标签:ubuntu16.04 12 17 ntp sudo server restrict org pool
ntp时间同步,大体步骤是将服务器端和客户端配置好,然后设定同步的频率,记得重新运行ntp服务,重启即可。
步骤总结如下:
一 服务器端(server)
1. 安装ntp与ntpdate
$ sudo apt-get install ntp
$ sudo apt-get install ntpdate
2. server服务器端修改配置文件
$ sudo gedit /etc/ntp.conf
然后对照以下内容修改配置文件:
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# Specify one or more NTP servers.
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
#linux自带的时间同步,需要注释掉
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst
# Use Ubuntu's ntp server as a fallback.
#pool ntp.ubuntu.com
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
#因为是内网,所以用本地时间做为服务器时间,注意这里不是127.0.0.1
server 127.127.1.0
fudge 127.127.1.0 stratum 8
#开放192.168.8.0 整个网段,即在这个网段的所有机器都可以使用 214 作为时间同步服务端
restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
# Needed for adding pool entries
restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
#Changes recquired to use pps synchonisation as explained in documentation:
#http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm#AEN3918
#server 127.127.8.1 mode 135 prefer # Meinberg GPS167 with PPS
#fudge 127.127.8.1 time1 0.0042 # relative to PPS for my hardware
#server 127.127.22.1 # ATOM(PPS)
#fudge 127.127.22.1 flag3 1 # enable PPS API3. 设置完成退出保存,然后重启ntp服务
$ sudo service ntp restart
至此,服务器端ntp配置完成。
二 客户端(client)
1. 与服务器端相同,需要ntp与ntpdate
$ sudo apt-get install ntp
$ sudo apt-get install ntpdate
2. 修改配置文件,client的配置相对简单
$ sudo gedit /etc/ntp.conf
对照以下内容修改
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# Specify one or more NTP servers.
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
#linux自带的时间同步,需要注释掉
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst
# Use Ubuntu's ntp server as a fallback.
#pool ntp.ubuntu.com
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
#增加214作为时间服务器即可
server 192.168.0.214
# Needed for adding pool entries
restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
#Changes recquired to use pps synchonisation as explained in documentation:
#http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm#AEN3918
#server 127.127.8.1 mode 135 prefer # Meinberg GPS167 with PPS
#fudge 127.127.8.1 time1 0.0042 # relative to PPS for my hardware
#server 127.127.22.1 # ATOM(PPS)
#fudge 127.127.22.1 flag3 1 # enable PPS API3. 修改完以后退出,重启ntp服务
$ sudo service ntp restart
三 链接服务器端与客户端
1. 首先在客户端使用ping命令查看能否连接到服务器端
$ ping 192.168.0.3(这里是服务器IP)
2. 如果能否ping通,首先在客户端上关闭ntp服务,然后测试一下手动同步能否成功
$ sudo /etc/init.d/ntp stop
$ ntpdate 192.169.……(ntp 服务器地址)
这里注意,每次手动同步之前都要先停止ntp服务,即以上两行指令必须成对输入,因为ntp服务一般会随机自动启动。。第一次对时可能误差较大,重复以上指令几次,直到命令行显示的差值接近0,即算完成同步
3. 如果手动同步测试成功,就可以进行自动同步的配置了。
方法一(不推荐):如果etc目录下存在ntp.conf文件,输入指令$ sudo gedit /etc/ntp.conf,在文件中添加以下语句
server 192.168.……(ntp服务器地址)保存并退出,电脑中会有一个进程自动去读取该配置文件,并跟随服务器间隔一定时间进行一次对时。具体间隔时间不可查,正常情况下服务器是一台工控机,属性由机器本身决定。
方法二(推荐,更新频率可选)如果etc目录下不存在ntp.conf文件,或者想自己决定同步的频率,可输入指令$ sudo gedit /etc/crontab,在最后一行文本,文本内容如下:
***** user command第1个 * 表示分钟:取值范围为1~59,当需要一分钟执行一次时,可表示为 * /1,以下均同;
第2个 * 表示小时:取值范围0~23
第3个 * 表示日期:取值范围1~31
第4个 * 表示月份:取值范围1~12
第5个 * 表示星期:取值范围:0~6(0表示星期天)
user为需要执行该命令的用户,command表示要运行的命令
例如,我需要在root用户下一分钟自动对时一次,则命令为:
*/1 * * * * root ntpdate 192.168.……(ntp服务器地址)保存退出,重启客户端即可。
四 其他(随时补充)
1. 如果想看一下连接情况,可以在服务器端或者客户端输入以下命令
$ sudo ntpq -p
该命令列出了所有作为时钟源校正过本地NTP服务器时钟上层NTP服务器的列表,详细解读 https://www.cnblogs.com/zxiaozhou/p/13355415.html
2. 几个ntp服务的相关命令
启动 $ sudo service ntpstart
停止 $ sudo service ntp stop
重新启动 $ sudo service ntprestart
标签:ubuntu16.04,12,17,ntp,sudo,server,restrict,org,pool 来源: https://blog.csdn.net/qq_17495453/article/details/111331527
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。