Install and Configure NTP server and client in RHEL 7

NTP stands for  Network Time Protocol.  NTP is an Internet protocol used to synchronise the clocks of computers to some time reference. Network time protocol plays an major role in various situations its very important and crucial below are few advantages of NTP. In this article we are going to see How to install and configure NTP server and Client in RHEL 7 / Centos 7.

  1.  Event Logging required NTP to synchronise because each and every log will be logged based on time stamp
  2. Cluster Heart beat always depends on NTP (If other node in cluster is not sent and heart beat within the given seconds node will switched over)
  3. Execute an cronjobs on time (defined time) crontab schedules works in time
  4. NTP uses UTC for real time synchronisation 

NTP Server profile

Packages : ntp*

Port Number : 123

Daemon Name : NTPD

Install and Configure NTP server and client in RHEL 7

Install the NTP packeges using yum command – Server side configuration

[root@TechTutorials ~]# yum install -y ntp*

Allow NTP protocol to communicate with clients

[root@TechTutorials ~]# firewall-cmd --permanent --add-service=ntp 
Success
[root@TechTutorials ~]# firewall-cmd --reload
Success

OR
[root@TechTutorials ~]# firewall-cmd --permanent --add-port=123/tcp
Success
[root@TechTutorials ~]# firewall-cmd --reload
Success

start and enable NTP service

[root@TechTutorials ~]# systemctl enable ntpd.service 
ln -s '/usr/lib/systemd/system/ntpd.service' '/etc/systemd/system/multi-user.target.wants/ntpd.service'
[root@TechTutorials ~]# systemctl start ntpd.service 
[root@TechTutorials ~]# systemctl status ntpd.service 
ntpd.service - Network Time Service
 Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled)
 Active: active (running) since Mon 2016-06-13 12:39:14 IST; 5s ago
 Process: 3738 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 3740 (ntpd)
 CGroup: /system.slice/ntpd.service
 └─3740 /usr/sbin/ntpd -u ntp:ntp -g

edit main configuration file and make changes as required to configure NTP

[root@TechTutorials ~]# vim /etc/ntp.conf
# Default Line number 8
restrict default kod nomodify notrap noquery nopeer     -->>> allows other clients to query time server
restrict -6 default kod nomodify notrap noquery nopeer   --->> allows forces DNS resolution to IPV6 address resolution

:wq

noquary –  dumping status data from ntpd
nopeer  –   all packets attempts to start a peer association
notrap  –   control message trap service
kod     –     packet is sent to reduce unwanted queries
nomodify – all ntpq queries that attempts to modification the server

Allow Only Specific Clients

To only allow systems on own network to synchronise with  NTP server, add the following lines to /etc/ntp.conf file for restrict

restrict 192.168.4.120 mask 255.255.255.0 nomodify notrap

for  localhost needs to have the full access to query or modify

restrict 127.0.0.1

add local time as backup

add the local clock to main configuration file in ntp.conf

server  <ip address>        # local clock
fudge   127.127.1.0 stratum 10

Stratum is used to synchronise the time with the server based on distance. Stratum-0 is a device which can’t be used in the network which is directly connected to NTP server. Stratum-1 will synchronise the time using GPS transmission, CDMA technology assume to be accurate or no delay associated with it. Local time update in NTP server we can make use of Stratum-0 and Stratum-1.
stratum-0 devices are used as reference clock
stratum-1 as a primary network time standard

stratum-0 and stratum-1

define ntp to generate logs which are very useful in troubleshooting methods

set the log file and the drift file location in main configuration file  ntp.conf. Edit main configuration file /etc/nfp.conf and add below entries

driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp.log

[root@TechTutorials ~]# systemctl restart ntpd

NTP Client side Configuration

configuring NTP client to synchronize with NTP server. To enable time synchronisation between server and client we can make use of GUI interface as well as CLI interface.

Adding NTP client settings 

[root@TechTutorials ~]# yum install system-config-date
[root@TechTutorials ~]# system-config-date

NTP client configuration in GUI

When you type “system-config-date” above popup will open. As shown above please select “Synchronise Date and Time over Network”

If NTP servers exists delete them and add your NTP server by clicking on “Add” button. Select “speed up initial synchronisation” then Click OK.

That’s from GUI interface your system is now NTP client.

 

From CLI mode

[root@TechTutorials ~]# vim /etc/chrony.conf
## Go to last line (SHIFT+G)and add below strings

server 0.rhel.pool.ntp.org iburst
server 192.168.4.120 prefer

:wq

prefer: it specified that server is preferred over other servers.

now start the ntpd service

[root@TechTutorials ~]# systemctl start ntpd

now check the ntp status

[root@TechTutorials ~]# ntpq -p

set local time and date

[root@TechTutorials ~]# ntpdate -u 192.168.4.120

That’s about install and configure NTP server and client in RHEL 7

Please do comment your feedback

Thanks for your wonderful Support and Encouragement

ARK

My Name is ARK. Expert in grasping any new technology, Interested in Sharing the knowledge. Learn more & Earn More

7 Responses

  1. blank Rainer S. says:

    Shift-g in vim to go to the end, not Ctrl-g

  2. The configuration aspects in the article are fairly well done. However, I found the ntpd/chrony aspect confusingly handled.

    Both ntpd and chrony are software packages implementing the NTP protocol, and both can serve as an NTP client and NTP server. As such, I’m not sure why you elected to use ntpd for the server-side component, and chrony for the client-side. The RHEL/CentOS default time software with RHEL/CentOS 7 is chrony. Additionally, although both packages were used, the article didn’t make it clear that there were two different pieces of software being used, or explain why it was done that way.

    • I understand your concern Christopher, I have added chrony client side configuration because some of the users they may not have GUI interface to do above steps. Ofcourse if you do from /etc/ntpd.conf OR /etc/chrony.conf are same.

  3. blank Glenn says:

    I think if you are ONLY configuring the client, you should start chronyd, (not ntpd)

  4. blank IQBAL SHAIKH says:

    Excellent information, good stuff

  5. blank Lili Hunag says:

    it works, thank you for the information

  6. blank David says:

    Under Allow NTP protocol to communicate with clients, you list this line for the firewall. Should it be udp instead of tcp?

    [root@TechTutorials ~]# firewall-cmd –permanent –add-port=123/tcp
    Success

Leave a Reply

Your email address will not be published.