centos如何搭建ntp服务器（Linux系统搭建NTP服务器-以centos7为例）

首先ssh登录到服务器，获取root权限cat /etc/redhat-release，下面我们就来聊聊关于centos如何搭建ntp服务器?接下来我们就一起去了解一下吧!

centos如何搭建ntp服务器

---

首先ssh登录到服务器，获取root权限。

1.检查服务器版本信息

cat /etc/redhat-release

centos Linux release 7.9.2009 (Core)

2.检查服务器是否安装NTP服务

rpm -qa | grep ntp

fontpackages-filesystem-1.44-8.el7.noarch ntp-4.2.6p5-29.el7.centos.2.x86_64 ntpdate-4.2.6p5-29.el7.centos.2.x86_64

3.安装NTP服务

yum install ntp -y

已加载插件：fastestmirror, langpacks Determining fastest mirrors Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=x86_64 error was 14: curl#6 - "Could not resolve host: mirrors.fedoraproject.org; 未知的错误"

base: mirrors.aliyun.com

epel: epel.mirror.angkasa.id

extras: mirrors.aliyun.com

updates: mirrors.aliyun.com http://mirrors.aliyun.com/centos/7/os/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.aliyun.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.cloud.aliyuncs.com/centos/7/os/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.cloud.aliyuncs.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.aliyuncs.com/centos/7/os/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.aliyuncs.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.aliyun.com/centos/7/extras/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.aliyun.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.cloud.aliyuncs.com/centos/7/extras/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.cloud.aliyuncs.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.aliyuncs.com/centos/7/extras/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.aliyuncs.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.aliyun.com/centos/7/updates/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.aliyun.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.cloud.aliyuncs.com/centos/7/updates/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.cloud.aliyuncs.com; 未知的错误" 正在尝试其它镜像。 http://mirrors.aliyuncs.com/centos/7/updates/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirrors.aliyuncs.com; 未知的错误" 正在尝试其它镜像。 软件包 ntp-4.2.6p5-29.el7.centos.2.x86_64 已安装并且是最新版本 软件包 ntpdate-4.2.6p5-29.el7.centos.2.x86_64 已安装并且是最新版本 无须任何处理

可能会出现以上情况，这个是dns解析问题，需要设置dns 服务器 按实际情况填写

vim /etc/resolv.conf

#Generated by NetworkManager

nameserver 192.168.2.1 nameserver 218.2.135.1 ~ ~ ~ ~

添加dns即可

设置好正确的dns就可以了

再次执行

yum install ntp -y

base | 3.6 kB 00:00:00 epel | 4.7 kB 00:00:00 extras | 2.9 kB 00:00:00 updates | 2.9 kB 00:00:00 (1/5): epel/x86_64/group_gz | 96 kB 00:00:00 (2/5): epel/x86_64/updateinfo | 1.1 MB 00:00:00 (3/5): epel/x86_64/primary_db | 7.0 MB 00:00:00 (4/5): extras/7/x86_64/primary_db | 246 kB 00:00:00 (5/5): updates/7/x86_64/primary_db | 14 MB 00:00:42 软件包 ntp-4.2.6p5-29.el7.centos.2.x86_64 已安装并且是最新版本 软件包 ntpdate-4.2.6p5-29.el7.centos.2.x86_64 已安装并且是最新版本

