See ConfiguringNTPDev for discussion of this topic.
6. Configuring NTP
First,
ntpd needs a majority of servers to agree on the time before it can sync. If you only have one server, that server WILL be believed. If you have two or three servers and they disagree, no majority will be found.
If you are going to have
server or
peer lines in
ntp.conf I recommend having at least four or five of them, and use
iburst for each. See
SelectingOffsiteNTPServers for more.
Be
very careful with
burst as it is only rarely needed and will significantly increase the traffic. Do not use
burst unless you have a very good reason for doing so. (I'd like to have a URL to the pages that describe the rare cases where
burst is appropriate.)
6.9. Minimal configuration
A minimum comfiguration contains just a list of servers to get the time from but to avoid a lengthy startup you must define a path to a drift-file where the drift og the local clock can be stored. Example:
server ntp.your.isp.com
server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
driftfile /var/lib/ntp/ntp.drift
This asumes you are in Europe. With four servers
ntpd will still work even if one server fails.
6.10. DHCP Auto-configuration
6.10.1. ISC dhcp 3
ISC's dhcp is able to automatically configure the servers used by
ntpd. Here's how to get it working:
- The dhcp server you are using must be configured to provide the
ntp-servers option
- Configure your
dhclient to request ntp-servers (it doesn't by default). To do this add ntp-servers to the default request line in /etc/dhcp3/dhclient.conf
- Create an
/etc/ntp.conf with all of the other settings that you wish to use. This file will be used to create /etc/ntp.conf.dhcp, it won't be over written.
- Your
ntpd must be told to use /etc/ntp.conf.dhcp if it exists. This is usually accomplished in the ntp init script (e.g. /etc/init.d/ntp).
6.11. How dynamic IP addresses affect ntpd
Currently,
ntpd does not rescan the network interfaces after it has started. If you are have a dynamic IP (use DHCP), this means
ntpd will no longer be able to communicate with "outside" sources after your IP changes.
The script in
Bug #51 will not help you unless it's the remote site's IP address that has changed.
6.12. Using the NIST Leap Second File
The U.S.
National Institute of Standards and Technology (NIST) is publishing a file which contains a table of past and upcoming leap seconds. This file can be used by
ntpd to become aware of leap second announcements and thus be able to handle leap seconds gracefully.
ntpd evaluates the leap second file only if the
autokey feature has been enabled. The
autokey feature also provides a mechanism to forward the information from the leap second file to NTP clients.
If the top level NTP server is unable to obtain the leap second file automatically then the file can be provided manually via FTP.
The file is available at
ftp://time.nist.gov/pub/
The file name is:
leap-seconds.nnnnnnnnnn where
nnnnnnnnnn is a kind of "serial number" which is derived from a time stamp in order to simplify automatic updates.
As of this writing the name of the file is
leap-seconds.3331497600.
This file must be copied to the
crypto directory configured for ntpd, and
inside that directory a
link must be created which points to that file. The
standard name for the link is
ntpkey_leap. However, this can be overridden
by a configuration parameter.
So assuming the name of the leap second file as mentioned above, the standard link to the leap second file inside the NTP crypto directory should look like this:
ntpkey_leap ->
leap-seconds.3331497600
Support Web
Copyright © 1999-2008 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback