適用OS:CentOS 7
安裝:
yum install ntp -y
設定:
主要設定檔 /etc/ntp.conf
vim /etc/ntp.conf
restrict tock.stdtime.gov.tw
restrict tick.stdtime.gov.tw
restrict time.stdtime.gov.tw
#restrict 211.22.103.157
#restrict 118.163.81.62
#restrict 118.163.81.61
restrict 10.0.0.0 mask 255.0.0.0 nomodify
可用上面也可用下面,用IP address萬一NTP server搬家就比較麻煩了,下面ip對應上方的server,
這是限制可以修改ntp server的主機,我的區網IP網段是10.,nomodify限制只能讀不能改。
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server tock.stdtime.gov.tw prefer
server tick.stdtime.gov.tw
server time.stdtime.gov.tw
#server 211.22.103.157 prefer
#server 118.163.81.62
#server 118.163.81.61
這是設定上層NTP server主機名稱或是ip位址,紅色部份是centos安裝後預設的server,
註記掉後改用台灣的server,下方主機名稱與ip同上。
設好儲存檔案之後離開。
接下來修改 /etc/sysconfig/ntpd,設定 BIOS 的時間也同步調整
vim /etc/sysconfig/ntpd
# Drop root to id 'ntp:ntp' by default.
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
SYNC_HWCLOCK=yes
啟動ntpd
systemctl start ntpd
設定開機時啟動ntpd
systemctl enable ntpd
檢查是否有正確執行(需要等一段時間讓ntp server與上層同步完成):
ntpstat
synchronised to NTP server (211.22.103.157) at stratum 3
time correct to within 104 ms
polling server every 64 s
出現以上字樣即表示已經與上層server完成同步。
也可以使用 ntpq -p 指令檢查time server設定是否正確:
ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*211-22-103-157. 192.168.0.2 2 u 16 64 377 14.384 -33.557 10.717
+118-163-81-62.H 192.168.0.2 2 u 18 64 377 14.019 -49.612 10.504
+118-163-81-61.H 192.168.0.3 2 u 20 64 377 14.273 -30.676 12.552
到此完成時間伺服的安裝與設定。
完整 nptd.conf 如下,可以直接copy去用:
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
restrict tock.stdtime.gov.tw
restrict tick.stdtime.gov.tw
restrict time.stdtime.gov.tw
#restrict 211.22.103.157
#restrict 118.163.81.62
#restrict 118.163.81.61
restrict 10.0.0.0 mask 255.0.0.0 nomodify
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server tock.stdtime.gov.tw prefer
server tick.stdtime.gov.tw
server time.stdtime.gov.tw
#server 211.22.103.157 prefer
#server 118.163.81.62
#server 118.163.81.61
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
懶得慢慢打字或者是怕打錯字的話,可以直接下載我修改過後的設定檔,
看是要直接用或者是進行一些設定上的修改後再用都行,
設定檔已經全部改用台灣的上層NTP主機,可以讓校時快又準確。
同一個區網中可以讓其他台電腦或是NB將校時時鐘設定為本機器,
一來可以節省不少同步時間,二來也比較安全。
下載範例檔:
安裝與測試影片
範例中我先下載了ntp.conf設定檔並放在我個人帳號的upload目錄,
所以yum安裝完後我直接將我下載的設定檔覆寫到/etc目錄下的同名設定檔,
然後啟動ntpd,並檢查設定是否正確,ntpd伺服器的工作是否正常。
留言列表
Ardiuno (5)
