Open in app

Sign in

Write

Sign in

NTP Configuration and issues

Ashokdatla
2 min readMar 6, 2020

--

we configured new ntp server

A)NTP Server Configuration

1. Install the required ntp package on the server.

# yum install ntp

2. Ensure the following entries are in ntp configuration file /etc/ntp.conf.

# cat /etc/ntp.conf
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org
restrict 10.10.10.0 mask 255.255.255.0 nomodify notrap
driftfile /var/lib/ntp/drift
keys /etc/ntp/keys

As per the configuration file the NTP servers servers only to the NTP clients in the subnet 10.10.10.0/24. You can get the public NTP servers specific to your region from pool.ntp.org.

In the /etc/ntp.conf file you will have to mention the NTP server(s) in your environment.

3. Now you can start the ntpd service.

For RHEL 5,6:
# service ntpd start

For RHEL 7:
# systemctl start ntpd.service

— — — — — — — — — — — — — — — — — — — — — — — — — — —

B) NTP Client Configuration

1. For client NTP configuration, add the below configuration in the /etc/ntp.conf file.

# cat /etc/ntp.conf
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
server ntp.server.com
driftfile /var/lib/ntp/drift
keys /etc/ntp/keys
Here, ntp.server.com is the server you configured as NTP server in the example shown at the start of the post. There can be multiple NTP servers for redundancy purpose. Add a new line for each of the NTP servers in the /etc/ntp.conf file.

2. Start the ntpd service on the ntp client server.
For RHEL 5,6:

# service ntpd start
For RHEL 7:

# systemctl start ntpd.service

c) ISSUES IDENTIFIED IN NTP SERVER AND CLIENT MACHINE

1)if correct NTP server enteries not available in client config file, it will get authentication problems and it will get time out, like permission denied.

2)NTP Connection Error in san box 79501 : Failed to synchronize cluster time to NTP server

check
#iptables — help
#iptables -L

here is problem, blocking so many rules
first copy iptables to tmp
#iptables-save > /tmp/out
#vi /tmp/out
now remove rules
#iptables -F
#getenforce
#setenforce 0
#iptables -L
now there is no rules all are chain and target see below image

--

--

Ashokdatla

Written by Ashokdatla

2 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams