« TCP Wrapper によるアクセス制御 / CentOS 6.5 (64-bit) | トップページ | 内部 DNS の構築 / CentOS 6.5 (64-bit) »

NTP クライアントの設定 / CentOS 6.5 (64-bit)

LAN 内の NTP サーバー:192.168.154.16 を用いて時間合わせを行います。他からの時間合わせ要求は拒否します。



【インストール】

■ インターネット経由でインストール

[root@sv1 ~]# yum -y install ntp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.fairway.ne.jp
 * extras: mirror.fairway.ne.jp
 * updates: mirror.fairway.ne.jp
base                                                                    | 3.7 kB     00:00
extras                                                                  | 3.4 kB     00:00
updates                                                                 | 3.4 kB     00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ntp.x86_64 0:4.2.6p5-1.el6.centos will be installed
--> Processing Dependency: ntpdate = 4.2.6p5-1.el6.centos for package: ntp-4.2.6p5-1.el6.centos.x86_64
--> Running transaction check
---> Package ntpdate.x86_64 0:4.2.6p5-1.el6.centos will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package            Arch              Version                            Repository       Size
===============================================================================================
Installing:
 ntp                x86_64            4.2.6p5-1.el6.centos               base            592 k
Installing for dependencies:
 ntpdate            x86_64            4.2.6p5-1.el6.centos               base             75 k

Transaction Summary
===============================================================================================
Install       2 Package(s)

Total download size: 667 k
Installed size: 1.7 M
Downloading Packages:
(1/2): ntp-4.2.6p5-1.el6.centos.x86_64.rpm                              | 592 kB     00:01
(2/2): ntpdate-4.2.6p5-1.el6.centos.x86_64.rpm                          |  75 kB     00:00
-----------------------------------------------------------------------------------------------
Total                                                          312 kB/s | 667 kB     00:02
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : ntpdate-4.2.6p5-1.el6.centos.x86_64                                         1/2
  Installing : ntp-4.2.6p5-1.el6.centos.x86_64                                             2/2
  Verifying  : ntp-4.2.6p5-1.el6.centos.x86_64                                             1/2
  Verifying  : ntpdate-4.2.6p5-1.el6.centos.x86_64                                         2/2

Installed:
  ntp.x86_64 0:4.2.6p5-1.el6.centos

Dependency Installed:
  ntpdate.x86_64 0:4.2.6p5-1.el6.centos

Complete!
[root@sv1 ~]#


■ インストール DVD(ISO イメージファイル)からインストール(※事前にこの処理をする必要あり)

[root@sv1 ~]# mount /dev/cdrom /mnt
mount: block device /dev/sr0 is write-protected, mounting read-only
[root@sv1 ~]# yum --disablerepo=\* --enablerepo=centos-dvd -y install ntp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
centos-dvd                                                              | 4.0 kB     00:00 ...
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ntp.x86_64 0:4.2.6p5-1.el6.centos will be installed
--> Processing Dependency: ntpdate = 4.2.6p5-1.el6.centos for package: ntp-4.2.6p5-1.el6.centos.x86_64
--> Running transaction check
---> Package ntpdate.x86_64 0:4.2.6p5-1.el6.centos will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================
 Package           Arch             Version                         Repository            Size
===============================================================================================
Installing:
 ntp               x86_64           4.2.6p5-1.el6.centos            centos-dvd           592 k
Installing for dependencies:
 ntpdate           x86_64           4.2.6p5-1.el6.centos            centos-dvd            75 k

Transaction Summary
===============================================================================================
Install       2 Package(s)

Total download size: 667 k
Installed size: 1.7 M
Downloading Packages:
-----------------------------------------------------------------------------------------------
Total                                                           82 kB/s | 667 kB     00:08
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : ntpdate-4.2.6p5-1.el6.centos.x86_64                                         1/2
  Installing : ntp-4.2.6p5-1.el6.centos.x86_64                                             2/2
  Verifying  : ntp-4.2.6p5-1.el6.centos.x86_64                                             1/2
  Verifying  : ntpdate-4.2.6p5-1.el6.centos.x86_64                                         2/2

Installed:
  ntp.x86_64 0:4.2.6p5-1.el6.centos

Dependency Installed:
  ntpdate.x86_64 0:4.2.6p5-1.el6.centos

Complete!
[root@sv1 ~]# umount /mnt
[root@sv1 ~]#




【関係するファイル】

■ /etc/ntp.conf : 設定ファイル(赤太字:変更箇所 / 青太字:説明)

# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift                                          時刻の補正情報を記録するファイル

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.

#restrict default kod nomodify notrap nopeer noquery
#restrict -6 default kod nomodify notrap nopeer noquery
restrict default ignore                                           初期状態としてすべての問い合わせを無視
restrict 192.168.154.16 mask 255.255.255.255 nomodify notrap noquery  NTP サーバーとの通信を許可

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1                                                    自分自身との通信を許可(IPv4)
restrict -6 ::1                                                       自分自身との通信を許可(IPv6)

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 192.168.154.16 iburst                                      参照する NTP サーバー(192.168.154.16)

#broadcast 192.168.1.255 autokey        # broadcast server
#broadcastclient                        # broadcast client
#broadcast 224.0.1.1 autokey            # multicast server
#multicastclient 224.0.1.1              # multicast client
#manycastserver 239.255.254.254         # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw                                        パスワードファイル(変更しない)

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys                                                    キーファイル(変更しない)

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats




【オペレーション】

■ /var/lib/ntp/drift の初期化(ntp サービスの停止時に実行)

[root@sv1 ~]# echo -n "0" > /var/lib/ntp/drift
[root@sv1 ~]# ls /var/lib/ntp
drift
[root@sv1 ~]#


■ ntp サーバーを用いた時刻合わせ(ntpd サービスの起動前に実行)

[root@sv1 ~]# ntpdate 192.168.154.16
28 Dec 23:36:49 ntpdate[1530]: adjust time server 192.168.154.16 offset 0.025449 sec
[root@sv1 ~]#


■ 起動時に ntpd を自動開始を有効化

[root@sv1 ~]# chkconfig ntpd on
[root@sv1 ~]#


■ 起動時に ntpd を自動起動を無効化

[root@sv1 ~]# chkconfig ntpd off
[root@sv1 ~]#


■ ランレベル毎の起動状況確認(自動起動:有効)

[root@sv1 ~]# chkconfig --list ntpd
ntpd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@sv1 ~]#


■ ランレベル毎の起動状況確認(自動起動:無効)

[root@sv1 ~]# chkconfig --list ntpd
ntpd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
[root@sv1 ~]#


■ ntpd サービスの開始(起動)

[root@sv1 ~]# service ntpd start
Starting ntpd:                                             [  OK  ]
[root@sv1 ~]#


■ ntpd サービスの終了(停止)

[root@sv1 ~]# service ntpd stop
Shutting down ntpd:                                        [  OK  ]
[root@sv1 ~]#


■ ntpd サービスの再起動

[root@sv1 ~]# service ntpd restart
Shutting down ntpd:                                        [  OK  ]
Starting ntpd:                                             [  OK  ]
[root@sv1 ~]#


■ NTP サーバーとの同期状態確認 : IP アドレスの前の"*"は NTP サーバーと同期が取れていることを示す

[root@sv1 ~]# ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*192.168.154.16  133.243.238.163  2 u   20   64    1    0.105   -8.188   0.165
[root@sv1 ~]#

« TCP Wrapper によるアクセス制御 / CentOS 6.5 (64-bit) | トップページ | 内部 DNS の構築 / CentOS 6.5 (64-bit) »

Linux」カテゴリの記事