How-to Configure an Network Time Protocol (NTP) Server on CentOS

NTP Server Configuration File - screenshot by Sumodirjo

Time is important on servers, especially mission-critical ones. You, as system administrator have to make sure that the time on all of your servers is correct. You can use NTP to sync time on your server to NTP server. Using NTP will ensure that all your servers have the same time and if time drift happened it will be synced again. NTP protocol uses User Datagram Protocol (UDP) port 123, quite easy to remember.

There are four types of NTP servers, it uses a hierarchical system called stratum, from stratum 0 to stratum 3. Stratum 0 is not connected to network. It connects an atomic clock to a computer via RS-232 port. NTP Server on stratum 0 is the main source of clock. It will make sure that time is correct including leap second. Stratum 1 connects and syncs time to a Stratum 0 server. Stratum 2 connects to Stratum 2 to sync time, and stratum 3 servers sync time to stratum 2 servers. From security perspective NTP is quite secure, for the 25 years of its life, only a few security bugs have been found. No known high-risk vulnerabilities for the current release of the software.

Installing NTP

First, you can clean all yum cache :

# yum clean all

Re-download yum metadata :

# yum check-update

Install NTP Daemon

# yum install ntp

Make sure of NTP running on startup on all runlevel

# chkconfig --level 2345 ntpd on

Configure NTPD
You can use the default NTP server provided by CentOS or add an NTP server closer to you. A closer NTP server will better sync time on your server. You can go to http://www.pool.ntp.org/en/ to know NTP servers that are close to you. For example, I live in Indonesia, I go to http://www.pool.ntp.org/zone/id and add the NTP servers listed on that page on my configuration file.

The NTP configuration file is located at /etc/ntp.conf. I search using the following lines :

server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org

and change it with:

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.id.pool.ntp.org
server 1.id.pool.ntp.org
server 2.id.pool.ntp.org
server 3.id.pool.ntp.org

Please make sure you choose an NTP server located on your country or closer to your country. But, of course you can still leave the NTP servers value in the default value. Before we start the NTP daemon, we do sync time for the first time

# ntpd -q

Start NTP Daemon

# service ntpd start

To print the current state of known peers, you can use

[[email protected] ~]# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 ntp.idsirtii.or 202.190.183.188  3 u    6   64    1    5.789   43.221   0.000
 103.12.12.126   131.107.13.100   2 u    5   64    1    9.400   41.914   0.000
 ip-243-189.data .INIT.          16 u    -   64    0    0.000    0.000   0.000
 toliman.radsby. 96.44.142.5      3 u    3   64    1   23.179   35.505   0.000

Hope this tutorial is useful. Have a nice day!

Author: sumodirjo

Fulltime husband of @ririsretno, part time technologist (system / network engineer and IT consultant), writer and blogger. Passionate about all things computing and information technology. Using his spare time to maintain kurungsiku and howtodojo
»