16-09-2021

Synchronize Time With Ntp Server

About time synchronization. There are various ways to determine the precise time. For ordinary people, the most convenient and easy way is to use time synchronization servers (NTP server). Most operating systems installed on computers and mobile devices have a built-in feature for working with such NTP-servers. Restart w32 time server, now DC should synchronize time with uk.pool.ntp.org time servers. If the DC is not synchronizing time with the external NTP server then check the event logs (Event Viewer System). Normally event id 47 which means it is unable to reach the external NTP server, check the firewall to make sure port 123 is open. Now the thing is that this domain controller also needs to synchronize it’s clock, but this time with an external source or NTP server. An external source can be either a time server out on the internet or a hardware appliance if it’s a highly secure environment and outside communication is restricted. You can get a list of server addresses at www.pool.ntp.org, find the preferred ones for your area, and then add them to the file. For my purposes, that meant: server 0.north-america.pool.ntp.org server 1.north-america.pool.ntp.org server 2.north-america.pool.ntp.org server 3.north-america.pool.ntp.org.

You can synchronize an event broker’s clock with a networked Network Time Protocol (NTP) server. This is especially helpful for event brokers that are using redundancy and/or Replication. For example, if your event brokers are synchronized with the same NTP server, message expiry times will be consistent across all of them.

The procedure for synchronizing with an NTP server differs for appliances and software event brokers.

Appliances

An appliance can be time synchronized using either the set up commands explained in Initial Set Up, or using the clock synchronization CLI commands shown below:

solace(configure)# clock
solace(configure/clock)# synchronization
solace(configure/clock/synchronization)# shutdown
solace(configure/clock/synchronization)# protocol ntp
solace(configure/clock/synchronization)# ntp-server <ip-addr>
solace(configure/clock/synchronization)# no shutdown

Where:

Sync Time With Ntp Server Ubuntu

ip-addr is the IP address or fully qualified domain name (FQDN) of a reachable NTP server.

Synchronize time with ntp server address

The no version of this command, no ntp-server, removes the NTP server information.

: If you need to reset the clock synchronization protocol to NTP, use the command solace(configure/clock/synchronization)# no protocol

Software Event Brokers

Software event broker clocks can be synchronized with one of the three methods shown in the following list.

: With the PubSub+ AWS AMI, clock synchronization is preconfigured to use AWS time servers. Use chronyd to change the clock server.

  1. In your hypervisor or cloud environment:

    Use DHCP to configure NTP. This requires no host configuration.

  2. For software event broker machine images:

    Set up NTP through the event broker host.

    To do so, perform the following steps:

    1. Log in to your event broker's host as the root user.
    2. Edit the /etc/ntp.conf file and enter the following configuration.

      tinker panic 0
      disable monitor
      restrict default ignore
      restrict 127.0.0.1
      restrict ::1
      server <server-ip>
      restrict <server-ip>

    3. Enable ntpd.

      4. systemctl enable ntpd

    4. Then reboot the event broker.

      5. reboot

    5. In the event broker host shell, enter the following command to check whether the NTPD status is working:

      systemctl status ntpd

      Download emulator ps3 pc 32 bit. In the displayed output, to confirm ntpd is active, check for a line that looks like this:

      'Active: active (running)' portion.

    6. Once NTPD is confirmed active, wait several minutes and enter the following command to verify that the event broker is now in sync.

      ntpstat

      In the displayed output, to confirm that the event broker is in sync, check the output for a line that looks like this:

      synchronised to NTP server (192.168.40.80) at stratum 3

  3. Use Cloud-Init:

    Set up NTP with the same configuration information provided in steps 2.2 and 2.3 above.

    Example:

    write_files:
    - path: /etc/ntp.conf
    permissions: 0600
    owner: root:root
    content: |
    tinker panic 0
    disable monitor
    restrict default ignore
    restrict 127.0.0.1
    restrict ::1
    server <server-ip>
    restrict <server-ip>
    runcmd:
    - systemctl enable ntpd
    - systemctl start ntpd

For an operating system and all of its services to run smoothly, the system clock has to be accurate. If it’s off by just a few seconds, the results could be disastrous.

For example, if machines share files over a local network, their clocks have to be synchronized to establish when exactly data is modified. Inaccurate clocks could create version conflicts or cause data to be overwritten.

There would also be issues running cron jobs. With an inaccurate clock, launch times would be fuzzy at best, and it would be incredibly difficult to properly analyze logs and troubleshoot system errors.

That’s just the tip of the iceberg.

To avoid these issues, system clocks have to synchronize. In Linux, this is done using an NTP (Network Time Protocol). In this article, we’ll be going step-by-step to install and configure an NTP on a server. Let’s start with a brief, theoretical introduction.

