Chapter 17. Configuring NTP Using ntpd

17.1. Introduction to NTP
17.2. NTP Strata
17.3. Understanding NTP
17.4. Understanding the Drift File
17.5. UTC, Timezones, and DST
17.6. Authentication Options for NTP
17.7. Managing the Time on Virtual Machines
17.8. Understanding Leap Seconds
17.9. Understanding the ntpd Configuration File
17.10. Understanding the ntpd Sysconfig File
17.11. Disabling chrony
17.12. Checking if the NTP Daemon is Installed
17.13. Installing the NTP Daemon (ntpd)
17.14. Checking the Status of NTP
17.15. Configure the Firewall to Allow Incoming NTP Packets
17.15.1. Change the Firewall Settings
17.15.2. Open Ports in the Firewall for NTP Packets
17.16. Configure ntpdate Servers
17.17. Configure NTP
17.17.1. Configure Access Control to an NTP Service
17.17.2. Configure Rate Limiting Access to an NTP Service
17.17.3. Adding a Peer Address
17.17.4. Adding a Server Address
17.17.5. Adding a Broadcast or Multicast Server Address
17.17.6. Adding a Manycast Client Address
17.17.7. Adding a Broadcast Client Address
17.17.8. Adding a Manycast Server Address
17.17.9. Adding a Multicast Client Address
17.17.10. Configuring the Burst Option
17.17.11. Configuring the iburst Option
17.17.12. Configuring Symmetric Authentication Using a Key
17.17.13. Configuring the Poll Interval
17.17.14. Configuring Server Preference
17.17.15. Configuring the Time-to-Live for NTP Packets
17.17.16. Configuring the NTP Version to Use
17.18. Configuring the Hardware Clock Update
17.19. Configuring Clock Sources
17.20. Additional Resources
17.20.1. Installed Documentation
17.20.2. Useful Websites

17.1. Introduction to NTP

The Network Time Protocol (NTP) enables the accurate dissemination of time and date information in order to keep the time clocks on networked computer systems synchronized to a common reference over the network or the Internet. Many standards bodies around the world have atomic clocks which may be made available as a reference. The satellites that make up the Global Position System contain more than one atomic clock, making their time signals potentially very accurate. Their signals can be deliberately degraded for military reasons. An ideal situation would be where each site has a server, with its own reference clock attached, to act as a site-wide time server. Many devices which obtain the time and date via low frequency radio transmissions or the Global Position System (GPS) exist. However for most situations, a range of publicly accessible time servers connected to the Internet at geographically dispersed locations can be used. These NTP servers provide Coordinated Universal Time (UTC). Information about these time servers can found at www.pool.ntp.org.
Accurate time keeping is important for a number of reasons in IT. In networking for example, accurate time stamps in packets and logs are required. Logs are used to investigate service and security issues and so time stamps made on different systems must be made by synchronized clocks to be of real value. As systems and networks become increasingly faster, there is a corresponding need for clocks with greater accuracy and resolution. In some countries there are legal obligations to keep accurately synchronized clocks. Please see www.ntp.org for more information. In Linux systems, NTP is implemented by a daemon running in user space. The default NTP user space daemon in Red Hat Enterprise Linux 7 is chronyd. It must be disabled if you want to use the ntpd daemon. See Chapter 16, Configuring NTP Using the chrony Suite for information on chrony.
The user space daemon updates the system clock, which is a software clock running in the kernel. Linux uses a software clock as its system clock for better resolution than the typical embedded hardware clock referred to as the Real Time Clock (RTC). See the rtc(4) and hwclock(8) man pages for information on hardware clocks. The system clock can keep time by using various clock sources. Usually, the Time Stamp Counter (TSC) is used. The TSC is a CPU register which counts the number of cycles since it was last reset. It is very fast, has a high resolution, and there are no interrupts. On system start, the system clock reads the time and date from the RTC. The time kept by the RTC will drift away from actual time by up to 5 minutes per month due to temperature variations. Hence the need for the system clock to be constantly synchronized with external time references. When the system clock is being synchronized by ntpd, the kernel will in turn update the RTC every 11 minutes automatically.