suse中配置NTP服務(wù)器?
在suse上配置ntp
$vim /etc/ntp.conf
#增加時間源
server 192.168.56.1
$chkconfig ntp on # 在系統(tǒng)重啟時啟動服務(wù)
$service ntp start # 啟動ntp
$service ntp status # 查看ntp狀態(tài)
問題:
1)為什么在故意改了一個錯誤的時間,ntpd沒有更新時間?
如果差異很大,需要重新doing an Initial Synchronization,If the time on the local server is very different from that of its primary time server your NTP daemon will eventually terminate itself leaving an error message in the /var/log/messages file. You should run the ntpdate -u command to force your server to become instantly synchronized with its NTP servers before starting the NTP daemon for the first time. The ntpdate command doesn't run continuously in the background, you will still have to run the ntpd daemon to get continuous NTP updates.
2)/etc/ntp.conf中選擇主NTP Server
選擇了哪個server做為主server是按stratum的大小決定的?應該不是,由ntp的算法決定,如在virtualbox中的suse怎么樣都無法選擇外部時鐘源,ntpd在幾次poll time后算法就決定使用local源,郁悶啊。由于是虛擬機中運行,時鐘和cpu的頻率有關(guān)系,跳得比真實的硬件快,在virtaulbox中ntp的算法認為local源比外部源更準確就使用了local的,解決的方法可以去掉local源,只使用外部源或者在crontab中每分鐘執(zhí)行一次ntpdate了。
即使把本機的stratum設(shè)置為比外部源更高的,過了一段時間以后,virtualbox中的suse還是選擇了local,郁悶again
fudge 127.127.1.0 stratum 12 # not disciplined
remote refid st t when poll reach delay offset jitter
==============================================================================
LOCAL(0) .LOCL. 15 l 9 64 1 0.000 0.000 0.002
192.168.56.1 139.114.32.134 14 u 8 64 1 3.739 -53.045 0.002
注意最開始的時候,ip地址前面是沒有符號的,poll幾次以后ntp就會選擇一個主時間源,前面帶 * 號標識。
3)windows上的ntp server配置
官方ntp.org推薦的win上的ntp server,http://www.meinberg.de/german/sw/ntp.htm
3)如何知道ntp的運行狀態(tài)
使用ntpq命令
$watch ntpq -p # 可以使用watch命令來查看一段時間內(nèi)服務(wù)器各項數(shù)值的變化
使用ntpq命令查看與您同步的服務(wù)器. 它提供你一份時間服務(wù)器配置清單,包括延誤值(delay),偏差值(offset)和抖動值(jitter). 為了能正確同步,延遲值和偏移值應該不為零,抖動值(jitter)應小于100 .
$/usr/local/ntp/bin/ntpq -p
顯示如下:
remote refid st t when poll reach delay offset jitter
========================================================
time.nist.gov .ACTS. 1 u 1606 1024 22 357.845 334.375 71.122
*LOCAL(0) .LOCL. 10 l 11 64 377 0.000 0.000 0.001
ntpq -p 可以列出目前我們的NTP與相關(guān)的上層NTP的狀態(tài),幾個字段的意義為:
remote:亦即是 NTP 主機的 IP 或主機名稱啰~注意最左邊的符號,http://www.ece.udel.edu/~mills/ntp/html/decode.html#peer
*
它告訴我們遠端的服務(wù)器已經(jīng)被確認為我們的主NTP Server,我們系統(tǒng)的時間將由這臺機器所提供
+
它將作為輔助的NTP Server和帶有*號的服務(wù)器一起為我們提供同步服務(wù). 當*號服務(wù)器不可用時它就可以接管
-
遠程服務(wù)器被clustering algorithm認為是不合格的NTP Server
x
遠程服務(wù)器不可用
refid:參考的上一層 NTP 主機的地址
st:stratum 階層
when:幾秒鐘前曾經(jīng)做過時間同步化更新的動作;
poll:下一次更新在幾秒鐘之后;
reach:已經(jīng)向上層 NTP 服務(wù)器要求更新的次數(shù)
delay:網(wǎng)絡(luò)傳輸過程當中延遲的時間,單位為 10^(-6) 秒
offset:時間補償?shù)慕Y(jié)果,單位與 10^(-6) 秒
jitter:Linux 系統(tǒng)時間與 BIOS 硬件時間的差異時間, 單位為 10^(-6) 秒。
也可以檢查一下BIOS時間與Linux系統(tǒng)時間的差異,就是/var/lib/ntp/drift的內(nèi)容,就能了解到Linux系統(tǒng)時間與BIOS硬件時鐘到底差多久?單位為 10^(-6) 秒
下面的從http://www.meinberg.de/english/info/ntp.htm上摘下來的,詳細說明了ntpq -p輸出的每個列的意思,reach列為377表示前8次同步都成功。
Checking the NTP Status
The command line utility ntpq can be used to check the status of a NTP daemon on either the local machine or on a remote host.