How NTPs Work

NTPs rely on a hierarchical structure of time sources divided into levels, called strata. Stratum 0 is the reference (an atomic clock or GPS clock); NTP servers don’t operate here.

NTP servers on stratum 1 synchronize to the atomic clock and act as references for stratum 2 servers. Stratum 2 servers synchronize to stratum 1, but can also synchronize with themselves. Servers from stratum 3 all the way down to stratum 256 synchronize the same way.

The NTP hierarchy is both redundant and fault-tolerant. If a connection to a higher-stratum server fails, backup servers perform the synchronization themselves. Redundancy is provided by the constant availability of NTP servers; by drawing data from multiple sources (servers), the NTP can calculate a more accurate time.

Installing and Configuring NTP Servers

The most well known and commonly used time sync software is the ntpd daemon. Depending on the settings in the configuration file (we’ll discuss this further on), it can act as both a server or client (i.e. it can receive the time from remote hosts and send it to others). We’ll look at how to install and configure this daemon in Ubuntu below.

Installation

Sync time with ntp server rhel 7

NTP software is included in most modern Linux distributions and is installed from the standard package manager:

Sync Time With Ntp Server Windows 2012

Synchronize

Configuration

Once the software is installed, open /etc/ntp.conf in the text editor. All program settings are saved here. Let’s take a closer look.

Logging Parameters

Server

The first line of the configuration file looks like this:

This shows the file where information on the clock’s offset frequency is saved. Values received from previous time corrections are saved here. If other NTP servers are unavailable for any reason, this is where the value will be taken from.
Next, we’re shown which file the synchronization log is saved to:

List of Servers for Synchronization

Synchronize Time With Ntp Server Address

The configuration file lists which NTP servers our system will synchronize with. By default, the list looks like this:

Each line indicates the group of servers that tell our server the correct time. To improve the accuracy of our synchronization, we can use the iburst option (this means that not one, but several packets must be sent for synchronization): Flitecad software.

We can also give preference to a server using the prefer option:

NTP servers are scattered all over the world (available public NTP servers). To ensure a more accurate system clock, we recommend synchronizing only with ntp servers in the same geographic region as your server. To do this, add the regional subdomain to pool.ntp.org in the server address listed in /etc/ntp.conf:

  • Asia — asia.pool.ntp.org
  • Europe — europe.pool.ntp.org
  • Africa — africa.pool.ntp.org
  • North America — north-america.pool.ntp.org
  • South America — south-america.pool.ntp.org
  • Oceania — oceania.pool.ntp.org

You can also add a subdomain for individual countries (see here). Russia has its own subdomain: ru.pool.ntp.org.

Backup Time Servers

If an NTP server goes offline for any reason, it can still transfer data on its system clock for synchronization. This is done by adding the following line to the configuration file:

Limits

Ntp Time Sync Command

Lately, It’s become more common for NTP servers to be used for increasing traffic in DDoS attacks (see here). To protect our server, we’ll limit the number of external clients. By default, the following limits are set in /etc/ntp.conf:

The nomodify, notrap, nopeer, and noquery parameters prohibit the client from modifying the server. The kod (kiss of death) parameter provides additional protection: a client sending too many requests will first receive a kod packet (a service failure warning) and then be disconnected from the server.

To enable machines on the local network to synchronize with an NTP server, we add the following lines to the configuration file:

We can additionally grant the local host unlimited access to the NTP server:

Testing Synchronization

After making all of the necessary changes and saving the configuration file, we restart the NTP server:

We then run the following command:

A table will be printed out:

The following parameters are shown in the table:

  • remote — address of server with exact time (here we see the server list from the configuration file)
  • refid — top-level server (the time server our server synchronizes to)
  • st — the server stratum
  • t — peer type (u- unicast, m- multicast)
  • when — time of last synchronization
  • poll — time it took for NTP daemon to synchronize with peer, in seconds
  • reach — server availability status; after eight successful synchronization attempts, value will be 377
  • delay — response delay from server
  • offset — time difference between our server and synchronization server; a positive value means that our clock is fast, negative means it’s slow
  • jitter — time offset on remote server

The following symbols may be displayed to the left of the server address:

  • * synchronization server (current time source)
  • + server ready for update (which we can synchronize with)
  • — server not recommended for synchronization
  • x server unavailable

You can test if a server from the list is suitable for synchronization with using the following command:

From the printout above, we can see that the server is suitable for synchronization: stratum – 2, offset – 0.127936 ms, delay – 0.026 ms.

We can also see the synchronization results (if successful or with errors) in the logs:

Configuring Local Date and Time

Using the ntpdate command, we can set the local date and time on our server by sending a request to the NTP server:

You can check the present status of ntpd with the following command:

The printout will look like the following:

Ntp

Original publication date: July 11, 2014.