HOWTO: Set Up an NTP Server
How to Maintain an Accurate System Clock with ntpd
1. Install the NTP daemon
First, install the NTP daemon (ntpd):
sudo aptitude install ntpd
As was previously mentioned, ntpd can act both as a client (synchronizing your system time) and as a server (providing accurate time for other machines).
Optionally, you may also want to remove the previous (deprecated) time synchronization program, ntpdate. Perhaps it may be wiser to do so after you have ntpd working
sudo aptitude remove ntpdate
2. Configure the daemon properly
The configuration file for ntpd is located at /etc/ntp.conf. The default Ubuntu file probably requires some modification for optimal performance.
The first section you may want to modify is the list of servers to synchronize with. The default section probably looks as follows:
# You do need to talk to an NTP server or two (or three). server ntp.ubuntu.com
In order to get the most accurate time possible, it is preferable to communicate with multiple different NTP servers, and keep them as close to your physical location as possible. There are various different server lists online, probably the best is locatedhere. There is some debate over the proper number of servers to use. One is better than two, and three or more probably is a good idea, so long as you don’t go too overboard. An example of a few time servers that I used follows:
server nist1-dc.WiTime.net iburst server ntp0.mcs.anl.gov server 0.us.pool.ntp.org server 1.us.pool.ntp.org server 2.us.pool.ntp.org server 3.us.pool.ntp.org
Once a few good servers have been found, add them to the list, putting ‘iburst’ after the most promising one. For instance:
server nist1-dc.WiTime.net iburst
This will cause ntpd to synchronize very quickly with this server after starting up. Otherwise, ntpd will slowly tend to drift towards agreement with the server list (as is its nature), and it may take 15-20 minutes to synchronize well enough to act as a time server for the rest of your network.
Also, add a few extra lines to the bottom of your servers list to provide your current local time as a default should you temporarly lose Internet connectivity:
server 127.127.1.0 fudge 127.127.1.0 stratum 10
This will prevent any nastiness if you’re running ntpd on a laptop or other machine with intermittent periods of disconnectivity from the Internet.
All in all, the server list should look similar to the following (this is mine, your servers will probably be different):
# You do need to talk to an NTP server or two (or three). server nist1-dc.WiTime.net iburst server ntp0.mcs.anl.gov server 0.us.pool.ntp.org server 1.us.pool.ntp.org server 2.us.pool.ntp.org server 3.us.pool.ntp.org server 127.127.1.0 fudge 127.127.1.0 stratum 10
3. Make sure the configuration works
Now that you have a proper server list in your /etc/ntp.conf file, it is time to run the daemon and see if you synchronize properly! Make sure you have an active Internet connection, and then run:
sudo /etc/init.d/ntp restart
Next, monitor your system log to see if you synchronize with a time server:
tail -f /var/log/syslog
In about 10-15 seconds (or up to 15-20 minutes if you forgot to put ‘iburst’ after your favorite server), you should see something like the following in your system log:
Jul 17 16:50:22 hostname ntpd[22402]: synchronized to 140.221.9.20, stratum 2
If this message never comes, you have not yet properly synchronized with the NTP server network. Check the list of NTP peers you are communicating with using the following:
ntpq -c lpeer
If the ‘delay’, ‘offset’, and ‘jitter’ fields are non-zero and you haven’t synchronized, it probably means that you just need to wait a while. Check again that you’ve inserted the ‘iburst’ argument to your servers list! My peers, for reference, look something like the following:
remote refid st t when poll reach delay offset jitter ============================================================================== *milo.mcs.anl.go 192.5.41.40 2 u 4 64 77 46.213 67.753 2.207 -europium.canoni 193.79.237.14 2 u 63 64 37 97.375 71.020 1.875 -dtype.org 69.25.96.13 2 u 2 64 77 86.956 69.178 1.804 +smtp130.junkema 216.218.254.202 2 u 2 64 77 87.266 67.677 0.916 +kechara.flame.o 216.218.254.202 2 u - 64 77 89.183 68.717 1.713 -host2.kingrst.c 99.150.184.201 2 u - 64 77 24.306 62.121 2.608 LOCAL(0) .LOCL. 10 l 59 64 37 0.000 0.000 0.002
4. Share! (optional)
Once ntpd is running and is synchronized with the time servers you have selected, you may set it up in order to act as a time server for other machines. To do so, add a section like the following to /etc/ntp.conf:
# Allow LAN machines to synchronize with this ntp server restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap restrict 192.168.2.0 mask 255.255.255.0 nomodify notrap
You may add as many (or few) CIDR address blocks to allow to synchronize with your machine as you’d like. I included those commonly used with Linksys (192.168.1.*) and SMC (192.168.2.*) routers.