等待安装完成。

重复执行

4.配置NTP服务端首先备份一下ntp服务器配置文件

cp /etc/ntp.conf /etc/ntp.conf.bak

执行完成后，执行

vim /etc/ntp.conf

进入编辑界面

# For more information about this file, see the man pages# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).driftfile /var/lib/ntp/drift# Permit time synchronization with our time source, but do not# permit the source to query or modify the service on this system.restrict default nomodify notrap nopeer noquery# Permit all access over the loopback interface. This could# be tightened as well, but to do so would effect some of# the administrative functions.restrict 127.0.0.1restrict ::1#允许内网内192.168.2.0 网段的机器同步时间restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap# Hosts on local network are less restricted.#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap# Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).#server 0.centos.pool.ntp.org iburst#server 1.centos.pool.ntp.org iburst#server 2.centos.pool.ntp.org iburst#server 3.centos.pool.ntp.org iburst#定义上层的时间服务器地址，也就是GPS的地址#这里我用的是一个公网的server 203.107.6.88 iburstFudge 203.107.6.88 stratum 10#允许203.107.6.88这个地址更改本机时间restrict 203.107.6.88 notrap noqueryrestrict 203.107.6.88 nomodify notrap noquery#当时间服务器无效时，使用本机的时间作为时间服务器server 127.127.1.0Fudge 127.127.1.0 stratum 10# permit the source to query or modify the service on this system.restrict default nomodify notrap nopeer noquery# Permit all access over the loopback interface. This could# be tightened as well, but to do so would effect some of# the administrative functions.restrict 127.0.0.1restrict ::1#允许内网内192.168.2.0 网段的机器同步时间restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap# Hosts on local network are less restricted.#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap# Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).#server 0.centos.pool.ntp.org iburst#server 1.centos.pool.ntp.org iburst#server 2.centos.pool.ntp.org iburst#server 3.centos.pool.ntp.org iburst#定义上层的时间服务器地址，也就是GPS的地址#这里我用的是一个公网的server 203.107.6.88 iburstFudge 203.107.6.88 stratum 10#允许203.107.6.88这个地址更改本机时间restrict 203.107.6.88 notrap noqueryrestrict 203.107.6.88 nomodify notrap noquery#当时间服务器无效时，使用本机的时间作为时间服务器server 127.127.1.0Fudge 127.127.1.0 stratum 10#broadcast 192.168.1.255 autokey # broadcast server#broadcastclient # broadcast client#broadcast 224.0.1.1 autokey # multicast server#multicastclient 224.0.1.1 # multicast client#manycastserver 239.255.254.254 # manycast server#manycastclient 239.255.254.254 autokey # manycast client# Enable public key cryptography.#cryptoincludefile /etc/ntp/crypto/pw# Key file containing the keys and key identifiers used when operating# with symmetric key cryptography. keys /etc/ntp/keys# Specify the key identifiers which are trusted.#trustedkey 4 8 42# Specify the key identifier to use with the ntpdc utility.#requestkey 8# Specify the key identifier to use with the ntpq utility.#controlkey 8# Enable writing of statistics records.#statistics clockstats cryptostats loopstats peerstats# Disable the monitoring facility to prevent amplification attacks using ntpdc# monlist command when default restrict does not include the noquery flag. See# CVE-2013-5211 for more details.# Note: Monitoring will not be disabled with the limited restriction flag.disable monitorserver 127.127.1.0 iburst

设置完成后，重启NTP服务

systemctl restart ntpd

5.测试服务器是否正常服务器测试与上层服务器

ps -ef |grep ntpd

[root@localhost etc]# ps -ef |grep ntpdntp 3290 1 0 11:25 ? 00:00:00 /usr/sbin/ntpd -u ntp:ntp -groot 4022 31887 0 11:37 pts/0 00:00:00 grep --color=auto ntpd

ntpq -p

remote refid st t when poll reach delay offset jitter==============================================================================*203.107.6.88 100.107.25.114 2 u 2 64 1 23.471 6.077 0.126LOCAL(0) .LOCL. 10 l 11 64 1 0.000 0.000 0.000

Windows客户端测试6.设置开机自动启动ntpd服务

systemctl enable ntp

重启验证

systemctl status ntpd

如果成功 如下加粗字体"active(running)"

● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: active (running) since 三 2022-03-16 13:58:59 CST; 2min 31s ago Process: 949 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 966 (ntpd) Tasks: 1 CGroup: /system.slice/ntpd.service └─966 /usr/sbin/ntpd -u ntp:ntp -g

3月 16 13:58:57 localhost.localdomain ntpd[966]: 0.0.0.0 c016 06 restart 3月 16 13:58:57 localhost.localdomain ntpd[966]: 0.0.0.0 c012 02 freq_set kernel 1.633 PPM 3月 16 13:58:59 localhost.localdomain ntpd[966]: 0.0.0.0 c515 05 clock_sync 3月 16 13:58:59 localhost.localdomain systemd[1]: Started Network Time Service. 3月 16 13:59:03 localhost.localdomain ntpd[966]: Listen normally on 4 ens192 192.168.2.100 UDP 123 3月 16 13:59:03 localhost.localdomain ntpd[966]: Listen normally on 5 ens192 fe80::3a3a:3d77:52d4:d937 UDP 123 3月 16 13:59:03 localhost.localdomain ntpd[966]: new interface(s) found: waking up resolver 3月 16 13:59:09 localhost.localdomain ntpd[966]: Listen normally on 6 virbr0 192.168.122.1 UDP 123 3月 16 13:59:09 localhost.localdomain ntpd[966]: new interface(s) found: waking up resolver 3月 16 14:00:03 localhost.localdomain ntpd[966]: 0.0.0.0 0613 03 spike_detect -22.010853 s

如果失败 如下所示

● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: inactive (dead)

如果失败需要关闭chronyd服务

systemctl disable chronyd

Removed symlink /etc/systemd/system/multi-user.target.wants/chronyd.service.

disabled

重启验证

,