NTP ntp服务器

发布时间:2022年04月15日 04:06:46分享人:暮夏那年开来源:互联网27

ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm不止是一个NTPSERVER,还是个NTP CLIENT
尽管安装后,ntpd和ntp.conf都用不上,但不装这个RPM,则客户端命令ntpdate就没有


linux ntpd安装
[root@FW ~]# rpm -ivhntp-4.2.0.a.20040617-4.EL4.1.i386.rpm
warning: ntp-4.2.0.a.20040617-4.EL4.1.i386.rpm: V3 DSA signature:NOKEY, key ID db42a60e
Preparing...########################################### [100%]
1:ntp########################################### [100%]
[root@FW ~]# whereis ntpd
ntpd: /usr/sbin/ntpd /usr/share/man/man1/ntpd.1.gz
修改/etc/ntp.conf
[root@FW ~]# cat /etc/ntp.conf

在这里填入时钟源
restrict127.0.0.1
restrict 133.100.11.8 mask 255.255.255.255 nomodify notrapnoquery
restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrapnoquery

# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems tomodify the
# configuration of this service. Also, do not usethose
# systems as peers for synchronization.
# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

restrict 10.4.0.0 mask 255.255.0.0 nomodifynotrap
限制下面网段的ntpclient可以学到此ntp server的时钟
restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap
注意这个网段不一定是实际网段,可以是CIDR,只要COVER即可

# --- OUR TIMESERVERS -----
在这里填入时钟源
server 133.100.11.8
server 0.pool.ntp.org
#server 1.pool.ntp.org
#server 2.pool.ntp.org

keys/etc/ntp/keys
[root@FW etc]# /etc/init.d/ntpdstart
Starting ntpd: [ OK ]
[root@FW etc]# tail/var/log/messages
May 27 06:06:41 FW ntpd[11229]:Listening on interface wildcard, 0.0.0.0#123
May 27 06:06:41 FW ntpd[11229]:Listening on interface wildcard, ::#123
May 27 06:06:41 FW ntpd[11229]:Listening on interface lo, 127.0.0.1#123
May 27 06:06:41 FW ntpd[11229]:Listening on interface eth0, 10.4.0.198#123
May 27 06:06:41 FW ntpd[11229]:Listening on interface eth1, 124.126.86.137#123

[root@FW ~]# ntpq -p
remoterefidst t when poll reachdelay offset jitter
=============================================================
114.80.81.7264.183.55.542 u26417 26.87021918574.195
114.80.81.1.INIT.16 u-6400.000 0.0004000.00
114.80.81.1216.218.192.202 2u-6417 26.90221918576.197
LOCAL(0)LOCAL(0)10 l646470.0000.000 0.001
offset太大,说明没同步上
[root@FW etc]# date
Wed May 27 06:17:52 CST2009

中间等了好久

[root@FW ~]# ntpq -p
remoterefidst t when poll reachdelay offset jitter
=============================================================
+114.80.81.72216.218.192.202 2 u109 128377 26.419-99.15917.397
114.80.81.1.STEP.16 u -102400.000 0.0004000.00
*114.80.81.1216.218.192.202 2u 36128 37726.997 -98.699 24.307
LOCAL(0)LOCAL(0)10 l37 643770.0000.000 0.001

[root@FW ~]# date
Wed May 27 13:16:09 CST2009




两种ntp client端配置
他以Internet时钟源为server,是一个daemon级的client
也是/etc/ntp.conf, /etc/init.d/ntpdstart, ntpq -p等等
然后将此语句放入crontab中,每5分钟执行一次


linux ntp client与另一台linux ntpserver
[root@nm mac]# vi /etc/ntp.conf
# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems tomodify the
# configuration of this service. Also, do not usethose
# systems as peers for synchronization.
restrict 10.4.0.0 mask 255.255.0.0 nomodifynotrap只改了此一处
[root@nm mac]# /etc/init.d/ntpd start
Starting ntpd: [ OK ]

[root@nm mac]# ps -ef | grep ntp
ntp49791 0 17:15?00:00:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
[root@black101 mac]# /usr/sbin/ntpdate 10.4.3.117
27 Jul 17:57:16 ntpdate[13238]: step time server 10.4.3.117 offset-186.325206 sec
[root@black101 mac]# date
Sun Jul 27 17:57:25 CST 2008


cisco路由器(ntp server)与linux ntpclient同步
router 上只配了一句就成为NTP MASTER
telnet 10.4.193.26
...
line vty 0 4
password cisco
login local
line vty 5 15
password cisco
login local
!
ntp master
!
linux ntp client与NTP SERVER的同步很简单,就一条语句ntpdat

