Tuesday, January 8, 2019

How to setup NTP so clocks will be correct on OraLinux VMs without Timesync of VMTools

So my Weather proxy server "oralinux2" appeared to be broken, and I could get it fixed with a restart of the VM.

Then I checked the time with "date" command and found it was 4 hours off.

So it was working and sending my weather data to Wunderground, but it was always sending the current data with a timestamp that showed it was 4 hours old.  This results in Wunderground saying my station was offline.

(No new data in the last 5 minutes, based on the timestamp.)

To correct this in the past I manually ran a SYNC command like this:

ntpdate -s us.pool.ntp.org

This would set the time once....but in a few months the problem would happen again.

So I found this:

https://docs.oracle.com/cd/E37670_01/E41138/html/section_m5p_j1h_pp.html

13.1.1 Configuring the ntpd Service

To configure the ntpd service on a system:
  1. Install the ntp package.
    # yum install ntp
  2. Edit /etc/ntp.conf to set up the configuration for ntpd.
    Note
    The default configuration assumes that the system has network access to public NTP servers with which it can synchronise. The firewall rules for your internal networks might well prevent access to these servers but instead allow access to local NTP servers.
    The following example shows a sample NTP configuration for a system that can access three NTP servers:
    server NTP_server_1
server NTP_server_2
server NTP_server_3
server  127.127.1.0
fudge   127.127.1.0 stratum 10
driftfile /var/lib/ntp/drift
restrict default nomodify notrap nopeer noquery
    The server and fudge entries for 127.127.1.0 cause ntpd to use the local system clock if the remote NTP servers are not available. The restrict entry allows remote systems only to synchronise their time with the local NTP service.
    For more information about configuring ntpd, see http://doc.ntp.org/4.2.6p5/manyopt.html.
  3. Create the drift file.
    # touch /var/lib/ntp/drift
  4. If remote access to the local NTP service is required, configure the system firewall to allow access to the NTP service on UDP port 123, for example:
    # iptables -I INPUT -p udp -m udp --dport 123 -j ACCEPT
# service iptables save
  5. Start the ntpd service and configure it to start following a system reboot.
    # service ntpd start
# chkconfig ntpd on
You can use the ntpq and ntpstat commands to display information about the operation of ntpd, for example:
# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*ns1.proserve.nl 193.67.79.202    2 u   21   64  377   31.420   10.742   3.689
-pomaz.hu        84.2.46.19       3 u   22   64  377   59.133   13.719   5.958
+server.104media 193.67.79.202    2 u   24   64  377   32.110   13.436   5.222
+public-timehost 193.11.166.20    2 u   28   64  377   57.214    9.304   6.311
# ntpstat
synchronised to NTP server (80.84.224.85) at stratum 3 
   time correct to within 76 ms
   polling server every 64
For more information, see the ntpd(8), ntpd.conf(5), ntpq(8), and ntpstat(8) manual pages and http://doc.ntp.org/4.2.6p5/.

------------------------------------- Commands executed are: ----------------
  500  yum install ntp
  501  vi /etc/ntp.conf
  502  touch /var/lib/ntp/drift
  503  service ntpd start
  504  chkconfig ntpd on
  505  ntpq -p

--------------- npt.conf file contents -----------------Showing only the section changed --------------
 # For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# Hosts on local network are less restricted.
restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 192.168.2.17
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst
fudge 192.168.2.17 stratum 10

#broadcast 192.168.1.255 autokey        # broadcast server
#broadcastclient                        # broadcast client
#broadcast 224.0.1.1 autokey            # multicast server
#multicastclient 224.0.1.1              # multicast client
#manycastserver 239.255.254.254         # manycast server
#manycastclient 239.255.254.254 autokey # manycast client---------------- Many more lines are in the file....nothing else was changed ------------------------

--------------- Output of ntpq - p command --------------
[root@oralinux2 ~]# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 pfsensesff0.loc 129.6.15.28      2 u   60   64  377    0.250  67693.0 33537.4
 time.nullrouten 216.218.254.202  2 u   60   64    7   58.114  67696.9 32387.5
 hadb2.smatwebde 209.51.161.238   2 u   62   64    7   22.521  67478.6 32173.0
 ellone.fdisk.io 128.59.0.245     2 u   60   64    7   21.988  67694.7 32266.3

That is all for now,
David
Posted by at No comments:
Subscribe to: Posts (Atom)