Network Time Protocol (NTP)

Similar documents
Network Time Protocol (NTP)

Global Support Guide. Verizon WIreless. For the BlackBerry 8830 World Edition Smartphone and the Motorola Z6c

Web OS Switch Software

Avid Interplay Bundle

BAAN IVc/BaanERP. Conversion Guide Oracle7 to Oracle8

n Learn how resiliency strategies reduce risk n Discover automation strategies to reduce risk

Baan Tools User Management

Workflow model GM AR. Gumpy. Dynagump. At a very high level, this is what gump does. We ll be looking at each of the items described here seperately.

BGP Attributes and Path Selection. ISP Training Workshops

OPC Server ECL Comfort 210/310 OPC Server

User Guide. Using Caliber Datamart

K-NET bus. When several turrets are connected to the K-Bus, the structure of the system is as showns

BAAN IV. BAAN IV Installation Manual for DB2 on Windows NT

MOTIF XF Extension Owner s Manual

Bike MS: 2013 Participant Center guide

Bike MS: 2014 Participant Center guide

Security of Bluetooth: An overview of Bluetooth Security

BIKE MS: 2015 PARTICIPANT CENTER GUIDE

Morgan Kaufmann Publishers 26 February, COMPUTER ORGANIZATION AND DESIGN The Hardware/Software Interface. Chapter 5.

Data diverse software fault tolerance techniques

ICS Regent. Communications Modules. Module Operation. RS-232, RS-422 and RS-485 (T3150A) PD-6002

Definitions. Error. A wrong decision made during software development

Security and Communication. Ultimate. Because Intercom doesn t stop at the hardware level. Software Intercom Server for virtualised IT platforms

Transitioning to BGP

NVP-903 Series. Multi-Stream Network Video Encoder REFERENCE GUIDE

Avid Unity Media Engine and Avid MEDIArray XT

BEA Tuxedo. Using the BEA Tuxedo System on Windows NT

BEA WebLogic Server. Installing and Setting up WebLogic Server 5.1

Windows Server 2008 R2 networking

Configuring Rational Suite

IS-IS in Detail. ISP Workshops

System and Software Architecture Description (SSAD)

MR-2010I %MktBSize Macro 989. %MktBSize Macro

BaanERP. DB2 Installation Guide for BaanERP on Windows NT

Avid Unity TransferManager

CAEN Tools for Discovery

CSC 220: Computer Organization Unit 11 Basic Computer Organization and Design

Oracle Server. What s New in this Release? Release Notes

JavaFX. JavaFX 2.2 Installation Guide Release 2.2 E August 2012 Installation instructions by operating system for JavaFX 2.

Fujitsu LifeBook C Series

LifeBook P Series Notebook BIOS BIOS SETUP UTILITY

CS 111: Program Design I Lecture 19: Networks, the Web, and getting text from the Web in Python

1&1 Next Level Hosting

Fujitsu LifeBook P Series

Princeton Instruments Reference Manual

Application Notes for Configuring JPL Headsets from JPL Limited with Avaya 9600 Series IP Telephones using a HIS cord Issue 1.0

Using the Keyboard. Using the Wireless Keyboard. > Using the Keyboard

1 Enterprise Modeler

IS-IS for IPv6. ISP Workshops

Workflow Extensions User Guide. StarTeam 12.0

BAAN IVb/c. Structure, master data, and configuration of BEMIS

Avid AirSpeed Multi Stream

DECLARATION OF CONFORMITY

BEA Tuxedo. Using the BEA Tuxedo Workstation Component

Avid DS Nitris. Installation and Administration Guide. Version 7.0. Avid make manage move media

CA Top Secret r14 for z/os

INSTALLING TELEVANTAGE

CMSC Computer Architecture Lecture 12: Virtual Memory. Prof. Yanjing Li University of Chicago

Application Notes for Configuring JPL X400 Cordless DECT Headset with EHS from JPL Limited with Avaya 9600 Series IP Telephones Issue 1.

