Objective

The objective is to configure private NTP server on Debian 9 Stretch Linux

Operating System and Software Versions

  • Operating System: - Debian 9 Stretch
  • Software: - ntpd 4.2.8

Requirements

Privileged access to your Debian server installation will be required.

Difficulty

EASY

Conventions

  • # - requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
  • $ - requires given linux commands to be executed as a regular non-privileged user

Instructions

If you are running a single system or small local area network with few hosts, setting up a dedicated NTP server could be considered as an overkill. However, for a large network, setting up a private NTP server, privately serving LAN clients only is recommended.

NTP Server Installation

The installation of NTP server is easy as one command execution:
# apt install ntp
After installation, confirm that your NTP server is up and running:
# systemctl status ntp
● ntp.service - LSB: Start NTP daemon
   Loaded: loaded (/etc/init.d/ntp; generated; vendor preset: enabled)
   Active: active (running) since Fri 2017-06-16 10:19:45 AEST; 3s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 1259 ExecStop=/etc/init.d/ntp stop (code=exited, status=0/SUCCESS)
  Process: 1308 ExecStart=/etc/init.d/ntp start (code=exited, status=0/SUCCESS)
    Tasks: 2 (limit: 4915)
   CGroup: /system.slice/ntp.service
           └─1318 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 108:112


NTP Server Configuration

The NTP sever comes pre-configured out of the box. The configuration of your NTP server can be managed via /etc/ntp.conf configuration file. The default NTP server configuration relies on debian.pool.ntp.org server group:
pool 0.debian.pool.ntp.org iburst
pool 1.debian.pool.ntp.org iburst
pool 2.debian.pool.ntp.org iburst
pool 3.debian.pool.ntp.org iburst
Depending on your location you may edit the above NTP server group to any know NTP server closer to your location. Alternatively, use country specific pool.ntp.org sub-groups. For example to limit NTP server sub-group to United States edit your /etc/ntp.conf with:
pool 0.us.pool.ntp.org iburst
pool 1.us.pool.ntp.org iburst
pool 2.us.pool.ntp.org iburst
pool 3.us.pool.ntp.org iburst
This works for most countries. For example if you are within Australia the 0.debian.pool.ntp.org will become 0.au.pool.ntp.org, for India 0.in.pool.ntp.org and so on.

Additionally, you may want to restrict access to your NTP server only to a specific LAN clients. For example by adding the bellow line within your /etc/ntp.conf NTP config file the server will restrict NTP use only to 10.0.0.0 network with mask 255.0.0.0.
restrict 10.0.0.0 mask 255.0.0.0 nomodify notrap
After you have made changes to /etc/ntp.conf NTP configuration file issue server restart:
# systemctl restart ntp
To enable your server to start after reboot run:
# systemctl enable ntp
ntp.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable ntp

Client Configuration

To configure client to use NTP server, first you need to install ntpdate package:
# apt install ntpdate
Once installed, attempt to query your new NTP server. Given that the NTP server can be resolved via host name linuxconfig.ntp execute:
# ntpdate linuxconfig.ntp
6 Jun 10:59:05 ntpdate[11190]: adjust time server 10.1.1.125 offset -0.005883 sec
What remains, is to edit /etc/default/ntpdate file to force your client to use your new NTP server permanently.
ARE YOU LOOKING FOR A LINUX JOB?
Submit your RESUME or create a JOB ALERT on LinuxCareers.com job portal.
DO YOU NEED ADDITIONAL HELP?
Get extra help by visiting our LINUX FORUM or simply use comments below.

You may also be interested in:



Comments and Discussions