ubuntu, now lets point one of the client to our NTP servers. I am using Centos as the NTP client for this example.
- In terminal type
- Enter the IP address of both NTP servers.
server 192.168.137.10 iburst
server 192.168.137.20 iburst
- Restart the NTP service
service ntpd restart
Step 8. NTP client verification
ntpstatto see if the NTP is synced.
[[email protected] saif]# ntpstat synchronised to NTP server (192.168.137.10) at stratum 3 time correct to within 99 ms polling server every 64 s [[email protected] saif]#
- You may type
ntpq -pto verify which server is in use
You can see both servers are used, however, the primary server 192.168.137.10 is selected for the NTP synchronization as the ‘*’ suggests.
[[email protected] saif]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *192.168.137.10 220.127.116.11 2 u 51 64 17 0.376 -2.116 0.710 +192.168.137.20 18.104.22.168 2 u 47 64 17 0.227 1.374 0.833 [[email protected] saif]#