Installation & Configuration NTP (Network Time Protocol) Server in RHEL 7 and CentOS 7

Friends today I am going to show you, how can we install and configure NTP server on CentOS7/RHEL7 and automatically synchronize time with the closest geographically peers available for your server location by using NTP Public Pool Time Servers list. So let’s start.

What is NTP?

NTP stand for Network Time Protocol. NTP is used for clock synchronization between computers system over networks. It’s run over port 123 UDP at Transport Layer.

Install and configure NTP service

NTP service package is provided by default from official CentOS7 /RHEL7 repositories and we can install by yum with following command.

[root@tzclouds ~]# yum install ntp
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: centos.excellmedia.net
 * extras: centos.excellmedia.net
 * updates: centos.excellmedia.net
Resolving Dependencies
--> Running transaction check
---> Package ntp.x86_64 0:4.2.6p5-28.el7.centos will be installed
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================================================================================
 Package                           Arch                                 Version                                                Repository                          Size
========================================================================================================================================================================
Installing:
 ntp                               x86_64                               4.2.6p5-28.el7.centos                                  base                               549 k
Transaction Summary
========================================================================================================================================================================
Install  1 Package
Total download size: 549 k
Installed size: 1.4 M
Is this ok [y/d/N]: y
Downloading packages:
ntp-4.2.6p5-28.el7.centos.x86_ FAILED                                                                                                 ]  1.2 B/s |  44 kB 116:45:40 ETA
http://ftp.iitm.ac.in/centos/7.5.1804/os/x86_64/Packages/ntp-4.2.6p5-28.el7.centos.x86_64.rpm: [Errno 12] Timeout on http://ftp.iitm.ac.in/centos/7.5.1804/os/x86_64/Packages/ntp-4.2.6p5-28.el7.centos.x86_64.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
ntp-4.2.6p5-28.el7.centos.x86_64.rpm                                                                                                             | 549 kB  00:00:12
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : ntp-4.2.6p5-28.el7.centos.x86_64                                                                                                                     1/1
  Verifying  : ntp-4.2.6p5-28.el7.centos.x86_64                                                                                                                     1/1
Installed:
  ntp.x86_64 0:4.2.6p5-28.el7.centos
Complete!
[root@tzclouds ~]#

You can see here your NTP service has been successfully installed.

We can select NTP Pool Server list from pool ntp site.

After successfully NTP service installation, We need to go to official NTP Public Pool Time Servers, choose your continent area where the server physically is located, then search for your country location after that you can see NTP servers list for selected country. Like this:-

After NTP server selection, we have to edit our NTP service configuration file. You can find NTP configuration file on this path:- /etc/ntp.conf. So let’s start NTP configuration. First of all we have to comment the default list of Public Servers from pool.ntp.org project and replace it with the list provided for your country like below configuration in bold:-

[root@tzclouds ~]# vi /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst

#Our Public server list---
server 0.europe.pool.ntp.org iburst
server 1.europe.pool.ntp.org iburst
server 2.europe.pool.ntp.org iburst
server 3.europe.pool.ntp.org iburst

Here is our public NTP Server has been configured in ntp.conf file.

We need to add our network which we want to allow.

Now we need to allow clients from our networks to synchronize time with our server. To accomplish this, we need to add the following line to NTP configuration file, where restrict statement controls, Here we can define network, which Network we want to allowed to query and sync time – replace network IPs accordingly. Like this:-

[root@tzclouds ~]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

#Allow 192.168.1.0/24 network client to synchronize time with this server
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

The nomodify notrap statements suggest that your clients are not allowed to configure the server or be used as peers for time sync.

NTP service Logs enable.

If you want to additional information for troubleshooting in case there is any issue with your NTP service then you can add a log file statement which will allow to record all NTP server logs into one dedicated log file. You can add log file /var/log/ntp.log at the end of ntp.conf file. Like this:-

# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
logfile /var/log/ntp.log

NTP Server Configuration has been completed.

After all above mandatory configuration changes, we can save ntp.conf file. Our final configuration should be look like this in the below screenshot. In below yellow line is our final configuration.

Now we need to add Firewall Rules for NTP service.

