[CentOS7]NTP 서버 구축 및 동기화

2023.09.25

 

 

NTP 서버란

 

 

 

NTP서버 구축

환경: Virtualbox

OS : CentOS 7

[user@localhost ~]$ su - root
Password:
Last login: Sun Sep 24 13:37:25 KST 2023 on pts/1
Last failed login: Mon Sep 25 19:59:59 KST 2023 on pts/0
There was 1 failed login attempt since the last successful login.

우선 root로 진행을 하기 위해 su - root 로 바꿔 진행한다.

 

Chrony 패키지 설치

[root@localhost ~]# yum install -y chrony
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.kakao.com
 * extras: mirror.kakao.com
 * updates: mirror.kakao.com
base                                                                  | 3.6 kB  00:00:00
extras                                                                | 2.9 kB  00:00:00
updates                                                               | 2.9 kB  00:00:00
Package chrony-3.4-1.el7.x86_64 already installed and latest version
Nothing to do

 

Chrony 환경 설정 변경

[user@localhost ~]$ cat /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html). => 기존 설정 주석처리
#server 0.asia.pool.ntp.org
#server 1.asia.pool.ntp.org
#server 2.asia.pool.ntp.org
#server 3.asia.pool.ntp.org

# 추가 삽입
#Korea time Chrony 
server 3.kr.pool.ntp.org
server 1.asia.pool.ntp.org
server 0.asia.pool.ntp.org

allow 192.168.56.0.0/24

# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift

# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3

# Enable kernel synchronization of the real-time clock (RTC).
rtcsync

# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *

# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2

# Allow NTP client access from local network.
#allow 192.168.0.0/16

# Serve time even if not synchronized to a time source.
#local stratum 10

# Specify file containing keys for NTP authentication.
#keyfile /etc/chrony.keys

# Specify directory for log files.
logdir /var/log/chrony

# Select which information is logged.
#log measurements statistics tracking

환경설정을 크게 바꿀 것은 없다. 기존에 동기화해서 가져오는 서버를 주석처리한다.

대신 한국시간에 맞게 ntp 설정을 한다.

 

방화벽 설정

[root@localhost ~]# firewall-cmd --add-service=ntp --permanent
success

[root@localhost ~]# firewall-cmd --reload
success

NTP 서비스 관련 방화벽 허용합니다

 

 

Chronyd 서비스 재시작

[root@localhost ~]# systemctl restart chronyd

 

동기화 확인

[root@localhost ~]# chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^? 175.193.3.234                 3   6     1    10  +1444us[+1444us] +/-   26ms
^? 119.28.183.184                0   6     0     -     +0ns[   +0ns] +/-    0ns
^? 114-35-131-27.hinet-ip.h>     2   6     1    11  +7975us[+7975us] +/-  151ms

처음에는 엄청나게 숫자가 높아서 당황했다

 

그래서 데몬은 재시작하고 동기화를 확인했더니 숫자가 낮아졌다. 동기화가 높아졌다

[root@localhost ~]# chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* mail.innotab.com              3   6    37    65    +35us[+2717us] +/-   36ms
^- ns2.ads.net.id                2   6    37    63    +20ms[  +20ms] +/-  237ms
^? 121.174.142.81                0   6     0     -     +0ns[   +0ns] +/-    0ns

[root@localhost ~]# chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^? 193.123.243.2                 2   6     1    55   +300us[ +300us] +/- 9821us
^? time.nayatel.com              2   6     1    55   +112ms[ +112ms] +/- 1458ms
^? 061239100196.ctinets.com      0   6     0     -     +0ns[   +0ns] +/-    0ns

[user@localhost ~]$ chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* 193.123.243.2                 2   6   177    88   +109us[  +67us] +/- 8031us
^- time.firstlink.net.np         3   6     7    20    +45ms[  +45ms] +/-  385ms
^? 061239100196.ctinets.com      0   7     0     -     +0ns[   +0ns] +/-    0ns

[user@localhost ~]$ chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* 193.123.243.2                 2   6   377    34   -582us[ -738us] +/- 7573us
^- time.firstlink.net.np         3   6   377    27  +6857us[+6857us] +/-  350ms
^? 061239100196.ctinets.com      0   8     0     -     +0ns[   +0ns] +/-    0ns

[user@localhost ~]$ chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* 193.123.243.2                 2   6   377    27   -212us[ -344us] +/- 6616us
^- time.firstlink.net.np         3   6   377    20    +21ms[  +21ms] +/-  379ms
^? 061239100196.ctinets.com      0   8     0     -     +0ns[   +0ns] +/-    0ns

[root@localhost ~]# chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* mail.innotab.com              3   6    37    65    +35us[+2717us] +/-   36ms
^- ns2.ads.net.id                2   6    37    63    +20ms[  +20ms] +/-  237ms
^? 121.174.142.81                0   6     0     -     +0ns[   +0ns] +/-    0ns

숫자가 낮아지긴 했지만, 다시 엄청나게 올라간다..

 

이 문제는 추후에 다시 해결해봐야할 듯 싶다