This tutorial explains how to configure a NTP (Network Time Protocol) server (using ntpd) and join it to the continuously more demanded NTP pool project.
The NTP pool project is a DNS system, that balances the load of millions of queries for time synchronization by many electronic devices, such as servers, personal computers, tablets, smartphones and more. This means, that all queries for serving an accurate real time clock synchronization, are divided between all servers of the pool.
There are many factors, that increase the time deviation of any real clock. Listing the most relevant: acceleration and gravity (including gravitational waves). If a clock depends on a physical device, such as a quartz oscilator also temperature variations matter.
The NTP protocol is useful for the constantly synchronization of real time clocks, so that the inaccuracy of the real time clock of every day more used electronic devices, is decreased efficiently.
Without the NTP protocol, many electronic processes that depend on having access to an accurate real time clock, would be infeasible.
Some of those important processes are: encryption, bank transfers, digital signage and more.
Because time synchronization services are simple and important for our digital civilization, this tutorial invites you to setup your servers for joining the NTP pool project, so that you contribute to keep millions of digital transactions working properly.
1 Install the Network Time Protocol daemon
This package should have the same name in all linux distributions.
Arch based systems
pacman -S ntp
Debian based systems
apt-get install ntp
Red Hat based systems
dnf install ntp
yum install ntp
SUSE based systems
zypper install ntp
2 Configure the Network Time Protocol daemon
Before you decide to join your servers to the NTP pool project, please read this carefully: www.pool.ntp.org/join.html
If you agree with the text provided in the last link, then it is moment to choose at least three NTP servers your servers will synchronize with.
Please consider that the closer the servers are, the more accurate the time of your servers should be.
It is also recommended to choose servers located in opposite directions, as a strategy against failures of the same fiber optic or copper cables that provide linkage between the servers.
2.1 Choose static NTP servers
You may use these stratum 2 NTP servers:
1a.ncomputers.org 1b.ncomputers.org 1c.ncomputers.org
You may pick servers of the pool randomly:
0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org
You may replace de with your country code
1.de.pool.ntp.org
1.de.pool.ntp.org 2.de.pool.ntp.org 3.de.pool.ntp.org
You may search for additional servers here:
support.ntp.org/bin/view/Servers/StratumTwoTimeServers
support.ntp.org/bin/view/Servers/StratumOneTimeServers
2.2 Query for AAAA and A records
Once you know which servers you want to use, it is moment to know their public IP address. It is preferably that they have IPv6 connectivity.
You may use the linux command dig:
dig 1a.ncomputers.org ANY
;; ANSWER SECTION:
1a.ncomputers.org. 26652 IN AAAA 2a02:c207:2010:9464::1
1a.ncomputers.org. 26652 IN A 173.212.196.208
Or this online app toolbox.googleapps.com/apps/dig
;ANSWER 1a.ncomputers.org. 86399 IN AAAA 2a02:c207:2010:9464::1 1a.ncomputers.org. 86399 IN A 173.212.196.208
2.3 Edit /etc/ntpd.conf file
Once you know the IPv6 and IPv4 addresses of the servers you chose, then copy and paste the below content to /etc/ntpd.conf replacing the bolded addresses accordingly.
driftfile /var/lib/ntp/ntp.drift
restrict default kod nomodify nopeer noquery notrap
restrict localhost
server 2001:4ca0:0:103::81bb:fe20
server 2001:638:a000:1123:123::1
server 2001:62a:4:311::123
2.4 Restart the Network Time Protocol daemon
Once ntpd was configured, it is moment to load the new configuration file.
init.d based init system (e.g: upstart, sysvinit)
service ntp restart
systemd as init system
systemctl restart ntp
2.5 Test your server
You have to wait around five minutes until ntpd stabilizes the time sources and make sure port UDP 123 is open: NTP server test.
3 Add web service redirect (optional)
In case your new NTP server is running web services as well, you may want to redirect web queries to the correct site. For example in apache you should add this virtual host:
Using mod_alias
<VirtualHost *:80>
ServerName pool.ntp.org
ServerAlias *.pool.ntp.org *.ntppool.org
Redirect permanent / http://www.pool.ntp.org/
</VirtualHost>
Using mod_rewrite
<VirtualHost *:80>
ServerName pool.ntp.org
ServerAlias *.pool.ntp.org *.ntppool.org
RewriteRule ^ http://www.pool.ntp.org%{REQUEST_URI} [R=301,L]
</VirtualHost>
4 Join the NTP pool project
Finally, in order to join your servers to the NTP pool project, just follow these steps:
- Go to manage.ntppool.org/manage
- Sign up (in case you do not have an account).
- Log in.
- Write the hostname of your new NTP server or one of its IPv4 / IPv6 static addresses.
- Click on the submit button.
Hopefully you can provide at least one IPv4 static address and one IPv6 static address for each server.
Sometimes you have to wait few minutes until ntpd stabilizes the real time clock.
In case it asks for the physical location of your NTP server you only have to provide the country where it is located.
Once it appears in Your Servers list, you might want to handle the amount of traffic it serves, defining their net speed.
For OpenVZ virtual servers it is recommended, that you choose around 10MBit, since the server might be shutdown, because each OpenVZ instance usually supports a low amount of simultaneously network connections.
For physical and KVM servers you may select the highest available connection speed, even if your connection speed is lower than it.
As a reference data: the amount of traffic served by our NTP servers with a chosen net speed of 1000MBit is around 40 Kb/s downstream and 40 Kb/s upstream.