Configure a NTP Server

This article is an addtion to the article Config NTP Client.

If you have lots of server and desktop system, configure your own NTP server would be a good choice. Your NTP server contacts a central NTP server,provided by your local gps time server or a public time server located at ntp.org, to obtain accurate time data. The server then allows other machines on your network to request the time data.

Sample setup:

in /etc/ntp.conf, for example on time1.aaa.com

server gpstime.aaa.com iburst prefer maxpoll 6
peer time2.aaa.com
peer time3.aaa.com
server  127.127.1.0
Of course, some restricions
# Prohibit general access to this service.
restrict default ignore

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1

restrict vlan1 mask 255.255.224.0 nomodify notrap #noquery
restrict vlan2 mask 255.255.0.0 nomodify notrap
restrict vlan3 mask 255.255.255.0 nomodify notrap
...

Replace van1-3 with you real vlan subnet, as well mask

Note: Remember to change iptables for client access !

Start the service

 # service ntpd start

Use ntpdc to query the ntpd daemon sysinfo

# ntpdc -c sysinfo
system peer: gpstime.aaa.com
system peer mode: client
leap indicator: 00
stratum: 2
precision: -20
root distance: 0.00072 s
root dispersion: 0.00586 s
reference ID: []
reference time: d5ca15d6.ae9a9eea Thu, Aug 29 2013 11:47:50.682
system flags: auth monitor ntp kernel stats
jitter: 0.000076 s
stability: 0.000 ppm
broadcastdelay: 0.007996 s
authdelay: 0.000000 s

Check connectivity information

To look at connection information, run this command on each nat box:

# ntpdc -n -c sysinfo -c peers -c monlist

See the server relationship, look at time1 and time2, for example:

$ /usr/sbin/ntpq -c peers time1

If you have a hard time to get your client work after reboot, see NTP client failed to syschronize system on boot