Use OpenNTPD for time synchronisation

From PeformIQ Upgrade
Jump to navigation Jump to search

by Vincent Danen, TechRepublic

Traditionally, the time synchronisation application used on Linux systems has been ntpd (network time protocol daemon). However, for quite some time now, the developers behind OpenSSH have created a secure, lean, and easy to configure NTP daemon called OpenNTPD (http://www.openntpd.org/). Many Linux distributions provide OpenNTPD, but few use it as the default ntpd service.

The traditional NTP service provided with Linux distributions comes in a client/server flavor. The client, ntpdate, connects to an NTP service and sets the system clock accordingly, to keep the system clock as accurate as possible. Ntpd does the same thing, but keeps checking the time servers to keep the system clock accurate, as well as acts as an ntpd server to other clients.

However, if you look at the NTP package with most distributions, you will see a handful of applications: ntpdate, ntpd, ntpq, ntp-keygen, ntpstat, and more. Contrast that to what comes with OpenNTPD: ntpd -- one single application that acts as both client and server. With the use of its very straightforward configuration file, you can determine whether or not ntpd acts as just a client, or as both server and client. By default, ntpd acts as a client only.

Starting ntpd is extremely simple and has a small number of options. Most distributions that provide OpenNTPD will also provide an initscript to start it. If such an initscript is not available, simply add the following to /etc/rc.d/rc.local or a similar one-time startup script:

/usr/sbin/ntpd

This will start the ntpd service, and it will immediately begin checking the clock time against the configured remote NTP servers and adjust the clock as necessary.

To have ntpd act as a server, edit /etc/ntpd.conf and uncomment one of the "listen" lines, such as:

listen 192.168.0.10

This will make ntpd listen for incoming requests on the IP address 192.168.0.10, port 123.

If you have multiple machines and wish to have one act as the primary NTP server for your local network, use a configuration similar to the following for the NTP server:

listen 192.168.0.10 servers pool.ntp.org

On the client systems, simply use:

server 192.168.0.10

This will cause all the client systems to contact the defined NTP server on the local network, which will reduce extraneous traffic to the world-wide NTP servers. The primary NTP server still sets the clock according to the world-wide NTP servers, and that time information is then easily propagated to the clients.

Retrieved from "https://performiq.com/kb/index.php?title=Use_OpenNTPD_for_time_synchronisation&oldid=1943"