Configure a NTP Client
Step 1: install ntp and ntpdate packages
#yum install ntp ntpdate
NTP communicates over UDP port 123. Ensure that no firewall is blocking this traffic.
Step 2: Enable upstream synchronization
Enable upstream synchronization by defining the upstream time servers in the ntp.conf file. Check with your network administrator if time services are provided on the corporate network.
Step 3: Configure downstream access for the client
To do so, disable the default "noquery" option. Here is an example
# Permit time synchronization with our time source,
# but do not permit the source to query or modify the service on this system.
restrict 10.0.1.244 mask 255.255.255.255 nomodify notrap noquery
restrict 10.0.1.245 mask 255.255.255.255 nomodify notrap noquery
restrict 10.0.1.246 mask 255.255.255.255 nomodify notrap noquery
# note: 10.0.1.244 are time1/time2/time3.aaa.com
Replace ips/hosts with the network address of your network. You may also need to adjust the netmask (255.255.255.0).
Remove the # character at the start of the line to uncomment this entry. Once you have finished editing, save the /etc/ntp.conf file.
Step 4: Start the NTP service and set it to launch automatically upon boot
# service ntpd start
# chkconfig ntpd on
Step 5: check upstream synchronization
When NTP is running, check upstream synchronization. The ntpq command should output something similar to this example:
# ntpq -p
remote refid st t when poll reach delay offset jitter
*time1.aaa.com 10.0.1.244 2 u 872 1024 377 0.221 0.265 0.023
+time2.aaa.com 10.0.1.245 2 u 864 1024 377 1.462 0.805 1.251
Delay and offset values should be non-zero and the jitter value should be below 100.
Step 6: Test downstream synchronization from another server
Test downstream synchronization from another server in the management network to ensure that NTP services are working. Note that it may take several minutes before your NTP server is able to provide time services to downstream clients. Begin by checking the stratum level of your server:
# ntpq -c rv
assID=0 status=06f4 leap_none, sync_ntp, 15 events, event_peer/strat_chg,
processor="x86_64", system="Linux/2.6.32-358.11.1.el6.x86_64", leap=00,
stratum=3, precision=-23, rootdelay=0.909, rootdispersion=30.394,
reftime=d5ca0f3e.853ac3fb Thu, Aug 29 2013 11:19:42.520, poll=10,
clock=d5ca0fa1.a1f315a4 Thu, Aug 29 2013 11:21:21.632, state=4,
offset=0.479, frequency=52.919, jitter=0.387, noise=0.318,
Issue the following command(debug mode):
# ntpdate -d time1.aaa.com
delay 0.02582, dispersion 0.00000
29 Aug 11:24:32 ntpdate: adjust time server 10.0.16.244 offset 0.000171 sec
This command runs ntpdate in debug mode, in which case the availability of the remote time server is checked. If the debug run ends in a line similar to the one in this example, the test is successful. In case the stratum level is too high(>=16), the error message "Server dropped: strata too high" is displayed.
When you find a satisfactory server, run the ntpdate command followed by one or more server addresses:
# ntpdate server_address...
# ntpdate time1 time2 time3
Unless an error message is displayed, the system time should now be set.
ntpdc is used to query the ntpd daemon about its current state and to request changes in that state. Here is one o fexample to query sysinfo
#ntpdc -c sysinfo
system peer: time1.aaa.com
system peer mode: client
leap indicator: 00
root distance: 0.00107 s
root dispersion: 0.03882 s
reference ID: [10.0.1.244]
reference time: d5ca133e.837307e5 Thu, Aug 29 2013 11:36:46.513
system flags: auth monitor ntp kernel stats
jitter: 0.000870 s
stability: 0.000 ppm
broadcastdelay: 0.007996 s
authdelay: 0.000000 s
Note: If the synchronization with the time server at boot time keeps failing, i.e., you find a relevant error message in the /var/log/boot.log system log, try to add the following line to /etc/sysconfig/network:
Also you could find more info in NTP client failed to syschronize time on boot
A NTP Client can also be a Server to other layer clients.
For a site NTP Server configuration, see NTP Server Configuration