Kusprayitna Blogs

Hidup untuk berbagi ilmu :: IT Linux Windows Database Oracle PHP OpenSource

Archive for the 'ntp' Category

Sinkronisasi jam server dengan ntp

Posted by kusprayitna on 12th October 2010

Sudah cukup banyak server di kantor, dan setelah beberapa kali melakukan trace data dan log ternyata terjadi perbedaan vital pada jam akses. Ini cukup pusing ketika dituntut membuat alur proses terjadi suatu peristiwa.

Untuk itu diperlukan sinkronisasi jam setiap server.

Tahapan yang dilakukan yaitu :

A. Install time server yang disinkronkan dengan time.windows.com

  1. Install software time server, yaitu ntp

    # yum install ntp
    Loaded plugins: fastestmirror, priorities
    Loading mirror speeds from cached hostfile
    * addons: mirror.aarnet.edu.au
    * base: mirror.primusdatacentre.com.au
    * extras: mirror.primusdatacentre.com.au
    * updates: centosz4.centos.org
    addons | 951 B 00:00
    base | 2.1 kB 00:00
    extras | 2.1 kB 00:00
    updates | 1.9 kB 00:00
    Excluding Packages in global exclude list
    Finished
    13 packages excluded due to repository priority protections
    Setting up Install Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package ntp.i386 0:4.2.2p1-9.el5.centos.2.1 set to be updated
    --> Finished Dependency Resolution

    Dependencies Resolved

    =============================================================================================================================================================
    Package Arch Version Repository Size
    =============================================================================================================================================================
    Installing:
    ntp i386 4.2.2p1-9.el5.centos.2.1 base 1.3 M

    Transaction Summary
    =============================================================================================================================================================
    Install 1 Package(s)
    Upgrade 0 Package(s)

    Total download size: 1.3 M
    Is this ok [y/N]: y
    Downloading Packages:
    ntp-4.2.2p1-9.el5.centos.2.1.i386.rpm | 1.3 MB 00:10
    Running rpm_check_debug
    Running Transaction Test
    Finished Transaction Test
    Transaction Test Succeeded
    Running Transaction
    Installing : ntp 1/1

    Installed:
    ntp.i386 0:4.2.2p1-9.el5.centos.2.1

    Complete!

  2. Sinkronisasi dengan time.windows.com# ntpdate time.windows.com
    12 Oct 11:21:13 ntpdate[13801]: step time server 207.46.197.32 offset 2.658536 sec

    dari info diatas ternyata ada selisih waktu sekitar 2 detik dengan time.windows.com

  3. Jalankan sebagai daemon time server. Untuk konfigurasi ada di "/etc/ntp.conf". Isi default yaitu :

    # Permit time synchronization with our time source, but do not
    # permit the source to query or modify the service on this system.
    restrict default kod nomodify notrap nopeer noquery
    restrict -6 default kod nomodify notrap nopeer noquery

    # Permit all access over the loopback interface. This could
    # be tightened as well, but to do so would effect some of
    # the administrative functions.
    restrict 127.0.0.1
    restrict -6 ::1

    # Hosts on local network are less restricted.
    #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

    # Use public servers from the pool.ntp.org project.
    # Please consider joining the pool (http://www.pool.ntp.org/join.html).
    server 0.centos.pool.ntp.org
    server 1.centos.pool.ntp.org
    server 2.centos.pool.ntp.org

    #broadcast 192.168.1.255 key 42 # broadcast server
    #broadcastclient # broadcast client
    #broadcast 224.0.1.1 key 42 # multicast server
    #multicastclient 224.0.1.1 # multicast client
    #manycastserver 239.255.254.254 # manycast server
    #manycastclient 239.255.254.254 key 42 # manycast client

    # Undisciplined Local Clock. This is a fake driver intended for backup
    # and when no outside source of synchronized time is available.
    server 127.127.1.0 # local clock
    fudge 127.127.1.0 stratum 10

    # Drift file. Put this in a directory which the daemon can write to.
    # No symbolic links allowed, either, since the daemon updates the file
    # by creating a temporary in the same directory and then rename()'ing
    # it to the file.
    driftfile /var/lib/ntp/drift

    # Key file containing the keys and key identifiers used when operating
    # with symmetric key cryptography.
    keys /etc/ntp/keys

    # Specify the key identifiers which are trusted.
    #trustedkey 4 8 42

    # Specify the key identifier to use with the ntpdc utility.
    #requestkey 8

    # Specify the key identifier to use with the ntpq utility.
    #controlkey 8

    Ini dapat dijelaskan secara sederhana sebagai berikut :
    a. Tolak semua akses, baik baca maupun update
    b. Ijinkan localhost untuk semua akses
    c. update time dari beberapa server di centos.pool.ntp.org

  4. Sesuaikan seting time server agar: Read the rest of this entry »

Posted in Application, Centos, ntp | No Comments »