HOWTO NTP Using OpenNTPD
From Gentoo Linux Wiki
| Installation • Kernel & Hardware • Networks • Portage • Software • System • X Server • Gaming • Non-x86 • Emulators • Misc |
Contents |
[edit] Introduction
OpenNTPD is a free, easy-to-use, partial implementation of the Network Time Protocol. It provides the ability to synchronize the local clock to remote NTP servers, and can act as an NTP server itself, redistributing the local clock.
OpenNTPD does not (as of openntpd-3.7_p1) adjust the rate of the clock to cater for drift, so ntp is probably a better solution.
This article explains how to install, configure and run OpenNTPD.
[edit] Installation
Use at least net-misc/openntpd version 3.7_p1:
# emerge -av openntpd
Then issue the following:
# rc-update add ntpd default
[edit] Configuration
Edit the /etc/conf.d/ntpd file:
| File: /etc/conf.d/ntpd |
|
Set the time immediately at startup if the local clock is off by more than 180 seconds: NTPD_OPTS="-s" |
Now go here; you have find the timeservers for your country or continent and put them into /etc/ntpd.conf:
| File: /etc/ntpd.conf |
|
Users from Italy, for example, should set the following (as stated here): server 0.it.pool.ntp.org server 1.europe.pool.ntp.org server 2.europe.pool.ntp.org |
[edit] DHCP Client Configuration
The /etc/ntp.conf file normally updated via DHCP is not compatible with the /etc/ntpd.conf configuration file for OpenNTPD. However, we can force OpenNTPD to use the information using Gentoo's network hooks. First, move /etc/ntpd.conf to somewhere safe, like /etc/ntpd.conf.original.
Then /etc/conf.d/net
postup(){
grep -e '^server' /etc/ntp.conf > /etc/ntpd.conf ||\
echo "servers pool.ntp.org" > /etc/ntpd.conf
/etc/init.d/ntpd restart
}
Now, whenever you start a new network connection, OpenNTP will use a server provided by DHCP, or else it will fall back to use the standard pool.
[edit] Firewall Configuration
[edit] Client
An NTP client will be using port 123 on UDP - the client's firewall will not need to be opened on this port, as long as outbound and ESTABLISHED connections are accepted.
[edit] Server
An NTP server will require port 123 opened on UDP, for the clients it will be serving.
[edit] Running
Run openntpd:
# /etc/init.d/ntpd start
After ntpd has been running for around 5 minutes, /var/log/messages or /var/log/syslog will show the occasional entry, "adjusting local clock by...".
These log entries should settle down, as ntpd hones in on the precise time.
[edit] Troubleshooting
If date shows the wrong hour, then check /etc/conf.d/clock and /etc/localtime in the localization guide.
If /var/log/messages shows that the local clock is being adjusted by around 0.2 seconds, several times per day, then ntp should be installed as a replacement package, to automatically handle the clock drift.
If the error dispatch_imsg in main: pipe closed is shown, and listen on * is in /etc/ntpd.conf, then change it to listen on 0.0.0.0.
If the error fatal: bad privsep dir permissions is shown, the ntp home directory (see NTPD_HOME in /etc/conf.d/ntpd may need adjustment. By default that directory is /var/empty. OpenNTPD (at least as of 3.7) requires that directory to be owned by root (not another user such as 'ntp'), and for the permissions to be 0700 (rw bits cleared for group and other). Example fix:
chown root /var/empty chmod 700 /var/empty
If the problem still occurs, check the home directory for the ntp user in /etc/passwd, and change it also.
If you are using a laptop as your main computer at home and you tend to take it with you whenever you go out, you might experience a significant ntpd timeout delay at boot time when you don't have internet access. In order to prevent this you can modify ntpd's init script /etc/init.d/ntpd to check if you are online by pinging an IP. Note that the format of the init script might change or get overwritten after updating your system so make sure you keep adding the code whenever necessary:
| File: /etc/init.d/ntpd |
checkconfig() {
if [ ! -f /etc/ntpd.conf ] ; then
eerror "Could not find /etc/ntpd.conf!"
return 1
fi
if [ -x /usr/bin/getent ] ; then
if [ "`getent passwd ntp | cut -d: -f 6`" != "${NTPD_HOME}" ] ; then
eerror "Home directory of ntp needs to be ${NTPD_HOME}"
eerror "Please run 'usermod -d ${NTPD_HOME} ntp'"
return 1
fi
fi
# This checks if we are connected to Internet
check_online=`ping -c 1 -W 3 68.142.197.80 |grep "bytes from"`
if [ -z "$check_online" ]
then
eerror "ntpd failed to start"
return 1
fi
return 0
}
|
[edit] Further Information
Man pages:
Other:
