You are here

Linux Time

technology:

Linux

Time is a critical element for your computer and is one of the easiest things to set automatically. Here is information about time, how to keep your Linux computer on time, and how to share the time with others. The exact details vary across Linux distributions. Unix computers have similar facilities and again the details vary across Unixes.

Install NTP

RedHat, Fedora, SUSE, openSUSE, CentOS, and Mandriva Linux download software in RPM packages. Look in the documentation for the respective distributions to find out how to download packages using geeky command line instructions or a regular graphical program if provided. Look for packages named ntp followed by a release and ending with .rpm.

Look for file /etc/ntp.conf, the configuration file for the NTP service and server. The first part will contain lines similar to the following where the keyword is server, the next part is the name of a time server, and the third part, the part starting with #, is a comment describing the time server and the reason why you chose that time server.
server ntp1.tpg.com.au # A local Australian server server time-a.nist.gov # International backup in case Australian is offline

Add as many servers as you like starting with local ones and going out to international servers. Servers go out of action and may be switched from public to private so add several servers at every level.

Your Time Server

One of your Linux computers can be a time server for all other computers in your network so start with your time server computer. The time server computer must be able to access it's own time server to set it's own time. Create a line similar to the following line to give the local time server computer access to the local time server. The line starts by saying it is restricting stuff but there are no keywords to specify restrictions, which means the line does not restrict access, instead it grants open access.
restrict 127.0.0.1

Now you give other computers access to the time server using a line similar to the following line. You use a restrict command then a local address, which is the time server address, and then a mask to specify the size of the network. The 255.255.255.0 mask is common for local networks with up to 250 computers. The nomodify and notrap keywords tell the NTP server that the time service cannot be modified by the other computers on the network.
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

Now for a big decision. You could stop the computers on your network accessing time servers outside your network, which would cut down NTP traffic across your broadband link. The following example stops your computers from flooding the Nist time server with NTP requests because only your time server is allowed access. You could repeat this line for all the major time servers to reduce NTP traffic.
restrict time-a.nist.gov mask 255.255.255.255 nomodify notrap noquery

There are a few problems if you are too restrictive. Some of your existing local computers may use external servers which means you have to switch the local computers to your local time server before switching off access to the external servers. Some local machines may use the international servers as default backups which means you have to provide a local backup before switching off the external backup. And what happens when you have visitors, guests or students, where do their notebook computers go for time?

Follow the documentation on NTP for your Linux distribution to restart NTP, which will make NTP read your modifications to the NTP configuration file. You need to make NTP start automatically when your server starts and you have to put NTP on a server that is active 24 hours per day every day of the year.

The best choices for continuous availability are firewalls, file servers, and print servers. If you use a powerful computer as a firewall then the computer will have far more processing power than is needed for the firewall and the computer can use the spare power to be an NTP server plus a DHCP server and a few other functions related to connections across the firewall. File servers are often sitting around bored silly waiting for disks to find data, which makes file servers a possibility. Unfortunately file servers can saturate their network connection and delay NTP traffic. Print servers are similar to file servers in that they can have, on average, a huge spare capacity, but then block NTP traffic while transferring huge print jobs. The firewall computers have the most even workload and, on many business networks, have a faster connection to the local network than to the Internet, which gives the firewalls plenty of capacity to serve NTP.

Routers

Many people have their firewalls on intelligent routers which also provide other services including DHCP and NTP. My previous router had an NTP server which let me point the router to the external NTP servers and point my local computers to the router. Sadly my current router, a D-Link DGL-4300, does not serve NTP to the local network. After using a firewall/router with NTP, using a firewall/router without NTP is painful.

Choose Time Servers

Which time servers are the best source of time for your NTP server? There are discussions of time servers in Time and W32time. Choose the time server closest to you in terms of hops across the Internet.

By Distribution

The star logo for Mandriva linux Mandriva: Time Tools

Conclusion

Put an NTP server on your firewall so all your local NTP traffic can end there. Point the NTP server at the closest stratum two time server to get accurate time with the minimum delay. Point all your local computers at the firewall NTP server. Leave NTP traffic open to the Internet if you have any guests with notebooks using your local network. You will have less Internet traffic and your local computers will have accurate matching times.

Facebook Like
Pinterest
Log in or register to post comments