ntp时间同步

所有服务器：

1.安装

yum install -y ntp

2.自启动

chkconfig ntpd on

chkconfig --list ntpd

ntpd 0:关闭 1:关闭 2:启用 3:启用 4:启用 5:启用 6:关闭

配置内网****NTP-Server(192.168.204.111)

vim /etc/ntp.conf

# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# 允许内网其他机器同步时间
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.204.2 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html)..)
# 中国这边最活跃的时间服务器 : http://www.pool.ntp.org/zone/cn
server 210.72.145.44 perfer   # 中国国家受时中心
server 202.112.10.36             # 1.cn.pool.ntp.org
server 59.124.196.83             # 0.asia.pool.ntp.org

#broadcast 192.168.1.255 autokey        # broadcast server
#broadcastclient                        # broadcast client
#broadcast 224.0.1.1 autokey            # multicast server
#multicastclient 224.0.1.1              # multicast client
#manycastserver 239.255.254.254         # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# allow update time by the upper server
# 允许上层时间服务器主动修改本机时间
restrict 210.72.145.44 nomodify notrap noquery
restrict 202.112.10.36 nomodify notrap noquery
restrict 59.124.196.83 nomodify notrap noquery

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
# 外部时间服务器不可用时，以本地时间作为时间服务
server  127.127.1.0     # local clock
fudge   127.127.1.0 stratum 10

# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

配置文件修改完成，保存退出，启动服务。

service ntpd start

查看服务连接和监听

udp        0      0 192.168.204.111:123         0.0.0.0:*                               7382/ntpd
udp        0      0 127.0.0.1:123               0.0.0.0:*                               7382/ntpd
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               7382/ntpd
udp        0      0 fe80::250:56ff:fe32:bb8:123 :::*                                    7382/ntpd
udp        0      0 ::1:123                     :::*                                    7382/ntpd
udp        0      0 :::123                      :::*                                    7382/ntpd

看红色加粗的地方，表示连接和监听已正确，采用UDP方式

ntpstat 命令查看时间同步状态，我这个是同步本地的因为我的没有外网

 ntpstat
 
synchronised to local net at stratum 11
time correct to within 11 ms
polling server every 64 s

配置内网****NTP-Clients

vim /etc/ntp.conf

 # Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

restrict 192.168.204.111 nomodify notrap noquery

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html)..)

# 配置时间服务器为本地的时间服务器

server 192.168.204.111

# Undisciplined Local Clock. This is a fake driver intended for backup

# and when no outside source of synchronized time is available.

# 外部时间服务器不可用时，以本地时间作为时间服务

server  127.127.1.0     # local clock

fudge   127.127.1.0 stratum 10  #(3-10)

修改以上内容即可

ntpdate手动同步下时间

ntpdate -u 192.168.204.111

1 Nov 08:34:57 ntpdate[2813]: step time server 192.168.204.111 offset -33.763617 sec

如果失败no server suitable for synchronization found：看看防火墙是否关闭

service ntpd start

启动后，查看同步情况

ntpq -p

ntpstat

synchronised to NTP server (192.168.204.111) at stratum 12
time correct to within 7949 ms
polling server every 64 s

遇到的问题：同步 NTP server (192.168.204.111)不成功，检查配置文件一定要配置正确，

再重启
service ntpd restart

---

问题： #ntpstat

unsynchronised

time server re-starting

polling server every 64 s

–未同步，如果确定操作没问题就等一等，需要一点时间

---

ntpq -p出问题，检查hosts文件的127.0.0.1有没有映射

---

/etc/ntp.conf中的问题
1、不应该设置notrust
restrict 10.2.0.0 mask 255.255.0.0 notrust nomodify notrap
经过查阅之后，4.2版本之后的NTP rpm，在配置文件的这一句中应该把notrust去掉，否则会拒绝请求。

2、如果是不连接上层服务器的情况，必须配置以下信息
restrict 127.0.0.1
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10 #（stratum取值为3~10）