Difference between revisions of "Ntp"
Jump to navigation
Jump to search
| (3 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
Network Time Protocol, synchronize local clock to remote. | Network Time Protocol, synchronize local clock to remote. | ||
| − | To | + | To use ntpq the [[iptables|firewall]] should be open for traffic to the localhost. |
<syntaxhighlight lang=bash> | <syntaxhighlight lang=bash> | ||
iptables -A INPUT -i lo -j ACCEPT | iptables -A INPUT -i lo -j ACCEPT | ||
| Line 9: | Line 9: | ||
ip6tables -A OUTPUT -o lo -j ACCEPT | ip6tables -A OUTPUT -o lo -j ACCEPT | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | |||
| + | When using an NTP-server pool like [https://pool.ntp.org pool.ntp.org] ( 0.<country>.pool.ntp.org etc.) make sure you refresh the peers every now and than. Only when ntp is started the hosts are selected, when they leave the pool ntp will not automatically select another. | ||
| + | |||
| + | ;Very secure setinngs in ntp.conf | ||
| + | restrict -4 default kod nomodify notrap nopeer noquery | ||
| + | restrict -6 default kod nomodify notrap nopeer noquery | ||
| + | |||
| + | =systemd-timesyncd= | ||
| + | systemd-timesyncd is a lightweight client-only ntp implementation. | ||
| + | |||
| + | By default configuration from DHCP is used. Additional configuration can be added to /etc/systemd/timesyncd.conf | ||
| + | |||
| + | ;timedatectl timesync-status | ||
| + | :Detailed status of systemd-timesyncd | ||
Latest revision as of 11:30, 26 March 2023
Network Time Protocol, synchronize local clock to remote.
To use ntpq the firewall should be open for traffic to the localhost.
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A OUTPUT -o lo -j ACCEPT
When using an NTP-server pool like pool.ntp.org ( 0.<country>.pool.ntp.org etc.) make sure you refresh the peers every now and than. Only when ntp is started the hosts are selected, when they leave the pool ntp will not automatically select another.
- Very secure setinngs in ntp.conf
restrict -4 default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery
systemd-timesyncd
systemd-timesyncd is a lightweight client-only ntp implementation.
By default configuration from DHCP is used. Additional configuration can be added to /etc/systemd/timesyncd.conf
- timedatectl timesync-status
- Detailed status of systemd-timesyncd