ntp server - ntp client - debian based linux

A quick recipe on how to install and configure ntp servers and ntp clients on debian based Linux Systems.

Install the NTP daemon and utility programs
# apt-get install ntp 
Optionally you may install ntp-doc and ntpdate ( an ntp client )

Add some NTP servers at /etc/ntp.conf
#grep server /etc/ntp.conf 
server 0.pool.ntp.org
server ntp.ubuntu.com
server 1.debian.pool.ntp.org
You could also add the server's clock as last resort
server 127.127.1.0
fudge 127.127.1.0 stratum 10



A List of public Internet NTP Server Pools:
0.pool.ntp.org
1.pool.ntp.org
2.pool.ntp.org
3.pool.ntp.org
0.debian.pool.ntp.org
1.debian.pool.ntp.org
2.debian.pool.ntp.org
3.debian.pool.ntp.org
europe.pool.ntp.org
uk.pool.ntp.org


To allow time updates from a certain network eg: 10.0.0.0/8 you could add restrict statements
restrict 10.0.0.0 mask 255.0.0.0 nomodify


Check if you are able to synchronize with public ntp servers
#ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+tuxli.ch        213.239.239.165  3 u  105  128  377   76.294    2.642   0.263
+europium.canoni 193.79.237.14    2 u  103  128  377   82.345    1.168   0.378




Another way to Configure you NTP server to provide Time to your Local Network.
grep broadcast /etc/ntp.conf 
broadcast 192.168.99.255
192.168.99.0/24 is an example local network.

Allow UDP traffic on port 123 to the networks you provide time.
# iptables -A INPUT -p udp --dport 123 -s 192.168.99.0/24 -j ACCEPT
# iptables -A INPUT -m state --state NEW -p udp --dport 123 -s 192.168.99.0/24 -j ACCEPT
# iptables -A INPUT -p udp --dport 123 -s 10.0.0.0/8 -j ACCEPT
# iptables -A INPUT -m state --state NEW -p udp --dport 123 -s 10.0.0.0/8 -j ACCEPT



Test your ntp server from another host on the network in which you provide time.
$ apt-get install ntpdate
$ ntpdate 192.168.99.1
31 Dec 17:10:03 ntpdate[25638]: adjust time server 192.168.99.1 offset -0.028884 sec


Just query the NTP server
$ ntpdate -q 10.21.241.4
server 10.21.241.4, stratum 2, offset 21.797882, delay 0.02577
11 Mar 15:55:20 ntpdate[2715]: step time server 10.21.241.4 offset 21.797882 sec


or try ntpdate -u to use unprivileged ports
$ ntpdate -u 10.21.241.4
$ 26 Feb 01:48:20 ntpdate[29121]: adjust time server 10.21.241.4 offset -0.001598 sec


To figure out which ntp servers are OK to use you could use ntpdate -d (debug) and ntptrace eg.
$ ntptrace 10.21.241.4
ipduh.ipduh.awmn: stratum 2, offset 0.013533, synch distance 0.030645
nero.grnet.gr: stratum 1, offset 0.000000, synch distance 0.000000, refid 'GPS'
and
$ ntpdate -d 10.21.241.4
 4 Mar 01:37:27 ntpdate[4575]: ntpdate 4.2.4p8@1.1612-o Tue Apr 19 07:08:19 UTC 2011 (1)
Looking for host 10.21.241.4 and service ntp
host found : ipduh.ipduh.awmn
transmit(10.21.241.4)
receive(10.21.241.4)
transmit(10.21.241.4)
receive(10.21.241.4)
transmit(10.21.241.4)
receive(10.21.241.4)
transmit(10.21.241.4)
receive(10.21.241.4)
transmit(10.21.241.4)
server 10.21.241.4, port 123
stratum 2, precision -20, leap 00, trust 000
refid [10.21.241.4], delay 0.02570, dispersion 0.00000
transmitted 4, in filter 4
reference time:    d4de5a93.1a8c84bf  Mon, Mar  4 2013  1:26:11.103
originate timestamp: d4de5d37.65a0ddb3  Mon, Mar  4 2013  1:37:27.396
transmit timestamp:  d4de5d37.59ed9dfd  Mon, Mar  4 2013  1:37:27.351
filter delay:  0.02576  0.02571  0.02570  0.02571 
         0.00000  0.00000  0.00000  0.00000 
filter offset: 0.045579 0.045590 0.045589 0.045580
         0.000000 0.000000 0.000000 0.000000
delay 0.02570, dispersion 0.00000
offset 0.045589

 4 Mar 01:37:27 ntpdate[4575]: adjust time server 10.21.241.4 offset 0.045589 sec


Now you could install ntp to other hosts on your network and use your NTP server at 10.21.241.4 or the one at 192.168.99.1 as the stratum 2 - `upstream` NTP servers or install ntpdate and run every so often ntpdate to synchronize their clocks.

NTP server - NTP client ... debian linux ubuntu etc