build:ntp
This is an old revision of the document!
NTP
We are running NTP to keep the clock accurate. It is pointed at multiple instances of us.pool.ntp.org and is configured in /etc/ntp.conf. We are not providing time service to any other machines (this is limited via the "restrict" keyword in ntp.conf).
# apt-get install ntp ntp-doc ntp-simple ntpdate
==== /etc/ntp.conf ====
# /etc/ntp.conf, configuration for ntpd # ntpd will use syslog() if logfile is not defined #logfile /var/log/ntpd driftfile /var/lib/ntp/ntp.drift statsdir /var/log/ntpstats/ statistics loopstats peerstats clockstats filegen loopstats file loopstats type day enable filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable # You do need to talk to an NTP server or two (or three). #server ntp.your-provider.example # pool.ntp.org maps to more than 100 low-stratum NTP servers. # Your server will pick a different set every time it starts up. # *** Please consider joining the pool! *** # *** <http://www.pool.ntp.org/#join> *** server pool.ntp.org #server pool.ntp.org ## uncomment for extra reliability # ... and use the local system clock as a reference if all else fails # NOTE: in a local network, set the local stratum of *one* stable server # to 10; otherwise your clocks will drift apart if you lose connectivity. server 127.127.1.0 fudge 127.127.1.0 stratum 13 # By default, exchange time with everybody, but don't allow configuration. # See /usr/share/doc/ntp-doc/html/accopt.html for details. # *** Please consider joining the pool! *** # *** <http://www.pool.ntp.org/#join> *** server pool.ntp.org #server pool.ntp.org ## uncomment for extra reliability # ... and use the local system clock as a reference if all else fails # NOTE: in a local network, set the local stratum of *one* stable server # to 10; otherwise your clocks will drift apart if you lose connectivity. server 127.127.1.0 fudge 127.127.1.0 stratum 13 # By default, exchange time with everybody, but don't allow configuration. # See /usr/share/doc/ntp-doc/html/accopt.html for details. restrict default kod notrap nomodify nopeer noquery # Local users may interrogate the ntp server more closely. restrict 127.0.0.1 nomodify # Clients from this (example!) subnet have unlimited access, # but only if cryptographically authenticated #restrict 192.168.123.0 mask 255.255.255.0 notrust # If you want to provide time to your local subnet, change the next line. # (Again, the address is an example only.) #broadcast 192.168.123.255 # If you want to listen to time broadcasts on your local subnet, # de-comment the next lines. Please do this only if you trust everybody # on the network! #disable auth #broadcastclient
build/ntp.1126380515.txt.gz · Last modified: 2007/05/31 17:28 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