ntpq can be run in an interactive mode or in batch mode. In batch mode, ntpq executes a command and returns to the command prompt. The parameter -p ('peers') lets ntpq print the status of a NTP daemon. Enter
ntpq -p
to display the status of the daemon on the local machine, or
ntpq -p ntp_server
to display the status of the daemon on the remote host ntp_server. The command should print a table with one status line for each reference time source which has been configured for the NTP daemon on the specified host:
remote refid st t when poll reach delay offset jitter
=======================================================================
LOCAL(0) LOCAL(0) 12 l 30 64 377 0.000 0.000 0.000
*GENERIC(0) .DCFa. 0 - 24 64 377 0.000 0.050 0.003
+172.16.3.103 .PPS. 1 u 36 64 377 1.306 -0.019 0.043
The table above shows the output for a NTP daemon which has 3 reference time sources: its own local clock, a DCF77 radio clock as refclock-0, plus an NTP daemon on the network, with IP address 172.16.3.103.
If the first character of a line is not blank then it contains a qualifier for the corresponding reference time source. Immediately after the daemon has been started all qualifiers are blank. The NTP daemon needs several polling cycles to check the available time sources and declare one of them as the reference it synchronizes to.
An asterisk * in the first column marks the reference time source which is currently preferred by the NTP daemon, the + character marks high quality candidates for the reference time which could be used if the currently selected reference time source should become unavailable.
The column remote displays the IP address or the host name of the reference time source, where LOCAL refers to the local clock. The refid shows the type of the reference clock, where e.g. LOCAL or LCL refers to the local clockagain, .DCFa. refers to a standard DCF77 time source, and .PPS. indicates that the reference clock is disciplined by a hardware pulse-per-second signal. Other identifiers are possible, depending on the type of the reference clock.
The column st reflects the stratum number of the reference time source. In the example above, the local clock has stratum 12, the remote time server at 172.16.3.103 has stratum 1 which is the best you can see across the network, and the local radio clock has stratum 0, so the radio clock is currently being preferred.
Every time a when count reaches the poll number in the same line, the NTP daemon queries the time from the corresponding time source and resets the when count to 0. The query results of each polling cycle are filtered and used as a measure for the clock's quality and reachability.
The column reach shows if a reference time source could be reached at the last polling intervals, i.e. data could be read from the reference time source, and the reference time source was synchronized. The value must be interpreted as an 8 bit shift register whose contents is for historical reasons displayed as octal values. If the NTP daemon has just been started, the value is 0. Each time a query was successful a '1' is shifted in from the right, so after the daemon has been started the sequence of reach numbers is 0, 1, 3, 7, 17, 37, 77, 177, 377. The maximum value 377 means that the eight last queries were completed successfully.
Queries are considered successful if data can be received from the time source, and the time source in turn claims to be synchronized to some other timesource. In case of a hardware reference clock this means the query considered unsuccessful if the hardware reference clock is not synchronized to its incoming time signal, e.g. because the clock's antenna has been disconnected, or if no data can be received e.g. because the serial cable to an external device has been disconnected.
The NTP daemon must have reached a reference time source several times (reach not 0) before it selects a preferred time source and puts an asterisk in the first column.
The columns delay, offset and jitter show some timing values which are derived from the query results. In some versions of ntpq the last column is labeled disp (for dispersion) instead of jitter. All values are in in milliseconds. The delay value is derived from the roundtrip time of the queries. The offset value shows the difference between the reference time and the system clock. The jitter value indicates the magnitude of jitter between several time queries.