Linux下NTPD服务器构建实践(linux下ntp服务器)
随着科技的发展,NTPD(Network Time Protocol Daemon)网络时间协议守护进程已经被广泛用于时间同步。NTPD的相关服务可以帮助我们更方便的控制各类系统服务。本文主要介绍NTPD服务在Linux 平台下的搭建和配置实践。
## 一、Linux 平台的NTPD安装
首先我们可以使用命令`yum install ntp`来安装NTPD服务:
“`shell
[root@localhost ~]# yum install ntp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.zju.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.zju.edu.cn
Resolving Dependencies
…
Installed:
ntp.x86_64 0:4.2.6p5-12.el7
Complete!
安装完成后,在/etc/ntp.conf文件中可以看到ntpd默认的配置,具体内容如下:
```shell[root@localhost ~]# cat /etc/ntp.conf
# Permit time synchronization with our time source, but do not# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could# be tightened as well, but to do so would effect some of
# the administrative functions.restrict 127.0.0.1
# Hosts on local network are less restricted.#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.orgserver 1.centos.pool.ntp.org
server 2.centos.pool.ntp.orgserver 3.centos.pool.ntp.org
#broadcast 192.168.1.255 autokey # broadcast server#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.#requestkey 8
# Specify the key identifier to use with the ntpq utility.#controlkey 8
# Enable writing of statistics records.#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.# Note: Monitoring will not be disabled with the restricted expression as the
# default restrict line will not usually contain the noquery flag.disable monitor
# Additional options
# Additional options for ntpd include the following:
#-A modify the NTPD access control list#-d enable debugging
#-e set the maximum allowed skew in seconds#-f set the frequency adjustment
#-g allow the time to jump more than one second#-l log all messages
#-n turn off all NTP processing#-p set the precision of the service
#-q adjust the time immediately when started#-r set the interval between polls
#-s set the total number of seconds to wait#-t permit time changes
#-u allow insecure NTP clients#-v enable verbosity
## 二、NTPD服务配置
接下来我们需要修改/etc/ntp.conf文件,添加NTP服务器的IP地址,一般可以在网上搜索到NTP服务器的IP地址。例如:
“`shell
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
我们可以添加谷歌的NTP服务器到本文件中:
```shellserver time.google.com
在修改完/etc/ntp.conf文件后,我们要启动NTPD服务,可以使用下面的命令:
“`shell
systemctl start ntpd
之后可以使用`ntpq -p`命令查看当前server是否正常工作:
```shell[root@localhost ~]# ntpq -p
remote refid st t when poll reach delay offset jitter==============================================================================
203.66.1.10 202.97.40.5 3 u 44 64 377 107.550 -17.340 16.129*time.google.co .INIT. 16 u 35 64 377 572.467 -22.347 1.300
可以看到第一行显示*表示服务器已经连接上,开始进行时间同步。
## 三、总结
经过上面的实践,我们已经了解到如何在Linux平台安装和配置NTPD服务,NTPD服务的主要功能就是帮助系统进行时间同步,可以保证系统时间的正确性。