L I N U X. Unit 6 S Y S T E M DHCP & DNS (BIND) A D M I N I S T R A T I O n DPW

Introduction to OSPF. ISP Training Workshops

Interface Changes. What s New. User Interface Themes IN THIS CHAPTER

In today s information technology culture, the term server is thrown around

n Explore virtualization concepts n Become familiar with cloud concepts

BEA elink Business Process Option Server Installation Guide

3.1 Overview of MySQL Programs. These programs are discussed further in Chapter 4, Database Administration. Client programs that access the server:

Using VTR Emulation on Avid Systems

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

L5355 Modbus Plus Communications Interface

Unit 2. Basic Linux Security

BEA WebLogic Commerce Server. Registration and User Processing Package

Schema for the DCE Security Registry Server

Floristic Quality Assessment (FQA) Calculator for Colorado User s Guide

Copyright 2013 Trend Micro Incorporated. All rights reserved.

EDICOM has an undertaking with clients to comply with three key variables that guarantee the service quality:

Deploying 32-bit ASNs

Customer Portal Quick Reference User Guide

Avid Unity ISIS. Version ReadMe

BEAWebLogic. Integration. Release Notes

Using the Avid Adrenaline

University of North Carolina at Charlotte ECGR-6185 ADVANCED EMBEDDED SYSTEMS SMART CARDS. Sravanthi Chalasani

Firewall and IDS. TELE3119: Week8

Implementing Consistency -- Paxos. Some slides from Michael Freedman

CAEN Tools for Discovery

A Taste of Maya. Character Setup

Abstract. Avaya Solution & Interoperability Test Lab

Installing the BEA WebLogic Commerce Servers. including the Personalization Server and Commerce Server Components

Application Notes for Configuring Dasan Electron Headsets from JPL Europe with Avaya 9600 Series IP Deskphones using a DA-30 Cord Issue 1.

150 Internet Exchange Points And Beyond!

BEA Tuxedo. Using the BEA Tuxedo Domains Component

HP Media Center PC Getting Started Guide

System Overview. Hardware Concept. s Introduction to the Features of MicroAutoBox t

ISP Systems Design. ISP Workshops

Morgan Kaufmann Publishers 26 February, COMPUTER ORGANIZATION AND DESIGN The Hardware/Software Interface. Chapter 5

CS 111: Program Design I Lecture 21: Network Analysis. Robert H. Sloan & Richard Warner University of Illinois at Chicago April 10, 2018

HP Media Center PC Getting Started Guide

Chapter 1. Introduction to Computers and C++ Programming. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

6053/6055 Modbus Plus Communications Interface

Avid recommends that you read all the information in this ReadMe file thoroughly before installing or using any new software release.

SERIAL COMMUNICATION INTERFACE FOR ESA ESTRO

Transcription:

Network Time Protocol (NTP) Quick ad Dirty for AfNOG 2017 (Ayitey Bulley)

About NTP Network Time Protocol project http://tp.org NTP is a protocol desiged to sychroize the clocks of computers over a etwork.

About NTP NTP versio 4, a sigificat revisio of the previous NTP stadard, is the curret developmet versio. It is formalized by RFCs released by the IETF. RFC 5905: Network Time Protocol Versio 4: Protocol ad Algorithms Specificatio RFC 5906: Network Time Protocol Versio 4: Autokey Specificatio RFC 5907: Defiitios of Maaged Objects for Network Time Protocol Versio 4 (NTPv4) RFC 5908: Network Time Protocol (NTP) Server Optio for DHCPv6

NTP ad Time Sychroizatio Network Time Protocol (NTP) is used by orgaizatios to sychroize the clocks of all its systems. Time sychroizatio is importat for may reasos: Applicatio time stamps Time stamps for log etries ad audit trails. NTP provides a easy way to esure that all systems will maitai the same time. This ca sigificatly simplify the burde o system admiistrators ad tech support. Whe a orgaizatio s systems all maitai differet clock times, it becomes very difficult from a troubleshootig stadpoit to determie whe ad uder what coditios a particular evet might be occurrig.

How NTP Works NTP works o the premise of sychroizatio with referece clocks, also kow as stratum 0 servers. All other NTP servers the become a lower level strata server based upo how far they are from a referece server. The start of the NTP chai is a stratum 1 server which is always directly coected to a stratum 0 referece clock. From here, lower level strata servers are coected via a etwork coectio to a higher strata level server.

