{"id":1436,"date":"2018-11-18T10:10:08","date_gmt":"2018-11-18T07:10:08","guid":{"rendered":"http:\/\/kifarunix.com\/?p=1436"},"modified":"2024-03-11T21:34:59","modified_gmt":"2024-03-11T18:34:59","slug":"how-to-install-and-configure-ntp-server-using-chrony-on-fedora-29","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/how-to-install-and-configure-ntp-server-using-chrony-on-fedora-29\/","title":{"rendered":"How to Install and Configure NTP Server Using Chrony on Fedora 29\/Fedora 28"},"content":{"rendered":"\n

In this tutorial, we are going to learn how to install and configure NTP server using Chrony on Fedora 29\/Fedora 28.<\/p>\n\n\n\n

NTP (Network Time Protocol) is an network protocol that enables clock synchronization between computer systems over packet-switched, variable-latency data networks. Accurate time keeping is paramount in system administration. There are two daemons that can provide network time synchronization in RHEL-based distros, chronyd <\/strong> and ntpd<\/strong> provided by the Chrony and ntp packages respectively.<\/p>\n\n\n\n

Configure NTP Server Using Chrony on Fedora 29\/Fedora 28<\/h2>\n\n\n\n

Installing Chrony<\/h3>\n\n\n\n

The chrony daemon, chronyd, can be controlled by the command line utility chronyc. To install chrony, run the command below;<\/p>\n\n\n\n

sudo dnf install chrony -y<\/code><\/pre>\n\n\n\n
After the installation, the chronyd daemon is running by default. You can check the status by running the command below;<\/p>\n\n\n\n
systemctl status chronyd<\/code><\/pre>\n\n\n\n
You can also enable it to start on system boot by running the command below;<\/p>\n\n\n\n
systemctl enable chronyd<\/code><\/pre>\n\n\n\n
Configuring Chrony<\/h3>\n\n\n\n
After the installtion of Chrony suite, you need to configure it in order to provide the NTP services in your environment. The default configuration file for chronyd is \/etc\/chrony.conf<\/strong>.<\/p>\n\n\n\n
Set the time servers<\/h4>\n\n\n\n
To begin configuration, you need to change the line, pool 2.fedora.pool.ntp.org iburst<\/code> that specifies the time servers used for time synchronization, to servers that are close to your timezone area.<\/p>\n\n\n\n
To obtain a list of these servers, navigate to http:\/\/www.pool.ntp.org\/en\/<\/a> and choose your continent area where the servers are physically located. Search for your country location and a list of NTP servers should appear. For example, in this guide we are choosing the time servers as shown in the screenshot below;<\/p>\n\n\n\n
\"How<\/a><\/figure>\n\n\n\n
Therefore, edit the \/etc\/chrony.conf<\/strong> and comment out the line, pool 2.fedora.pool.ntp.org iburst<\/code>, replacing it as shown below<\/p>\n\n\n\n
vim \/etc\/chrony.conf<\/code><\/pre>\n\n\n\n
\n...\n# pool 2.fedora.pool.ntp.org iburst\nserver 0.africa.pool.ntp.org iburst\nserver 1.africa.pool.ntp.org iburst\nserver 2.africa.pool.ntp.org iburst\nserver 3.africa.pool.ntp.org iburst\n...\n<\/code><\/pre>\n\n\n\n
Next, you need to specify a host, subnet, or network from which to allow NTP connections to your NTP server. The default is not to allow connections. As an example, to allow hosts on the network subnet 192.168.43.0\/24, your configuration would look like;<\/p>\n\n\n\n
...<\/strong>\n# Allow NTP client access from local network.\n#allow 192.168.0.0\/16\nallow 192.168.43.0\/24\n<\/strong>...<\/strong><\/code><\/pre>\n\n\n\n
The Chronyd listens on UDP port 123 and therefore this port needs to be open in the firewall in order to allow the client access:<\/p>\n\n\n\n
firewall-cmd --add-port=123\/udp --permanent\nfirewall-cmd --reload<\/code><\/pre>\n\n\n\n
After that, restart chronyd.<\/p>\n\n\n\n
systemctl restart chronyd<\/code><\/pre>\n\n\n\n
Checking if chrony is Synchronized<\/h2>\n\n\n\n
To check if chrony is synchronized, make use of the tracking<\/code>, sources<\/code>, and sourcestats<\/code> commands.<\/p>\n\n\n\n
Checking chrony Tracking<\/h3>\n\n\n\n
To check chrony tracking<\/strong>, run the following command:<\/p>\n\n\n\n
chronyc tracking<\/code><\/pre>\n\n\n\n
\nReference ID    : B23E73D4 (cacti.digital-satellites.com)\nStratum         : 3\nRef time (UTC)  : Sat Nov 17 20:43:46 2018\nSystem time     : 0.000046934 seconds slow of NTP time\nLast offset     : -0.008311978 seconds\nRMS offset      : 0.072417602 seconds\nFrequency       : 9.445 ppm fast\nResidual freq   : -21.688 ppm\nSkew            : 10.302 ppm\nRoot delay      : 0.254697442 seconds\nRoot dispersion : 0.020058062 seconds\nUpdate interval : 1.3 seconds\nLeap status     : Normal\n<\/code><\/pre>\n\n\n\n
The reference ID<\/code>  specifies the reference ID and hostname or IP address of the server to which the computer is currently synchronized with.<\/p>\n\n\n\n
The Stratum<\/code> indicates the number of hops between your local computer and the reference clock computer.<\/p>\n\n\n\n
Checking chrony Sources<\/h3>\n\n\n\n
The sources<\/code> command shows the information about the current time sources that chronyd is accessing.<\/p>\n\n\n\n
chronyc sources<\/code><\/pre>\n\n\n\n
\n210 Number of sources = 4\nMS Name\/IP address         Stratum Poll Reach LastRx Last sample               \n===============================================================================\n^* cacti.digital-satellites>     2   6    77    32    +34ms[  +25ms] +\/-  136ms\n^+ ntp2.inx.net.za               2   6    77    33    -58ms[  -67ms] +\/-  206ms\n^? 2a02:8106:1:8800::3           0   6     0     -     +0ns[   +0ns] +\/-    0ns\n^- cpt-ntp.mweb.co.za            2   6    77    34   -334ms[ -183ms] +\/-  477ms\n<\/code><\/pre>\n\n\n\n
The M <\/strong>column indicates the mode of the source;<\/p>\n\n\n\n