Maybe you might want to consider the
/etc/ntp.conf file here (it works).
This assumes you have the NTP directory in
/etc/ntp, it contains these files:
Code:
ls -al /etc/ntp
total 24
drwxr-xr-x 2 root root 4096 Mar 11 07:40 ./
drwxr-xr-x 103 root root 12288 Mar 11 07:13 ../
-rw-r--r-- 1 root root 6 Mar 11 07:40 drift
-rw------- 1 root root 22 Feb 13 2014 ntp.keys
-rw-r--r-- 1 root root 0 Feb 20 13:29 step-tickers
The
/etc/ntp.conf file:
Code:
cat /etc/ntp.conf
# Sample /etc/ntp.conf: Configuration file for ntpd.
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 10. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
#
# NTP server (list one or more) to synchronize with:
#server pool.ntp.org iburst
server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org
#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
#
# Uncomment to use a multicast NTP server on the local subnet:
#multicastclient 224.0.1.1 # listen on default 224.0.1.1
# Set an optional compensation for broadcast packet delay:
#broadcastdelay 0.008
#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will.
#
#keys /etc/ntp/keys
#trustedkey 65535
#requestkey 65535
#controlkey 65535
#
# Don't serve time or stats to anyone else by default (more secure)
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Serve time to LAN; allow LAN machines to synchronize with us
restrict 192.168.1.0 mask 255.255.255.0 nomodify norap
restrict 192.168.2.0 mask 255.255.255.0 nomodify norap
#
# Disable the ntpdc -c monlist command, which is insecure and can be used
# to cause a denial of service attack (CVE-2013-5211). Future versions of
# NTP will remove this command.
disable monitor
#
# Trust ourselves. :-)
restrict 127.0.0.1
restrict ::1
Notes
- This configuration uses pool servers, unless you have a local time server, use the pool servers; you really don't need iburst.
- You can put your drift file anywhere, but in /etc/ntp is a good place
- You really don't need keys but they don't hurt if you really want them.
- This server serves time to the LAN, don't need it, comment it out
I you use this configuration file, be sure to stop
ntpd before you copy into
/etc/ (and, of course, back up your existing
ntp.conf).
This file may be used on every server (just comment out or delete the
Serve time to LAN part).
You should get your system clock close to actual time (within 5 minutes or so) before you start the daemon (ntpd).
Start the daemon, wait about five minutes for it to synchronize with one of the pool servers and run
Code:
/usr/sbin/ntpq -pn
remote refid st t when poll reach delay offset jitter
==============================================================================
127.127.1.0 .LOCL. 10 l 4d 64 0 0.000 0.000 0.000
*192.241.206.171 106.61.18.129 3 u 39 1024 377 605.381 1.324 40.834
+50.16.201.39 173.162.192.156 2 u 504 1024 377 640.545 -8.501 32.319
+173.44.32.10 128.138.140.44 2 u 754 1024 377 617.239 4.552 30.578
you should see something similar to this.
The asterisk indicates that you're synchronized with that time server, the plus signs indicate potential time servers to take over if the asterisk server goes away, gets noisy, whatever. NTP periodically evaluates the quality of the pool servers and will discard a bad one and add a new one.
Up at the top of the configuration file, be sure to read the reason for the Undisciplined Local Clock; don't discard the
server and
fudge lines, they work when your network connection goes away and keep you (pretty much) on time until the network comes back.
Hope this helps some.