RH 253: HOW TO CONFIGURE NTP SERVER






CONFIGURATION FILES


1.  KEYS


#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE.
#
#65535  M       akey
#1      M       pass
8       M     MtwNtpSVRPswd44
6       M     truetime1
7       M     truetime2

# ntpkey_MD5key_mtw02lfs02.mindtree.com.3424498439
# Tue Jul  8 15:03:59 2008
 1 MD5  q_?tkduTYN7>Pw" # MD5 key
 2 MD5  <xQb[.l\sS!!{]n # MD5 key
 3 MD5  ,@>$NBm**0s]:\q # MD5 key
# 4 MD5  [nJd(>\YQk6Mb81 # MD5 key
# 5 MD5  ymzc7wssa@A9W8d # MD5 key
# 6 MD5  by59r7ni^T75wn^ # MD5 key
# 7 MD5  =Doe1opfB`FUky8 # MD5 key
# 8 MD5  t)AJX'^c3KjC<,E # MD5 key
 9 MD5  >lgJDr\zB:1AIwv # MD5 key
10 MD5  VkMJ50<K>[fig*T # MD5 key
11 MD5  ]*_+GV/o9=:]bpn # MD5 key
12 MD5  ejmM>x[J{662Dwx # MD5 key
13 MD5  /eyy&bCvFFfeDq% # MD5 key
14 MD5  sCcv/DhU6HcTMcJ # MD5 key
15 MD5  /Ptn4lAA<Z_]mev # MD5 key
16 MD5  I$yfmqopN))vb7H # MD5 key



 2.  NTP.CONF



# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#restrict default kod nomodify notrap nopeer noquery
#restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
#restrict 127.0.0.1
#restrict -6 ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.rhel.pool.ntp.org
#server 1.rhel.pool.ntp.org
#server 2.rhel.pool.ntp.org

#broadcast 192.168.1.255 key 42        # broadcast server
#broadcastclient            # broadcast client
#broadcast 224.0.1.1 key 42        # multicast server
#multicastclient 224.0.1.1        # multicast client
#manycastserver 239.255.254.254        # manycast server
#manycastclient 239.255.254.254 key 42    # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
#server    127.127.1.0    # local clock
#fudge    127.127.1.0 stratum 10   

# Drift file.  Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#driftfile /var/lib/ntp/drift

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
#keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

###################MODIFIED LINES###########################
###############################################################
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
################################################
restrict 127.0.0.1
restrict -6 ::1
################################################
restrict 172.22.0.0 mask 255.255.0.0 nomodify notrap
restrict 172.20.0.0 mask 255.255.0.0 nomodify notrap
restrict 172.25.0.0 mask 255.255.0.0 nomodify notrap
#####################################################
driftfile /var/lib/ntp/drift
statsdir /var/log/ntpstats/
logfile /etc/ntp/log
###############################################
keys /etc/ntp/keys
trustedkey 2 3 4 8 6
#requestkey  5 7
###################################
fudge   127.127.1.0 stratum 3 refid NIST
############SERVERS#####################################
#server time-B.timefreq.bldrdoc.gov iburst
#restrict time-B.timefreq.bldrdoc.gov mask 255.255.255.255 nomodify notrap noquery
#server time-C.timefreq.bldrdoc.gov iburst
#restrict time-C.timefreq.bldrdoc.gov mask 255.255.255.255 nomodify notrap noquery
server time-A.timefreq.bldrdoc.gov iburst
restrict time-A.timefreq.bldrdoc.gov mask 255.255.255.255 nomodify notrap noquery
#########

server clock.via.net iburst
server ntp.probe-networks.de iburst
server ntp.mazzanet.id.au iburst
server time.jedsmith.org iburst
server serv01.richs.nl iburst


#########################
broadcastclient
#########################
#broadcast 172.22.192.11 key 8
statistics sysstats peerstats
enable auth
enable stats
################################



3. NTP SERVERS



#This file contains a list of ntp servers to show in the system-config-date user interface.
#It is not recommended that you modify this file by hand.

#clock.redhat.com
#clock2.redhat.com

#time-B.timefreq.bldrdoc.gov
#time-C.timefreq.bldrdoc.gov
time-A.timefreq.bldrdoc.gov


clock.via.net
ntp.probe-networks.de
ntp.mazzanet.id.au
time.jedsmith.org
serv01.richs.nl



 4. STEP-TICKERS

 time-A.timefreq.bldrdoc.gov

clock.via.net
ntp.probe-networks.de
ntp.mazzanet.id.au
time.jedsmith.org
serv01.richs.nl






If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!

No comments:

Post a Comment