[root@nm mac]# /usr/sbin/ntpdate 10.4.193.26
1 Jan 20:09:55 ntpdate[5400]: step time server10.4.193.26 offset 278.100526 se

[root@nm mac]# date
Mon Jan 1 20:09:58 CST 2001
作成cron,每5分钟执行一次
[root@nm cron.d]# vi /root/time.sh

#!/bin/sh
/usr/sbin/ntpdate 10.4.193.26 >/dev/null2>&1

[root@nm cron.d]# chmod u+x/root/time.sh
[root@nm cron.d]# crontab -e
no crontab for root - using an empty one
进入VI
*/5 * * * * /root/time.sh >/dev/null

"crontab.XXXXr6kbFI" 1L, 37C written
crontab: installing new crontab

[root@nm cron.d]# crontab -l
*/5 * * * * /root/time.sh >/dev/null



在CISCO ROUTER 上对LINUX NTPSERVER同步
r21(config)#ntp server10.4.3.117
r21(config)#^Z
r21#sh ntp stat
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precisionis 2**18
reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 11900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec

r21#sh ntp stat
Clock is synchronized, stratum 12, reference is 10.4.3.117
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precisionis 2**18
reference time is CC36C5A9.4BFEA414 (10:00:09.296 UTC Sun Jul 272008)
clock offset is -103.6189 msec, root delay is 57.88 msec
root dispersion is 8123.12 msec, peer dispersion is 7944.95msec


系统时间总跳回去,date白设,不知道为什么?
NTP ntp服务器
[root@nm ~]# date
Sat Mar 6 06:28:57 CST 1993
[root@nm ~]# date 101513462008
Wed Oct 15 13:46:00 CST 2008
[mac@nm ~]$ date
Sat Mar 6 06:34:47 CST 1993

后来发现,原来系统设了cron的ntptab
[root@nm mac]# crontab -l

*/5 * * * * /root/time.sh >/dev/null

[root@nm mac]# cat /root/time.sh
#!/bin/sh
/usr/sbin/ntpdate 10.4.193.26>>/home/mac/ntpdate.log2>&1


linux ntp 调试指令
[root@nm mac]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q LocalAddressForeignAddressState
tcp000.0.0.0:210.0.0.0:*LISTEN
tcp000.0.0.0:230.0.0.0:*LISTEN
tcp00:::80:::*LISTEN
tcp00:::22:::*LISTEN
tcp00:::443:::*LISTEN
udp00 10.4.3.117:1230.0.0.0:*
udp00 192.168.10.117:1230.0.0.0:*
udp00 127.0.0.1:1230.0.0.0:*
[root@nm mac]# ntpstat
synchronised to local netat stratum 11
time correct to within 12ms
polling server every 128s
[root@nm mac]# /usr/sbin/ntpq -p
remoterefidst t when poll reachdelay offsetjitter
=============================================================218.21.130.42209.81.9.72 u 9812[]8 37732.959 8389072 122825.
61.129.66.79.INIT.16 u-6400.000 0.0004000.00
61.129.66.79209.51.161.238 2u 29128 17519.957 8392927 127996.
*LOCAL(0)LOCAL(0)10 l37 643770.0000.000 0.015
[root@localhost etc]# /usr/sbin/ntptrace
localhost.localdomain: stratum 16, offset 0.000000, synch distance0.001590


hwclock -r 查询BIOS时间
[root@nm mac]# /usr/sbin/hwclock -r
Sat 12 Jul 2008 05:57:42 AM CST -0.802884seconds
hwclock -w将linux时间写入Bios时间(os 与bios 同步)
hwclock -w or hwclock --systohc
hwclock --set --date=newdate



NTP的安全问题


ntpq -p ,如果发现jitter 4000,表示有防火墙等问题(通常是把ntp包deny了)
[root@ntracker ntp]# ntpq -p
remoterefidst t when poll reachdelay offsetjitter
=============================================================
10.4.0.198.INIT.16 u-6400.000 0.0004000.00
LOCAL(0)LOCAL(0)10 l446470.0000.000 0.004
另一台起NTP client的路由器上看也是unsync
3800-2#sh ntp status
Clock is unsynchronized,stratum 16, no reference clock
nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precisionis 2**18
reference time is AF576BD8.34C30B0C (06:34:00.206 CST Mon Mar 221993)
clock offset is 510656169694.0384 msec, root delay is 234.45msec
root dispersion is 358250.53 msec, peer dispersion is 16000.00msec
到ntp server上的iptables加了一条
/sbin/iptables -A INPUT -i $LAN_INT -m state --state NEW-p udp --dport 123 -j ACCEPT


