Solved

Network Time Synchronization

Posted on 2002-06-16
24
394 Views
Last Modified: 2010-03-18
I have linux 7.3 installed in my server, I want to synchroniz the time in my network.

I installed ntp 4.1.1.1 and i want the workstations to get the time from the linux 7.3 server.

The network ip range is 192.168.1.1-254

The ntp.conf is as follow:
 [root@moon init.d]# more /etc/ntp.conf
# Prohibit general access to this service.
#restrict default ignore

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1


# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service.  Do not permit those systems to modify the
# configuration of this service.  Also, do not use those
# systems as peers for synchronization.
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
restrict 192.168.1.0 mask 255.255.255.0

# --- OUR TIMESERVERS -----
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.

# restrict mytrustedtimeserverip mask 255.255.255.255 nomodify notrap noquery
# server mytrustedtimeserverip



# --- NTP MULTICASTCLIENT ---
#multicastclient                        # listen on default 224.0.1.1
# restrict 224.0.1.1 mask 255.255.255.255 notrust nomodify notrap
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap



# --- GENERAL CONFIGURATION ---
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server  127.127.1.0     # local clock
fudge   127.127.1.0
#server 192.168.1.6     # local clock
#fudge  192.168.1.6 stratum 10

#
# Drift file.  Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
#
driftfile /etc/ntp/drift
broadcastdelay  0.008

#
# Authentication delay.  If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on your machine.
#
# it to the file.
#
driftfile /etc/ntp/drift
broadcastdelay  0.008

#
# Authentication delay.  If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on .
#
authenticate no

#
# Keys file.  If you want to diddle your server at run e a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your e
# systems might be able to reset your clock at will. Note
# ntpd is started with a -A flag, d
# will have to be removed as well.
#
keys            /etc/ntp/keys
0
Comment
Question by:waweiwi
  • 6
  • 6
  • 5
  • +3
24 Comments
 
LVL 16

Expert Comment

by:The--Captain
ID: 7081379
I see many statements, but no questions...  With what exactly do you require assistance?  Sorry to come off so brutish, but I am having problems determining your problem...

Cheers,
-Jon

0
 

Author Comment

by:waweiwi
ID: 7081426
I want to synchroniz the time btween the server and stations (Windows stations and linux server)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7082200
NT's ResKit has a TimeServ.exe which can be used with UNIX's ntpd.
The corresponding registry settings are found in
  HKLM\SYSTEM\CurrentControlSet\Services\TimeServ\Parameters

The settings in TimeServ.ini should be:
  Type=NTP
  NTPServer=<your-IP here>
  ;PrimarySource=....
  ;timesource=....
  Period=148
  ; mean test every 30 minutes

AFAIK the link to TImeServ is http://www.niceties.com/
0
 

Author Comment

by:waweiwi
ID: 7083349
What's about windows9x how can i play with to get the time from linux server.
0
 

Author Comment

by:waweiwi
ID: 7083353
can i use DHCP to simplify the changing in each station.

I used "option ntp-servers 192.168.1.8" in the DHCPD.conf but i didn't work.

Any suggestions
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7083498
0
 
LVL 7

Expert Comment

by:lewisg
ID: 7095889
>What's about windows9x how can i play
>with to get the time from linux server.

You can use the NET TIME command in DOS, Win3x or Win9x. Here are some examples both by name and by IP address. NET TIME will work in a batch file so you can run it on startup or in a batch file that starts a time sensitive application or from task manager (if you use it).

The possibilites are endless...

C:\>net time \\server /set /yes
Current time at \\SERVER is 6-20-2002 9:42A.M.
The command was completed successfully.

C:\>net time \\192.168.1.1 /set /yes
Current time at \\192.168.1.1 is 6-20-2002 9:43A.M.
The command was completed successfully.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7096421
NET TIME ...   uses a proprietary protocol (SMB?), not NTP over TCP/IP
0
 
LVL 7

Expert Comment

by:lewisg
ID: 7096830
>What's about windows9x how can i play
>with to get the time from linux server.

You can use the NET TIME command in DOS, Win3x or Win9x. Here are some examples both by name and by IP address. NET TIME will work in a batch file so you can run it on startup or in a batch file that starts a time sensitive application or from task manager (if you use it).

The possibilites are endless...

C:\>net time \\server /set /yes
Current time at \\SERVER is 6-20-2002 9:42A.M.
The command was completed successfully.

C:\>net time \\192.168.1.1 /set /yes
Current time at \\192.168.1.1 is 6-20-2002 9:43A.M.
The command was completed successfully.

0
 
LVL 7

Expert Comment

by:lewisg
ID: 7096861
Sorry for the double post, the refresh button got me...

Yes NET TIME uses the M$ network client. I would assume that since waweiwi is using Win9x machines as clients and has a Linux server the M$ networking client would already be loaded.

Unless there is some advantage to loading more software to syncronize the time I don't see a problem. Do you?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7097140
well, probably Samba can answer the NET TIME request too.
Never tried it, 'cause it's a command on demand, and not continously. But if this is sufficent ...
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 16

Expert Comment

by:The--Captain
ID: 7097470
I agree w/ ahoffman - an smb solution is not nearly as extensible/scalable as a pure NTP solution (in fact, many providers block ports 137-139 [mine does, idiotically, w/ no explanation], which effectively breaks SMB traffic).  Go w/ his [ahoffman's] solution (although I would be interested to hear of any implementation problems - that's what we're here for...)

