Configuring an NTP server and client under Linux
Johannes Endres
An accurate clock is especially important for services and log files on a computer running Linux. Using the network time protocol (NTP), a PC can always get the exact time from the internet. And with a bit more effort it can even share this knowledge with all of the computers on the local network.
For all UNIX-like operating systems, such as Linux or FreeBSD, the NTP package runs the protocol of the same name. For purely historical reasons (open)SUSE uses the old name, xntp, for the same software. The current version is 4.2.4.
Two programs in the NTP package set the system clock: the ntpd daemon and the command line program, ntpdate. Ntpdate works according to the query timeserver-set clock-done principle. That is why it usually only takes a few seconds. The ntpd daemon works completely differently. It queries a number of servers, checks the plausibility of their responses and compares their quality; it then assesses the accuracy of the system clock before setting it. It takes at least a few minutes before it makes the first clock adjustment; the program takes an hour to evaluate the PC clock. In addition, as long as it is running, ntpd makes the NTP service available to the network. If you just need to set the system clock, this is an unnecessary use of system resources and a potential security vulnerability. Only someone who really wants to offer a time server should use ntpd. Otherwise, ntpdate is the right choice, especially for routers and all other machines directly connected to the internet.
These programs set the computer clock using two different methods, depending on the clock's deviation from the reference time. If the difference is slight, the system clock is adjusted gradually so that the other running processes do not notice the time change (slew). If the difference between the computer clock and the reference time is greater, they set the clock in one go (step).
Configuring the NTP client
Many distributions start ntpd as the default for setting the clock. This should be prevented. In Red Hat, this is done using the chkconfig ntpd off command; in other cases it can be done by modifying the rc scripts. Where to put the ntpdate depends on the type of internet connection. If you have an always-on connection or a flat-rate, set the clock hourly with a cron job. If you are running a current distribution of Linux, you can do this by putting a script in the /etc/cron.hourly directory with the following content and make it executable with chmod:
#!/bin/sh
ntpdate -s several NTP server names
In systems that do not have this directory, enter the ntpdate call into the appropriate crontab.
The option, -s, prompts ntpdate to write messages with syslog into the log files instead of displaying them on the screen. To set the clock every time the system is booted, you can insert the same line of code into an appropriate rc script and add the parameter, -b. In this case ntpdate generally adjusts the clock in a single step rather than making gradual adjustments, ending the script more quickly.
On a computer with a dial-up connection to the Internet, ntpdate is inserted into the ip-up script with the -b and -s options, so that the clock will be synchronised with every dial-up.
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
