参考资料:https://www.netburner.com/learn/how-to-set-up-an-ntp-server-on-your-network/
一. 基本概念
NTP是网络时间协议(Network Time Protocol),它是用来同步网络中各个计算机的时间的协议。

在计算机的世界里,时间非常地重要,例如对于火箭发射这种科研活动,对时间的统一性和准确性要求就非常地高,是按照A这台计算机的时间,还是按照B这台计算机的时间?NTP就是用来解决这个问题的,NTP(Network Time Protocol,网络时间协议)是用来使网络中的各个计算机时间同步的一种协议。它的用途是把计算机的时钟同步到世界协调时UTC,其精度在局域网内可达0.1ms,在互联网上绝大多数的地方其精度可以达到1-50ms。

它可以使计算机对其服务器或时钟源(如石英钟,GPS等等)进行时间同步,它可以提供高精准度的时间校正,而且可以使用加密确认的方式来防止恶毒的协议攻击。


0层的服务器采用的是原子钟、GPS钟等物理设备,stratum 1与stratum 0 是直接相连的,往后的stratum与上一层stratum通过网络相连,同一层的server也可以交互。

1、C/S合一
ntpd对下层client来说是service server,对于上层server来说它是client,也就是说新版的NTP服务程序已经不对服务端和客户端进行区分了,统一叫做ntpd。ntpd根据配置文件的参数决定是要为其他服务器提供时钟服务或者是从其他服务器同步时钟。所有的配置都在/etc/ntp.conf文件中。

2、NTP客户端同步间隔
NTP服务会间隔多长时间想时钟服务器请求一次时钟同步呢?默认最小时间间隔为64s,默认最大时间间隔是1024s(17分钟左右)。64s是比较合理的,默认间隔也是可调的(Note that most device drivers will not operate properly if the poll interval is less than 64 s and that the broadcast server and manycast client associations will also use the default, unless overridden.)。

3、容忍误差范围
NTP服务并不是在任何情况下都会进行同步的。当时钟服务器时间和本地时间相差大于1000s时,NTP服务就会认为是人为调整了时钟或出现了硬件故障,例如CMOS电池损坏等。此时,NTP服务就会退出,需要人工(ntpdate …)进行时钟同步。

采用-g选项可以让ntpd忽略1000s或更大误差,设置时钟到server system time, 但是ntpd还是会因此退出。

4、层次(strata)

Stratum
Now, back to the business of stratum. NTP Servers are generally categorized into several tiered categories with respect to timing accuracy. These categories are referred to as stratum. As the stratum number increases, the accuracy of the time generally decreases. The NetBurner GPS NTP Server is a Stratum 1 device connected directly to a GPS time module.

Stratum 0 devices are devices such as atomic, GPS, and radio clocks. These devices offer the highest accuracy, but are not usually publicly accessible.
Stratum 1 devices are network servers that are connected directly to stratum 0 devices. Some public stratum 1 devices can be found, but they often come with usage restrictions, including limiting the number of requests and limiting usage for commercial devices.
Stratum 2 devices are network servers that synchronize their time to one or more stratum 1 or 2 devices. Public, open use NTP servers often fall in to this category.
Stratum numbers can keep increasing, up to a theoretical stratum 256 device. However, any device listed as stratum 16 or greater should be considered inaccurate.[1]
stratum根据上层server的层次而设定(+1)。

对于提供network time service provider的主机来说,stratum的设定要尽可能准确。

而作为局域网的time service provider,通常将stratum设置为10 (Stratum 10 is conventional for unsynchronized local clocks; it is high enough that nobody is likely to mistake it for a desirable clock to synchronize with.),如下:

server  127.127.1.0     # local clock
fudge   127.127.1.0     stratum 10
#stratum设置为其它值也是可以的,其范围为0~15

二、设置与启动
文件路径:/etc/ntp.conf

1. 先处理权限方面的问题,包括放行上层服务器以及开放局域网用户来源:

restrict default kod nomodify notrap nopeer noquery     <==拒绝 IPv4 的用户
restrict -6 default kod nomodify notrap nopeer noquery  <==拒绝 IPv6 的用户
restrict 220.130.158.71   <==放行 tock.stdtime.gov.tw 进入本 NTP 的服务器
restrict 59.124.196.83    <==放行 tick.stdtime.gov.tw 进入本 NTP 的服务器
restrict 59.124.196.84    <==放行 time.stdtime.gov.tw 进入本 NTP 的服务器
restrict 127.0.0.1        <==底下两个是默认值,放行本机来源
restrict -6 ::1
restrict 192.168.100.0 mask 255.255.255.0 nomodify <==放行局域网用户来源,或者列出单独IP

2. 设定主机来源,请先将原本的 [0|1|2].centos.pool.ntp.org 的设定批注掉:

server 220.130.158.71 prefer  <==以这部主机为最优先的server
server 59.124.196.83
server 59.124.196.84

3.默认的一个内部时钟数据,用在没有外部 NTP 服务器时,使用它为局域网用户提供服务:

# server 127.127.1.0 # local clock
# fudge 127.127.1.0 stratum 10

4.预设时间差异分析档案与暂不用到的 keys 等,不需要更动它:

driftfile /var/lib/ntp/drift
keys      /etc/ntp/keys
文件路径:/etc/sysconfig/ntpd



OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid"
SYNC_HWCLOCK=yes

将他改成 yes 吧!这样 BIOS 的时间也会跟着改变的!

启动:

/etc/init.d/ntpd start 或 /etc/init.d/ntpd restart
查看端口使用情况:

netstat -tlunp | grep ntp
Client单独用ntpdate更新时间:

ntpdate ntp_server_ip
其后可能需要hwclock -w (clock -w)写入BIOS timer

NTP 终端配置
Windows 7/10 Configuration
Open the Windows Control Panel and select “Clock, Language, and Region” (Win 7) or “Clock and Region (Win 10). In the Classic Windows Control Panel there is also link called “Date and Time.”
Click on “Set the time and date” or “Date and Time” depending on your Windows environment.
Select the “Internet Time” tab in the new window that opens up
Click on “Change Settings…” and input the new server address you wish to use
Click “Update now”.
Upon success, you will see a message indicating that the clock was successfully synchronized. Further management in unnecessary; Windows will automatically and indefinitely synchronize with the specified server at a predetermined interval.

OSX Configuration
Open System Preferences and click on “Date and Time”
Check the option “Set Date and Time Automatically”
Input one or more NTP server URLs, separating multiple URLs with a comma
Upon success, OSX will begin tracking all NTP servers that have been inputted. Using a smart algorithm, OSX will automatically pick the best NTP server to use and synchronize with it automatically at a predetermined interval.

Linux Configuration
Typical Linux distributions include ntpd, the daemon for syncing to an NTP server. If you are missing ntpd, then you should install ntpd with your favorite package manager.

From the command line, use sudo privileges to edit the /etc/ntp.conf file. sudo vi /etc/ntp.conf
Input one or more ntp servers, one per line. Prepend “server” to every URLExample ntp.conf file
server time.apple.com
server time.nist.gov
server 10.1.1.78
3. Restart ntpd, usually accomplished with /etc/init.d/ntpd restart

Once restarted, you can monitor ntpd with the command ntpq -p. This will list all of the NTP server in use, and include diagnostic information for all known NTP servers. It may take several minutes for an NTP server to be selected and synchronized with. Once an NTP server is selected, it will be indicated with a * in the ntpq output.

posted on 2022-05-12 19:16  vmsky  阅读(662)  评论(0编辑  收藏  举报