narration
Reprinted from: ntpdate and ntpd two time synchronization methods - Fang Zhipeng's blog (fangzhipeng.com)
In order to avoid the time deviation caused by the long-term operation of the host, time synchronization is very necessary. Under Linux system, ntp server is generally used to synchronize the time of different machines. One machine can be both ntp server and ntp client. In the network, it is recommended to use a layered time server like DNS server to synchronize time.
To synchronize time, you can use ntpdate command or ntpd service.
ntpdate+cron synchronization time
[root@linux ~]# ntpdate [-nv] [NTP IP/hostname] [root@linux ~]# ntpdate 192.168.0.2 [root@linux ~]# ntpdate time.ntp.org
However, such synchronization is only mandatory to set the system time to the ntp server time. If there is a problem with the cpu tick, it is just a symptom rather than a root cause. Therefore, it is generally used in conjunction with the cron command to set periodic synchronization. For example, add in crontab:
0 12 * * * * /usr/sbin/ntpdate 192.168.0.1
In this way, the time will be synchronized at 12 o'clock every day. ntp server is 192.168.0.1.
ntpd service synchronization time
Using ntpd service is better than the combination of ntpdate and cron.
Because ntpdate synchronizes time, it will cause time jump and affect some time-dependent programs and services. Such as sleep, timer, etc. Moreover, the ntpd service can correct the cpu tick while correcting the time.
Ideally, you can use ntpdate to force time synchronization at boot time and ntpd service to synchronize time at other times.
It should be noted that ntpd has a self-protection setting: if the time difference between the local machine and the source is too large, ntpd will not run Therefore, the newly set time server must first get the initial time value from the source, and then start the ntpd service. After the ntpd service runs, it first synchronizes with the source server every 64 seconds. According to the error value measured during each synchronization, it gradually adjusts its own time through complex calculation, and gradually increases the synchronization interval as the error decreases This adjustment process is repeated for each jump
The related setting files of ntpd service are as follows:
- /etc/ntp.conf: This is the main setting file of NTP daemon and the only setting file of NTP.
- /usr /share/zoneinfo /: the files in this directory actually specify the time setting files of major time zones. For example, the time zone setting files in Beijing are in / usr/share/zoneinfo/Asia/Beijing. The files in this directory are related to the following two files (clock and localtime).
- /etc/sysconfig/clock: this file is not included in the NTP daemon, because it is the main time zone setting file of Linux. After each boot, Linux will automatically read this file to set the time to be displayed by default.
- /etc/localtime: this file is the "local time configuration file". The clock file specifies that the time setting file (ZONE) used is / usr/share/zoneinfo/Asia/Beijing, so this is the local time. At this time, the Linux system will save the Beijing file as a / etc/localtime file, so our time display in the future will be subject to the Beijing time setting file.
- /etc/timezone: system time zone file
Let's focus on / etc / NTP Conf file settings. In the setting of NTP Server, in fact, it's better not to open the Internet without restrictions. Try to only provide your own internal Client online for network timing. In addition, NTP Server always needs a more accurate host on the network to update its own time, so we also need to find a Time Server closest to our own on our NTP Server for self correction. In fact, NTP is also a mode of Server/Client.
[root@linux ~]# vi /etc/ntp.conf \# 1. About permission setting \#The permission setting is mainly based on the parameter restrict. The main syntax is: \# restrict IP mask netmask_IP parameter \# The IP address can be software address or default, which is similar to 0.0.0.0 \#As for paramter: \#ignore: turn off all NTP online services \#nomodify: indicates that the Client side cannot change the time parameter of the Server side. However, \#The Client side can still conduct network timing through the Server side. \#Nottrust: unless the Client is authenticated, the source of the Client will be regarded as an untrusted domain \#noquery: no Client-side time query is provided \#notrap: trap is not provided for remote event login \#If paramter is not set at all, it means that the IP (or domain) "has no restrictions" restrict default nomodifynotrapnoquery # Turn off all NTP request packets restrict 127.0.0.1 #This is allowed to query at this level restrict 192.168.0.1 mask 255.255.255.0 nomodify \#Servers in the 192.168.0.1/24 network segment can synchronize time through this NTP Server \# 2. Setting of upper host \#To set the upper host, the server parameter is mainly used. The syntax is: \# server [IP|HOST Name] [prefer] \#Server is followed by our upper layer Time Server! And if the server parameter \#If perfer is added later, it means that our NTP host is mainly based on this host \#Correspondence of time correction. In addition, in order to solve the transmission delay of update time packet, \#So we can use the drivefile to specify our host \#The time spent communicating with the Time Server can be recorded in the drivefile \#In the following file, for example, in the following example, our NTP server and \# cn. pool. ntp. The time spent online is recorded in the / etc / NTP / drive file server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server cn.pool.ntp.org prefer \#Other settings can be set to the system default value server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 driftfile /var/lib/ntp/drift broadcastdelay 0.008 keys /etc/ntp/keys
To sum up, restrict is used to set the access permission, server is used to set the upper time server, and drivefile is used to set the file to save the drift time.
Source: the following two articles:
https://www.itread01.com/content/1545509702.html
https://www.jianshu.com/p/efed5853bb40