NTP service uses UDP port 123 on OSI transport layer (layer 4). We can run this below commands to open 123 port on RHEL7 / CentOS 7 against Firewalld service.

[root@tzclouds ~]# firewall-cmd --add-service=ntp --permanent
success
[root@tzclouds ~]# firewall-cmd --reload
success
[root@tzclouds ~]#

Now port has been successfully open from system firewall.

Now we need to enable and start our NTP server.

After that we can start NTP server and make sure ntpd server should be enable at the server boot time. So once your server will restart, NTP server automatically start. You can use below commands to start the ntpd service and enable ntpd service at the boot time.

[root@tzclouds ~]# systemctl start ntpd
[root@tzclouds ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@tzclouds ~]# systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2018-05-12 19:45:00 CEST; 17s ago
Main PID: 4990 (ntpd)
CGroup: /system.slice/ntpd.service
└─4990 /usr/sbin/ntpd -u ntp:ntp -g

May 12 19:45:00 tzclouds.com systemd[1]: Starting Network Time Service...
May 12 19:45:00 tzclouds.com systemd[1]: Started Network Time Service.
May 12 19:45:00 tzclouds.com ntpd[4990]: proto: precision = 0.116 usec
May 12 19:45:00 tzclouds.com ntpd[4990]: 0.0.0.0 c01d 0d kern kernel time sync enabled
[root@tzclouds ~]#

You can see here our NTP server has been successfully start.

Now we can Verify NTP Server Time Sync

After NTP server has been successfully started, wait a few minutes for the server to synchronize time with its pool list servers, then run the following commands to verify NTP peers synchronization status and your system time.

[root@tzclouds ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
+249.34.213.162. 145.238.203.14 2 u 26 64 377 302.835 -195.58 54.306
+devrandom.pl 85.199.214.101 2 u 23 64 377 533.723 -374.02 177.357
-stratum2-3.NTP. 129.70.130.71 2 u 65 64 377 666.239 -391.77 123.665
*a.fraho.eu 36.224.68.195 2 u 57 64 377 234.316 -218.82 30.001

[root@tzclouds ~]# [root@tzclouds ~]# date -R
Sat, 12 May 2018 19:49:33 +0200
[root@tzclouds ~]#

Here you can see NTP Time Sync successfully.

If you want to query and synchronize against a pool of your choice use ntpdate command, followed by the server or servers addresses, as suggested in the following command line example.

[root@tzclouds ~]# ntpdate -q 0.europe.pool.ntp.org 1.europe.pool.ntp.org
server 62.210.28.176, stratum 4, offset -0.008740, delay 0.25925
server 91.220.110.116, stratum 2, offset -0.015816, delay 0.31517
server 195.154.105.147, stratum 3, offset -0.015171, delay 0.24710
server 195.222.33.219, stratum 2, offset -0.040328, delay 0.24344
server 144.76.208.242, stratum 1, offset -0.036350, delay 0.26050
server 85.214.194.162, stratum 2, offset -0.017685, delay 0.26956
server 5.34.248.225, stratum 3, offset -0.026745, delay 0.28308
server 62.210.244.146, stratum 2, offset -0.021295, delay 0.23965
12 May 19:52:50 ntpdate[5104]: adjust time server 144.76.208.242 offset -0.036350 sec
[root@tzclouds ~]#

Synchronize NTP Time has been done with NTP pool server.

Check with timedatectl command

You can also check with timedatectl command and your NTP enabled and NTP synchronized should be yes on your NTP server look like this:-

[root@tzclouds ~]# timedatectl
Local time: Fri 2018-05-25 14:52:38 CEST
Universal time: Fri 2018-05-25 12:52:38 UTC
RTC time: Fri 2018-05-25 12:52:37
Time zone: Europe/Brussels (CEST, +0200)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2018-03-25 01:59:59 CET
Sun 2018-03-25 03:00:00 CEST
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2018-10-28 02:59:59 CEST
Sun 2018-10-28 02:00:00 CET
[root@tzclouds ~]#

If your NTP synchronized is no then you have to enable with below commands. First you have stop your NTP server and then you have to try to enable NTP synchronized once this enabled you have to start NTP service. Like this:-