How NTP Works Stratum 0 GPS/CDMA Stratum 1 Stratum 2 Stratum 3

Iteral NTP Architecture Iteret Strata 0/1 Servers NTP 1 NTP 2 NTP 3 Stratum 2 Servers Hosts ad devices o Iteral etwork

Step 1: Istallatio of NTP Server The first step to settig up a iteral NTP structure is to istall the NTP server software. $ sudo apt-get istall tp tpdate Check if the software is istalled. $ sudo dpkg --get-selectios tp $ sudo dpkg -s tp Update your system clock $ sudo tpdate 0.pool.tp.org

Step 2: NTP Server Cofiguratio Oce NTP is istalled, we ca ow cofigure our NTP server to sychroize with higher stratum servers. The cofiguratio file for NTP is stored at /etc/tp.cof ad ca be modified with ay text editor. To start the cofiguratio process, the higher level servers eed to be cofigured. You ca use the: Debia default NTP pool servers i the cofiguratio file. tp.org pool servers List of NTP servers from NIST to specify certai servers. NIST s servers i a roud robi fashio (suggested method by NIST).

Step 2: NTP Server Cofiguratio Debia default NTP pool servers i the cofiguratio file. server 0.debia.pool.tp.org iburst server 1.debia.pool.tp.org iburst server 2.debia.pool.tp.org iburst server 3.debia.pool.tp.org iburst tp.org pool servers server 0.pool.tp.org iburst server 1.pool.tp.org iburst server 2.pool.tp.org iburst server 3.pool.tp.org iburst List of NTP servers from NIST to pick specific servers. http://tf.ist.gov/tf-cgi/servers.cgi

Step 3: Cofigure NTP Restrictios NTP restrictios are used to allow or dis-allow hosts to iteract with the NTP server. The default for NTP is serve time to ayoe but do ot allow cofiguratio o both IPv4 ad IPv6 coectios. # By default, exchage time with everybody, but do't # allow cofiguratio. restrict -4 default kod otrap omodify opeer oquery restrict -6 default kod otrap omodify opeer oquer

Step 3: Cofigure NTP Restrictios Now restrict who is allowed to query the server for time ad what else they are allowed to do with the NTP server. restrict 196.200.219.0 mask 255.255.255.0 limited kod otrap omodify opeer oquery restrict 2001:43f8:0220:219:: mask ffff:ffff:ffff:ffff:: limited kod otrap omodify opeer oquery We ca also restrict the server from aswerig tp queries # By default do t aswer aythig restrict default igore restrict -6 default igore

Step 3: Cofigure NTP Restrictios Cofigure the server to urestricted access to local users restrict 196.200.219.0 mask 255.255.255.0 limited kod otrap omodify opeer oquery restrict 2001:43f8:0220:219:: mask ffff:ffff:ffff:ffff:: limited kod otrap omodify opeer oquery We ca also restrict the server from aswerig tp queries # By default do t aswer aythig restrict default igore restrict -6 default igore

Step 3: Cofigure NTP Restrictios limited: Idicates that if a cliet should abuse the umber of packets rate cotrol, the packets will be discarded by the sever. If the Kiss of Death packet is eabled, it will be set back to the abusive host. The rates are cofigurable by a admi but the defaults are assumed here. kod: Kiss of Death. If a host violates the limit of packets to the server, the server will respod with s KoD packet to the violatig host. otrap: Declie mode 6 cotrol messages. These cotrol messages are used for remote loggig programs. omodify: Prevets tpq ad tpdc queries that would modify the server s cofiguratio but iformatioal queries are still permitted. oquery: This optio prevets hosts from queryig the server for iformatio. For example without this optio hosts ca use tpdc or tpq to determie where a particular time server is gettig it s time from or other peer time servers that it may be commuicatig with.

Step 4: Startig NTP Startup scripts are located at /etc/iit.d/ Take a look i startup script /etc/iit.d/tp Add tp to startup i.e. tp to start up o boot $ sudo update-rc.d tp eable To Ru tp $ sudo service tp start To Restart tp $ sudo service tp restart

Step 5: Start NTP! $ sudo /etc/iit.d/tp start Or $ sudo service tp start Check that your server is sychroized with the tp servers listed i /etc/tp.cof $ sudo tpq -p $ sudo tpq -p remote refid st t whe poll reach delay offset jitter ============================================================================== *riditt.de 131.188.3.221 2 u 27 64 1 183.792 0.439 0.079 lof.facube.co.init. 16 u - 64 0 0.000 0.000 0.000 service1-eth3.d 228.143.95.23 2 u 28 64 1 200.457-1.965 0.035 makaki.miuku.e 218.186.3.36 2 u 28 64 1 377.207-7.893 0.169 oc.mtg.afog.o 45.222.43.250 3 u 27 64 1 0.284 1.810 0.040

NTP Exercises

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback