Sunday, 29 January 2017

NTP configuration in RHEL 7

The Network Time Protocol (NTP) enables the accurate dissemination of time and date information in order to keep the time clocks on networked computer systems synchronized to a common reference over the network or the Internet. Many standards bodies around the world have atomic clocks which may be made available as a reference. The satellites that make up the Global Position System contain more than one atomic clock, making their time signals potentially very accurate. Their signals can be deliberately degraded for military reasons. An ideal situation would be where each site has a server, with its own reference clock attached, to act as a site-wide time server. Many devices which obtain the time and date via low frequency radio transmissions or the Global Position System (GPS) exist. However for most situations, a range of publicly accessible time servers connected to the Internet at geographically dispersed locations can be used. These NTP servers provide “Coordinated Universal Time” (UTC). Information about these time servers can found at www.pool.ntp.org.
Accurate time keeping is important for a number of reasons in IT. In networking for example, accurate time stamps in packets and logs are required. Logs are used to investigate service and security issues and so time stamps made on different systems must be made by synchronized clocks to be of real value. As systems and networks become increasingly faster, there is a corresponding need for clocks with greater accuracy and resolution. In some countries there are legal obligations to keep accurately synchronized clocks. Please see www.ntp.org for more information. In Linux systems, NTP is implemented by a daemon running in user space. The default NTP user space daemon in Red Hat Enterprise Linux 7 is chronyd. It must be disabled if you want to use the ntpd daemon.

[root@RHEL7 ~]# systemctl stop chronyd
[root@RHEL7 ~]# systemctl disable chronyd
[root@RHEL7 ~]# yum install ntp
Configure ntp.conf file like shown below
[root@RHEL7 ~]# cat /etc/ntp.conf
tinker panic 0
driftfile /var/lib/ntp/drift
restrict default nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict ::1
server 10.18.17.32 iburst
server 10.18.17.33 iburst
server 10.18.11.30 iburst
server 10.18.11.31 iburst
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor
[root@RHEL7 ~]# systemctl restart ntpd
[root@RHEL7 ~]# systemctl status ntpd
[root@RHEL7 ~]# systemctl enable ntpd
[root@RHEL7 ~]# ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 10.18.17.32    .INIT.          16 u    - 1024    0    0.000    0.000   0.000
 10.18.17.33    .INIT.          16 u    - 1024    0    0.000    0.000   0.000
*10.18.11.30    10.18.11.30     5 u  261  512  377    0.827   -8.280  10.270
+10.18.11.31    10.18.11.30     5 u  497  512  377    0.720  -23.474  11.101

[root@RHEL7 ~]# ntpstat
synchronised to NTP server (10.18.11.30) at stratum 6
   time correct to within 388 ms
   polling server every 512 s
[root@RHEL7 ~]#

timedatectl command gives a detailed info about system time and date

[root@RHEL7 ~]# timedatectl
      Local time: Thu 2015-12-31 00:27:00 CST
  Universal time: Thu 2015-12-31 06:27:00 UTC
        RTC time: Thu 2015-12-31 06:27:00
       Time zone: America/Chicago (CST, -0600)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: no
 Last DST change: DST ended at
                  Sun 2015-11-01 01:59:59 CDT
                  Sun 2015-11-01 01:00:00 CST
 Next DST change: DST begins (the clock jumps one hour forward) at
                  Sun 2016-03-13 01:59:59 CST
                  Sun 2016-03-13 03:00:00 CDT

1 comment: