As part of a few changes happening I’ve been asked to look into how difficult would it be to configure our own local NTP server. From looking at very useful Ubuntu Man Pages and finding great articles on The Geek Stuff (one of my favourites sites) and Blogging Dragon, it appears that it’s more straightforward than I expected! Soooo this post will note down how to install and configure a NTP Server.
Network Time Protocol (NTP) is a network protocol for clock synchronization between servers, network devices and desktops. NTP is defined in RFC5905 and is described as:
Network Time Protocol version 4 (NTPv4), which is widely used to synchronize system clocks among a set of distributed timeservers and clients…. The NTP subnet model includes a number of widely accessible primary time servers synchronized by wire or radio to national standards. The purpose of the NTP protocol is to convey timekeeping information from these primary servers to secondary time servers and clients via both private networks and the public Internet.
For this test, I’m using ESXi Ubuntu 14.04LTS host as the local NTP server and will be configuring both a Juniper SRX220 and another ESXi Ubuntu 14.04LTS host as a NTP clients. The local NTP server’s IP address is 10.1.0.148
You will need root and/or
With all the background done, let’s get cracking :D
As always, when getting anything from Ubuntu’s apt-get repository we’ll need to make sure to run update; to get all the newest version of packages currently installed and run dist-upgrade; to ensure the most important packages are updated as it has a “smart” conflict resolution system.
sudo apt-get update sudo apt-get dist-upgrade
Having ensured the server’s packages are up to date, we can install the ntp and ntpdate packages by using
apt-get install ntp ntpdate
sudo apt-get install ntp ntpdate
Before making any changes we need to make sure that the default time zone to Universal Time Coordinated (UTC). This is because UTC is regarded as the primary time standard by which the world regulates clocks and time. You can check/change the default time zone by running the command
dpkg-reconfigure tzdata. You will be prompted to these screens where you can select the time zone: Screen #1 and Screen #2.
Once the time zone has been set, you will get the output below confirming the Time Zone:
marquk01@km-vm4:~$ sudo dpkg-reconfigure tzdata Current default time zone: 'Etc/UTC' Local time is now: Mon Jan 11 14:56:57 UTC 2016. Universal Time is now: Mon Jan 11 14:56:57 UTC 2016.
Next create a backup of the
sudo cp /etc/ntp.conf /etc/ntp.conf.old
Use a text editor (I prefer nano) to open up the
ntp.conf file and find the following lines below:
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board # on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for # more information. server 0.ubuntu.pool.ntp.org server 1.ubuntu.pool.ntp.org server 2.ubuntu.pool.ntp.org server 3.ubuntu.pool.ntp.org
You can comment them out, delete, keep or replace the lines. The lines are specifying multiple servers to act as a timeserver, which is helpful when one of the timeservers fail. You can use regional pool ntp severs from ntp.org’s Regional Pools. In my example, as I live in the UK, I’ve used the regional pool of servers closest to the UK
server 0.uk.pool.ntp.org iburst dynamic server 1.uk.pool.ntp.org iburst dynamic server 2.uk.pool.ntp.org iburst dynamic server 3.uk.pool.ntp.org iburst dynamic
dynamic are optional commands but can be useful to have set, depending on your environment.
iburst: After every poll a burst of eight packets is sent instead of one. When the server is not responding, packets are sent at 16 seconds intervals. When the server responds, packets are sent every 2 seconds. This means that after reboot or restart ntp synchronizations are established quicker.
dynamic: This option tells NTP it can try a configured server again later if it’s unavailable at some point, which can be useful when the server doesn’t always have Internet connectivity.
You can see my full example ntp.conf file here
Having saved and close the updated ntp.conf file, we’ll need to restart the daemon running
service ntp restart
marquk01@km-vm4:~$ sudo service ntp restart * Stopping NTP server ntpd [ OK ] * Starting NTP server ntpd [ OK ]
After restarting the daemon, the server will take around 10-15 minutes for NTP to synchronize with the timeservers and it will automatically set the system clock. By using the command
ntpq -p we’ll be able to check the status of the NTP servers that we are synchronized with
marquk01@km-vm4:~$ ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== time.rdg.uk.as4 22.214.171.124 2 u 21 64 3 3.138 0.047 0.506 resntp-a-vip.lo 126.96.36.199 3 u 22 64 3 1.723 2.038 0.526 2a03:b0c0:1:d0: 188.8.131.52 3 u 19 64 3 2.870 1.632 0.337 neon.trippett.o 184.108.40.206 2 u 26 64 3 2.928 1.863 0.473 golem.canonical 220.127.116.11 2 u 24 64 3 9.211 3.418 0.387
The table below explains the different parameters from the
ntpq -p output:
|Remote||Specifics the hostname of the timeserver|
|Refid||This is a 32-bit code identifying the particular reference clock.|
|St (Stratus)||This indicates your physical GPS closeness to the timeserver. Anything under 3 is seen as good|
|When||Number of Seconds passed since the last poll or time check|
|Poll||This is the minimum interval between transmitted messages, in seconds as a power of two. For instance, a value of six indicates a minimum interval of 64 seconds.|
|Reach||How well a clock can maintain a constant frequency.|
|Delay||Provides the capability to launch a message to arrive at the reference clock at a specified time. Relative to a selected reference clock.|
|Offset||The time difference between two clocks, relative to a selected reference clock. Represents the amount to adjust the local clock to bring it into correspondence with the reference clock.|
|Jitter||Short-term variations in Frequency with components greater than 10 Hz. The estimated time error of the system clock measured as an exponential average of RMS time differences.|
You will be able start, stop, restart and/or check ntp status by using these commands
service ntp status service ntp start service ntp stop service ntp restart
And with that we have a NTP server configured!
Enabling NTP Client⌗
For testing, I configured a Juniper SRX220 to be the NTP client. It’s quite straightforward to enable ntp on a SRX; you’ll need to set and commit the commands to below and with that you will have NTP enabled. Simple Right! :)
set system ntp server 10.1.0.148 prefer set system ntp server 10.1.0.148 version 4
For verification of NTP on the SRX we can run
show ntp associations,
show ntp status and
show system uptime
show ntp associations⌗
marquk01@v6-testing> show ntp associations no-resolve remote refid st t when poll reach delay offset marquk01 ============================================================================== *10.1.0.148 18.104.22.168 3 - 8 64 1 1.849 2.498 0.160
show system uptime⌗
marquk01@v6-testing> show system uptime Current time: 2016-01-11 10:15:27 UTC System booted: 2016-01-08 10:02:36 UTC (3d 00:12 ago) Protocols started: 2016-01-08 10:05:13 UTC (3d 00:10 ago) Last configured: 2016-01-11 10:13:34 UTC (00:01:53 ago) by marquk01 10:15AM up 3 days, 13 mins, 2 users, load averages: 0.05, 0.11, 0.04
show ntp status⌗
marquk01@v6-testing> show ntp status status=0664 leap\_none, sync\_ntp, 6 events, event\_peer/strat\_chg, version="ntpd 4.2.0-a Fri Nov 13 15:40:48 UTC 2015 (1)", processor="octeon", system="JUNOS12.1X47-D30.4", leap=00, stratum=4, precision=-17, rootdelay=13.781, rootdispersion=2.340, peer=31708, refid=10.1.0.148, reftime=da3dff68.c47f84ec Mon, Jan 11 2016 10:16:08.767, poll=6, clock=da3dff6b.8ee12a6f Mon, Jan 11 2016 10:16:11.558, state=3, offset=0.000, frequency=0.000, jitter=0.213, stability=0.000
And on the Ubuntu host, it’s exactly the same as I described above, but in the
/etc/ntp.conf file you’ll need to set the server as your local NTP server
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board # on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for # more information. #server 0.ubuntu.pool.ntp.org #server 1.ubuntu.pool.ntp.org #server 2.ubuntu.pool.ntp.org #server 3.ubuntu.pool.ntp.org server 10.1.0.148 prefer iburst dynamic
We can then run
ntpq -p to check the ntp server is the local server!
marquk01@km-vm1:~$ ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *10.1.0.148 22.214.171.124 3 u 28 64 1 0.454 0.380 0.315