Cheers,
-Jon
0
 
LVL 7

Expert Comment

by:lewisg
ID: 7097978
"many providers block ports 137-139 [mine does, idiotically, w/ no explanation]"

ISP's do that to protect the clueless like Joe six-pack with file sharing enabled and bound to TCP/IP on his winbox. I don't think you really want to run SMB (NETBIOS) over the Internet do you? Besides, his time server is on his network so what difference does it make if his ISP blocks 137-139?

"extensible/scalable" All most folks need to do is set their clock a once a day. If instead you are doing data collection that requires split second resolution a more powerful solution may be called for.

Any app I have ever deployed on a M$ network that has any time sensitivity gets a NET TIME command in the startup file (and sometimes again while running). No additional software installation, configuration or troubleshooting required.

Simple is good.

Just try it.
0
 
LVL 7

Expert Comment

by:lewisg
ID: 7097979
"many providers block ports 137-139 [mine does, idiotically, w/ no explanation]"

ISP's do that to protect the clueless like Joe six-pack with file sharing enabled and bound to TCP/IP on his winbox. I don't think you really want to run SMB (NETBIOS) over the Internet do you? Besides, his time server is on his network so what difference does it make if his ISP blocks 137-139?

"extensible/scalable" All most folks need to do is set their clock a once a day. If instead you are doing data collection that requires split second resolution a more powerful solution may be called for.

Any app I have ever deployed on a M$ network that has any time sensitivity gets a NET TIME command in the startup file (and sometimes again while running). No additional software installation, configuration or troubleshooting required.

Simple is good.

Just try it.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7098039
>I don't think you really want to run SMB (NETBIOS) over the Internet do you?

I don't think that anyone should be able to make this decision for me - premature ISP intervention makes me see red - big brother tactics are *never* a good thing...  If I pay for IP internet access, I expect exactly that.  It is up to me to protect my network, regardless of what big brother mentality may be pervasive at my ISP...  If I ever get a choice between an ISP that provides as much bandwidth as my cable provider and does not filter any ports and competes directly with my current cable provider, you can bet I will drop my current provider in less than 2 seconds in favor of the less restrictive folks...

In any case, many less providers exist that filter NTP than those that filter netbios, and for that reason ahoffman's suggestion is the most wise...

Any solution that relies only upon internal hosts is rather broken, IMO...

Also, please stop double-posting - the refresh button should only be used if you know what you're doing...

Cheers,
-Jon

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7098324
> .. time sensitivity gets a NET TIME command in the startup file (and sometimes again while running). No additional software installation, configuration or troubleshooting required.

Don't agree, at least for "configuration".
On NT you need to allow the "set time policy" for everyone, otherwise you get errors.
0
 
LVL 7

Expert Comment

by:lewisg
ID: 7098920
"Any solution that relies only upon internal hosts is rather broken, IMO..."

It may be broken in your opinion but the original question was "i want the workstations to get the time from the linux 7.3 server". Using a local timeserver (which is syncronized using NTP) is good net etiquette since it saves bandwidth.


"I don't think that anyone should be able to make this decision for me"

In general I agree. However filtering NETBIOS and private IP's are two things most ISP do and I think that is a good practice since they have no practical use outside your private network.


"Also, please stop double-posting - the refresh button should only be used if you know what you're doing..."

I didn't hit refresh this time. I pressed "Submit" and got a Java Script error from EE's server. How it double posted is interesting but looks like the coders at EE should be more careful in their error handling.

The other double post was from using refresh almost two HOURS after the original post. Once again something the coders at EE could have considered and trapped.

I hope I don't double post this...
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7099628
Sorry, the double-post thing was cheap - I've done it onece or twice myself (but it's been a while, knock on wood).

>since they have no practical use outside your private network

You sound like my ISP - once again, only I can make this decision for myself (the fact that I tend to agree with you is beside the point)

Also, I said
>Any solution that relies only upon internal hosts is rather broken, IMO...

Which actually should read "Any solution that *must* rely only upon internal hosts is rather broken, IMO"

I do agree with your statements about a local timeserver being a good idea - I just think folks should avoid using netbios if at all humanly possible, since it is really a crappy protocol, and not really that extensible (whereas almost anyone will route your NTP requests).

Cheers,
-Jon



0
 

Author Comment

by:waweiwi
ID: 7101566
The last option i interest to is how can i configure DHCP for each stations in the LAN to get the NTP server automatically, I used the option but it did nothing.

Thanks
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 50 total points
ID: 7102162
standard DHCP does not have an entry for the NTP server (M$ NT-Domains might behave different here)
0
 
LVL 16

Assisted Solution

by:The--Captain
The--Captain earned 50 total points
ID: 7103102
>standard DHCP does not have an entry for the NTP server

I'm not sure there really *is* a standard - I thought it was just whatever your client and server can agree to send/receive (which tends to be good for configurable systems like unix, bad for proprietary systems like M$).  Could it work in unix?  Yes.  How about M$?  Not very likely.

That being said, you don't really *need* to have your DHCP server pass out this info - DHCP should be used to pass out dynamic network info that might change regularly (like your IP address - most IP stacks don't allow config of a permanent gateway without knowing the IP, so gateway tends to be included as well).  Unless you expect your NTP timeserver to change regularly, why do you even want to pass it out via DHCP (other than to save time on client configs?).  If you think it might change once in a while, just use DNS, and adjust the zone file - that's what it's for.

Cheers,
-Jon

0
 

Expert Comment

by:CleanupPing
ID: 9078472
waweiwi:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 10004289
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Split: ahoffmann {http:#7102162} & The--Captain {http:#7103102}

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

paullamhkg
EE Cleanup Volunteer
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now