Linux NTP配置
环境
Cenos 6.6 X86_64
ntp服务端
配置/etc/ntpd.cn
修改/etc/ntpd.cnf,完成后结果如下,我们使用grep -v “^#” /etc/ntp.conf查看下
driftfile /var/lib/ntp/drift
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
restrict 192.168.31.0 mask 255.255.255.0 nomodify notrap
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org
server cn.pool.ntp.org prefer
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
启动ntpd服务
service ntpd start
添加防火墙
修改/etc/sysconfig/iptables添加如下条目,开放udp 123端口
-A INPUT -p udp -m state --state NEW -s 192.168.31.0/24 --dport 123 -j ACCEPT
查看服务状态
查看服务是否开启
service ntpd status
ntpstat查看运行状态,ntp服务是否与上层联机
[root@testsrv ~]# ntpstat
unsynchronised
polling server every 64 s
ntpq列出上层ntp状态
[root@testsrv~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*news.neu.edu.cn 202.118.1.47 2 u 28 64 37 127.321 201.540 98.977
+dns1.synet.edu. 202.118.1.46 2 u 29 64 27 102.763 186.822 93.444
dns2.synet.edu. 202.118.1.46 2 u 39 64 51 457.176 359.954 172.589
LOCAL(0) .LOCL. 10 l 108 64 76 0.000 0.000 0.000
ntp客户端
加入定时任务,每小时的第1分钟同步时间
crontab -e
1 * * * * /usr/sbin/ntpdate 192.168.31.10 && /sbin/hwclock --systohc
重启下定时任务
service crond restart