在client端看,发觉ntp已经学过来了
[root@ntracker ntp]# ntpq -p
remoterefidst t when poll reachdelay offsetjitter
=============================================================
10.4.0.198114.80.81.13 u186410.357 -8837800.004
*LOCAL(0)LOCAL(0)10 l1864170.0000.000 0.004
路由器也好了
3800-2#sh ntp status
Clock is synchronized, stratum 4, reference is 10.4.0.198
nominal freq is 249.5901 Hz, actual freq is 249.5901 Hz, precisionis 2**18
reference time is CDC76AC1.E66BD131 (15:31:13.900 CST Wed May 272009)
clock offset is -1.7494 msec, root delay is 234.01 msec
root dispersion is 15947.27 msec, peer dispersion is 15875.02msec
3800-2#



linux 与 ciscoNTP同步时的时区问题
路由器时间

26new#clock set 12:00:00 1 Jan 2001

26new#sh clock
12:01:24.726 UTC Mon Jan 12001
linux从路由器同步过来时间后,时间增加了8小时

[root@nm mac]# /usr/sbin/ntpdate 10.4.193.26
1 Jan 20:09:55 ntpdate[5400]: step time server10.4.193.26 offset 278.100526 se

[root@nm mac]# date
Mon Jan 1 20:09:58 CST 2001
两个时区UTC(格林威志0区) , CST(格林威志8区)相差8小时
UTC:GMT(Greenwich Mean Time)格林威治时间
CST:中国所在时区为CCT,CST在这里是Chinese Standard Time的缩写,是短显示名,CCT是时区名

解决:将CISCO上的时区设成 +8
26new(config)#clock timezone ?
WORD name of time zone

26new(config)#clock timezone CST ?
<-23 -23> Hours offset from UTC

26new(config)#clock timezone CST +8
26new(config)#exit
26new#sh clock
20:09:29.205 CST Mon Jan 12001设完后,cisco时间自动加了8小时


有几个public的Internet NTPSERVER,比如0.pool.ntp.org
D:Documents and SettingsAdministrator>ping0.pool.ntp.org

Pinging 0.pool.ntp.org [218.21.130.42] with 32 bytes of data:

Reply from 218.21.130.42: bytes=32 time=28ms TTL=55
Reply from 218.21.130.42: bytes=32 time=29ms TTL=55
Reply from 218.21.130.42: bytes=32 time=42ms TTL=55
Reply from 218.21.130.42: bytes=32 time=32ms TTL=55


中国国家NTP服务器地址: 210.72.145.44

在 Solaris 10上启动 ntpd
solaris ntp 的配置文件位于: /etc/inet/ntp.conf
svcs -l检查 xntp依赖的服务或者资源
#svcs -lsvc:/network/ntp:default
如果所有的资源都存在,则运行以下命令,这样 xntp 就已经重新启动了。
# svcadm enablesvc:/network/ntp
# svcadm refreshsvc:/network/ntp
# svcadm restartsvc:/network/ntp
显示当前service
# svcs | grep ntp
online 14:31:24 svc:/network/ntp:default

# ps -ef|grep ntp
/usr/lib/inet/xntpd












  
ntp生物 

爱华网本文地址 » http://www.413yy.cn/a/25101015/244121.html

更多阅读

如何购买阿里云服务器 阿里云搭建免流服务器

如何购买阿里云服务器——简介普通用户需要一直跑的软件,普通开发者没有自己的服务器,可能大家会选择一款租赁的服务器,这里就以阿里云服务器为例。如何购买阿里云服务器——工具/原料电脑联网。支付宝。如何购买阿里云服务器——方法

DNS服务器未响应怎么办? dns辅服务器未响应原因

DNS服务器未响应怎么办?——简介碰到这个情况的用户太多了,但是基本没有同一的解决方法,笔者当然也经常碰到,尤其是这几天,都快砸电脑了,太影响工作了,没有办法自己动手了,不过终于解决了,过程如下:DNS服务器未响应怎么办?——方法/步骤DNS服

怎样使用代理服务器? 如何使用代理服务器

代理服务器是网上提供转接功能的服务器,比如你想访问的目的网站是A,由于某种原因你不能访问到网站A或者你不想直接访问网站A(这样通过代理服务器网站A,对网站A而已可以隐藏你自己的身份 ,也就是不知道是谁访问的网站,而认为是代理服务器访

声明:《NTP ntp服务器》为网友暮夏那年开分享!如侵犯到您的合法权益请联系我们删除