Configuring a Simple NTP Time Server

 NTP is a standard protocol for synchronising time on computers and network equipment. NTP allows client computers to synchronise with a reference NTP server over a computer network. The protocol was originally developed for the Linux operating system. The standard NTP distribution is a freely downloadable application supplied under the GNU public licence. This article attempts to simplify the installation and configuration of the Linux NTP server application. It describes a simple NTP installation and goes through step-by-step the configuration procedure required to provide a NTP server on a Linux machine.

The NTP software distribution can be freely download from the NTP website, ntp.org. As well as containing the NTP daemon for Linux, the distribution also contains a number of utilities and configuration scripts. These utilities and scripts aid the installation process and provide debugging facilities to trace installation problems. A number of Linux installations pre-install the NTP package, others offer it as a pre-compiled RPM package.

The NTP daemon is configured using a configuration file 'ntp.conf'. A list of commands can be specified in the configuration file to indicate which servers the daemon is to synchronise to and also to specify various authentication and access control options.

The NTP daemon synchronises to an external NTP server. Often, Internet based NTP time servers are used as reference clocks. External NTP servers are specified using the 'server' command along with the IP address or domain name of the server. Multiple external time servers can be specified in the configuration file, which allows NTP to select the most appropriate server.

The NTP daemon is controlled by a series of scripts, which are used to start ('ntpd start'), stop ('ntp stop') or restart ('ntpd restart') the daemon. The NTP daemon can be queried and debugged using the 'ntpq' utility. This utility is great for debuggin problems with NTP and for obtaining status information. It provides information relating to the synchronisation status of the NTP daemon.

There are a number of security commands that can be specified in the configuration file to control access to the time server and also to provide authentication. It is very straight-forward to restrict access of the time server to a limited number of computers. This is achieved using the 'restrict' command, which is used in conjunction with the IP address or computer name of the computer to be allowed access. Multiple 'restrict' commands can be specified to restrict access to a range of computers. Authentication allows a matching set of keywords to be used on a server and client to authenticate the server. Shared keywords are specified in a 'ntp.keys' file on both the server and client computers. The keyword that are trusted and to be used for authentication purposes are then specified in the NTP daemon configuration file 'ntp.conf'.

To conclude, NTP is very straight-forward to download, install and configure. There is no reason why anyone with a little computer know-how cannot set up a local NTP time server for network time synchronisation.