NTP
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了NTP相关的知识,希望对你有一定的参考价值。
一、概述
1.网络时间协议(NTP)用于将计算机的时间与另一个参考时间源同步。
2.NTP的种类有很多,在RHEL7中默认使用的NTP服务器是chrony.x86_64,但是它并不好用,所以我们先使用命令yum remove chrony.x86_64 -y将它移除,然后再安装我们要用的软件包即可(安装过程请往下看)
二、NTP服务器配置
[[email protected] ~]# yum install ntp -y 安装NTP服务
[[email protected] ~]# vi /etc/ntp.conf 修改ntp配置文件,该文件中所有已#开头的都是注释信息
[[email protected] ~]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift **晶体芯片跳动的频率,都是记录在这个文件里的**
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery 本机为NTP服务器,其他机器在访问NTP服务器的时候的默认限制,也就是别人在查询NTP服务器的时候做具有的权限是什么;nomodify 别人不允许修改我的时间 ;notrap不允许陷阱操作 ;nopeer 不允许建立一种对等关系;noquery不允许别人查询;
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1 这里后边没有写nomodify、notrap 、nopeer、noquery这些权限,就表示本地具有所有的权限
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap 这条是我们自己加的
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.rhel.pool.ntp.org iburst
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor以上是关于NTP的主要内容,如果未能解决你的问题,请参考以下文章