Configure a NTP Client

 

Step 1: install ntp and ntpdate packages

#yum install ntp ntpdate

Note:
NTP communicates over UDP port 123. Ensure that no firewall is blocking this traffic.

Step 2: Enable upstream synchronization

Enable upstream synchronization by defining the upstream time servers in the ntp.conf file. Check with your network administrator if time services are provided on the corporate network.

server time1.aaa.com
server time2.aaa.com
server time3.aaa.com

Step 3: Configure downstream access for the client

To do so, disable the default "noquery" option. Here is an example

# Permit time synchronization with our time source,
# but do not permit the source to query or modify the service on this system.

restrict 10.0.1.244 mask 255.255.255.255 nomodify notrap noquery
restrict 10.0.1.245 mask 255.255.255.255 nomodify notrap noquery
restrict 10.0.1.246 mask 255.255.255.255 nomodify notrap noquery
# note: 10.0.1.244 are time1/time2/time3.aaa.com

Replace ips/hosts with the network address of your network. You may also need to adjust the netmask (255.255.255.0).
Remove the # character at the start of the line to uncomment this entry. Once you have finished editing, save the /etc/ntp.conf file.

Step 4: Start the NTP service and set it to launch automatically upon boot

# service ntpd start
# chkconfig ntpd on

Step 5: check upstream synchronization

When NTP is running, check upstream synchronization. The ntpq command should output something similar to this example:

# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*time1.aaa.com      10.0.1.244    2 u  872 1024  377    0.221    0.265   0.023
+time2.aaa.com      10.0.1.245    2 u  864 1024  377    1.462    0.805   1.251
...

Delay and offset values should be non-zero and the jitter value should be below 100.

Step 6: Test downstream synchronization from another server

Test downstream synchronization from another server in the management network to ensure that NTP services are working. Note that it may take several minutes before your NTP server is able to provide time services to downstream clients. Begin by checking the stratum level of your server:

#  ntpq -c rv
assID=0 status=06f4 leap_none, sync_ntp, 15 events, event_peer/strat_chg,
version="ntpd This email address is being protected from spambots. You need JavaScript enabled to view it. Fri Feb 22 03:55:10 UTC 2013 (1)",
processor="x86_64", system="Linux/2.6.32-358.11.1.el6.x86_64", leap=00,
stratum=3, precision=-23, rootdelay=0.909, rootdispersion=30.394,
peer=17306, refid=10.0.16.244,
reftime=d5ca0f3e.853ac3fb  Thu, Aug 29 2013 11:19:42.520, poll=10,
clock=d5ca0fa1.a1f315a4  Thu, Aug 29 2013 11:21:21.632, state=4,
offset=0.479, frequency=52.919, jitter=0.387, noise=0.318,
stability=0.024, tai=0

Issue the following command(debug mode):

# ntpdate -d time1.aaa.com
[...]
delay 0.02582, dispersion 0.00000
offset 0.000171

29 Aug 11:24:32 ntpdate[19421]: adjust time server 10.0.16.244 offset 0.000171 sec

This command runs ntpdate in debug mode, in which case the availability of the remote time server is checked. If the debug run ends in a line similar to the one in this example, the test is successful. In case the stratum level is too high(>=16), the error message "Server dropped: strata too high" is displayed.

When you find a satisfactory server, run the ntpdate command followed by one or more server addresses:

# ntpdate server_address...

For instance:

# ntpdate time1 time2 time3

Unless an error message is displayed, the system time should now be set.

ntpdc is used to query the ntpd daemon about its current state and to request changes in that state. Here is one o fexample to query sysinfo

#ntpdc -c sysinfo
system peer:          time1.aaa.com
system peer mode:     client
leap indicator:       00
stratum:              3
precision:            -23
root distance:        0.00107 s
root dispersion:      0.03882 s
reference ID:         [10.0.1.244]
reference time:       d5ca133e.837307e5  Thu, Aug 29 2013 11:36:46.513
system flags:         auth monitor ntp kernel stats
jitter:               0.000870 s
stability:            0.000 ppm
broadcastdelay:       0.007996 s
authdelay:            0.000000 s

More

Note:  If the synchronization with the time server at boot time keeps failing, i.e., you find a relevant error message in the /var/log/boot.log system log, try to add the following line to /etc/sysconfig/network:

NETWORKWAIT=1

 Also you could find more info in NTP client failed to syschronize time on boot

 A NTP Client can also be a Server to other layer clients.

For a site NTP Server configuration, see NTP Server Configuration