[root@tzclouds ~]# timedatectl
Local time: Fri 2018-05-25 15:26:17 CEST
Universal time: Fri 2018-05-25 13:26:17 UTC
RTC time: Fri 2018-05-25 13:26:16
Time zone: Europe/Brussels (CEST, +0200)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2018-03-25 01:59:59 CET
Sun 2018-03-25 03:00:00 CEST
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2018-10-28 02:59:59 CEST
Sun 2018-10-28 02:00:00 CET
[root@tzclouds ~]#
[root@tzclouds ~]# systemctl stop ntpd
[root@tzclouds ~]# timedatectl set-ntp 1
[root@tzclouds ~]# timedatectl
Local time: Fri 2018-05-25 15:27:47 CEST
Universal time: Fri 2018-05-25 13:27:47 UTC
RTC time: Fri 2018-05-25 13:27:46
Time zone: Europe/Brussels (CEST, +0200)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2018-03-25 01:59:59 CET
Sun 2018-03-25 03:00:00 CEST
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2018-10-28 02:59:59 CEST
Sun 2018-10-28 02:00:00 CET
[root@tzclouds ~]# systemctl start ntpd

Now our NTP server has been successfully installed and configured.

Configure NTP Client on Windows Machine.

Now we are going to configure our Windows to synchronize time with our NTP server. Go to Time from the right side of Taskbar -> Change Date and Time Settings -> Internet Time tab -> Change Settings -> Check Synchronize with an Internet time server -> put your server’s  IP or FQDN on Server filed -> Update now -> OK. Like below:-

After that our windows will be sync with our NTP server.

Configure NTP Client on Linux server

Now I am going to show you how to configure NTP client on Linux7 and CentOS7. We need to install ntp package on client as like NTP server.

[root@tzcloudsclient ~]# yum install ntp

After package installation we need to add NTP server IP in /etc/ntp.conf file like this:-

After that we need to enable and start our ntp service on NTP client. Like this:-

[root@tzcloudsclient ~]# systemctl enable ntpd
[root@tzcloudsclient ~]# systemctl start ntpd

Now you have to check with timedatectl command and your  output will be look like below. If there is any different you can perform above NTP server timedateclt steps to correct it.

[root@tzcloudsclient ~]# timedatectl
Local time: Fri 2018-05-25 16:14:10 CEST
Universal time: Fri 2018-05-25 14:14:10 UTC
RTC time: Fri 2018-05-25 14:14:08
Time zone: Europe/Brussels (CEST, +0200)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2018-03-25 01:59:59 CET
Sun 2018-03-25 03:00:00 CEST
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2018-10-28 02:59:59 CEST
Sun 2018-10-28 02:00:00 CET
[root@tzcloudsclient ~]#

After that you can see you client date automatically sync with your NTP server.

That’s all  we have completed NTP server and NTP Client installation and Configuration.

8 thoughts on “Installation & Configuration NTP (Network Time Protocol) Server in RHEL 7 and CentOS 7

  1. Here is where I put all of my expired web 2.0 accounts.
    I scrape massive lists and then check to see if they’re expired.

    I think you’ll be surprised by the number of accounts that I come across.
    Hopefully, you’ll be able to put these expired accounts to good use.

  2. Every 60 minutes there are new public proxies added. You can directly import these into
    your SEO tools or do it manually. There are proxies for ScrapeBox and all other tools.

    Let me know if you need free public proxies for other tools.
    I’ll try to add them if I can.

  3. Did you know that my lists can be used with GSA?
    They can. I’m always working hard to improve the quality of my lists.
    Check them out and see if you can put them to good use.
    Thanks for visiting my site and have a great day.

  4. Here is where I put all of my expired web 2.0 accounts.
    I scrape massive lists and then check to see if they’re expired.
    I think you’ll be surprised by the number of accounts that I come across.
    Hopefully, you’ll be able to put these expired accounts to
    good use.

  5. I think the admin of this web site is genuinely working hard in favor
    of his website, for the reason that here every data is
    quality based material.

Leave a Reply

Your email address will not be published. Required fields are marked *