According to the Red Hat Exam Prep Guide, you need to be able to synchronize clients with a higher stratum server. The term stratum is used to define different levels, from 1 to 15, of time servers that are available to sync with. A stratum 1 time server is the most accurate. For load balancing and redundancy, you would probably want to configure a primary NTP server and a secondary NTP server to sync with a stratum 1 time server. Now let’s look more closely at both the server and client side of NTP.
Configure NTP server
Step 1. Verify that the package has been installed:
# rpm -qa | grep ntp
To configure the primary NTP server, let’s look at part of the config file that comes with the system:
#vim /etc/ntp.conf
...
server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org
...
#server 127.127.1.0
#fudge 127.127.1.0 stratum 10
The first three lines shown here are the Internet (public) NTP servers that you sync with for the correct time. The fourth server option, which is usually based on the BIOS click if used.
Step 2. Start the NTP service:
# service ntpd start
Client configuration:
With the server configured, you can turn your attention over to one of the client systems. For this example, use the Client01 system to sync with the server1 (192.168.1.100) primary NTP server.
Define server1 as the primary time server and make sure the driftfile line is uncommented:
#vim /etc/ntp.conf
...
Server 192.168.1.100
driftfile /var/lib/ntp/drift
Step 1. Use iptables to create the required firewall rules:
# iptables -I INPUT -p udp -m udp --dport 123 -j ACCEPT
# iptables -I INPUT -p tcp -m tcp --dport 123 -j ACCEPT
Step 2. Save the firewall rules you just created:
# service iptables save
Step 3. Then restart the iptables service:
# service iptables restart
#service ntpd restart
Step 4. Specify the upstream server that you want to sync against:
# ntpdate 0.rhel.pool.ntp.org
Step 5. Start the service again:
# service ntpd start
Step 6. Verify that the time is accurate with the date command:
# date
The next troubleshooting command is ntpq, which enables you to query for other NTP servers. Here, the only concern is the -p option, which polls for other NTP servers:
# ntpq -p
Configure NTP server
Step 1. Verify that the package has been installed:
# rpm -qa | grep ntp
To configure the primary NTP server, let’s look at part of the config file that comes with the system:
#vim /etc/ntp.conf
...
server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org
...
#server 127.127.1.0
#fudge 127.127.1.0 stratum 10
The first three lines shown here are the Internet (public) NTP servers that you sync with for the correct time. The fourth server option, which is usually based on the BIOS click if used.
Step 2. Start the NTP service:
# service ntpd start
Client configuration:
With the server configured, you can turn your attention over to one of the client systems. For this example, use the Client01 system to sync with the server1 (192.168.1.100) primary NTP server.
Define server1 as the primary time server and make sure the driftfile line is uncommented:
#vim /etc/ntp.conf
...
Server 192.168.1.100
driftfile /var/lib/ntp/drift
Step 1. Use iptables to create the required firewall rules:
# iptables -I INPUT -p udp -m udp --dport 123 -j ACCEPT
# iptables -I INPUT -p tcp -m tcp --dport 123 -j ACCEPT
Step 2. Save the firewall rules you just created:
# service iptables save
Step 3. Then restart the iptables service:
# service iptables restart
#service ntpd restart
Step 4. Specify the upstream server that you want to sync against:
# ntpdate 0.rhel.pool.ntp.org
Step 5. Start the service again:
# service ntpd start
Step 6. Verify that the time is accurate with the date command:
# date
The next troubleshooting command is ntpq, which enables you to query for other NTP servers. Here, the only concern is the -p option, which polls for other NTP servers:
# ntpq -p
No comments:
Post a Comment