The sys admin's daily grind: Ntpd
The Network Time Protocol keeps Charly up to date at all times. To put all of this punctuality in the service of the common good, he even exports the time signal.
If the clock on my personal laptop is a few seconds fast or slow, this is not dramatic. On a server, however, it's different. Logfiles should – at least – be synchronized to the exact second; otherwise, troubleshooting becomes a pain. The software that handles this synchronization is, of course, the NTP daemon (
ntpd) . As a special hardware time source, you could use a suitable DCF 77 or GPS receiver, for example. If you don't have one of those, you could ask some other time servers – you need to poll several to compute the time from the running time differences of the UDP packets on the network.
The NTP configuration in the
/etc/ntp.conf file on my Ubuntu lab machine lists five time servers:
server ntps1-0.cs.tu-berlin.de iburst server ptbtime1.ptb.de iburst server ntp1.fau.de iburst server ntp.probe-networks.de iburst # Use Ubuntu's ntp server as a fallback. server ntp.ubuntu.com
iburst ("initial burst") keyword speeds up synchronization on the first connection. A list of public time servers is available online .
Just to check, I entered
ntpq-p at the command line; this returned a list of all the time servers that my daemon contacted (Figure 1). The first column shows how reliable the time sources are: An asterisk (
*) denotes the current reference server. A plus sign means that the time from this server is used to compute the mean value. Servers with a minus sign have recently supplied times with too large of a deviation – if this problem were to exist permanently, I would need to delete them from the configuration.
Sharing Free Time
Furthermore, nothing prevents me from providing my time server to others. The expected traffic is minimal, and the safety risks are also minimal if this setup is configured correctly. Specifically, in
/etc/ntp.conf, I need to stipulate that external NTP clients can retrieve time information but not configure anything. The following lines do the trick:
restrict -4 default kod notrap nomodifynopeer noquery restrict -6 default kod notrap nomodifynopeer noquery
If you do not use IPv6, you can leave out the second line, of course.
How do other users learn about my time server? The best way is to add it to a popular time network like pool.ntp.org . A working ntpd is the only prerequisite for time servers; you can complete a web form for the actual entries. The more people to join, the less the load per server, and most importantly: We all have more free time (Figure 2).
- NTP daemon: http://www.eecis.udel.edu/~mills/ntp/html/ntpd.html
- List of public time servers: http://support.ntp.org/bin/view/Servers/WebHome#Browsing_the_Lists
- Time server network ntp.org: http://www.pool.ntp.org/en/join.html
Buy this article as PDF
But if you are not using the latest Linux kernel, your system is insecure.
Home routers will give room for custom firmware but still comply with FCC rules
Frank Karlitschek will continue to lead the open source ownCloud project
“Xenial Xerus” comes with a new packages format and several improvements for the enterprise.
Linux users can now download and install the Windows code editor
New initiative will address security and interoperability concerns around container technology.
Developers can use RHEL as a development platform without a subscription fee.
Windows users will soon have native access to the Bash shell.
Improvements to SMTP will provide better guarantee of confidentiality
Graphics vendor embraces new reality in Linux graphics