Greetings guys Im setting up NTP server and client to sync with it, I want to have a local timeserver to install db, I set up a NTP server and want my clients to sync up with date from this server but I get the below error when I issued ntpdate -u command. 2 Jan 23:54:56 ntpdate[2830]: no server suitable for synchronization found My Environment: RHEL 7. Let me know how to solve this. WIth regards, Gopinath.
The NTP works perfectly if I set the NTP using date and time GUI in RHEL 6, I don’t find this GUI in RHEL 7, any idea on this ?
For more information about this file, see the man pages
ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
Permit time synchronization with our time source, but do not
permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
Permit all access over the loopback interface. This could
be tightened as well, but to do so would effect some of
the administrative functions.
restrict 127.0.0.1
restrict ::1
Hosts on local network are less restricted.
restrict 192.168.2.0 mask 255.255.255.255 nomodify notrap
#restrict 192.168.2.4
Use public servers from the pool.ntp.org project.
#server 0.rhel.pool.ntp.org iburst
#server 1.rhel.pool.ntp.org iburst
#server 2.rhel.pool.ntp.org iburst
#server 3.rhel.pool.ntp.org iburst
server 192.168.2.3 prefer
fudge 192.168.2.3 stratum 10
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
Key file containing the keys and key identifiers used when operating
with symmetric key cryptography.
keys /etc/ntp/keys
Specify the key identifiers which are trusted.
#trustedkey 4 8 42
Specify the key identifier to use with the ntpdc utility.
#requestkey 8
Specify the key identifier to use with the ntpq utility.
#controlkey 8
Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
Disable the monitoring facility to prevent amplification attacks using ntpdc
monlist command when default restrict does not include the noquery flag. See
CVE-2013-5211 for more details.
Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
logfile /var/log/ntp.log
tinker panic 0
Hi,
send us ntpd configuration file
Hi
follow this steps on the server
Install the NTP package:
yum install -y ntp
Activate the NTP service at boot:
systemctl enable ntpd
Start the NTP service:
systemctl start ntpd
The NTP configuration is in the /etc/ntp.conf file.
in section server section you can add server ntp want update with this
For example
Server pool.ntp.org
restrict statement controls, what network is allowed to query and sync time replace network IPs accordingly.
restrict 192.168.1.0 netmask 255.255.255.0 nomodify notrap
The nomodify notrap statements suggest that your clients are not allowed to configure the server or be used as peers for time sync.
If you need additional information for troubleshooting in case there are problems with your NTP daemon add a log file statement which will record all NTP server issues into one dedicated log file.
logfile /var/log/ntp.log
add port ntp to your firewall
NTP service uses UDP port 123 on OSI transport layer (layer . It is designed particularly to resist the effects of variable latency (jitter). To open this port on RHEL/CentOS 7 run the following commands against Firewalld service.
firewall-cmd --add-service=ntp --permanent
firewall-cmd --reload
To get information about the time synchronization process, type:
ntpq -p
remote refid st t when poll reach delay offset jitter
