Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Synchronize Time Using Other NTP Peers ====== **General Information** Synchronizing time to a central time server and also keeping in sync with a peer server. This type of setup is a tier two NTP setup, allowing for redundancy if the central source of time is lost. The two peers then agree on a time and provide it locally to other servers. ---- ====== Lab Setup ====== The following virtual machines will be used: * ipa.example.com (192.168.1.152) -> Central Time Server * server1.example.com (192.168.1.150) -> NTP Server1 syncs with central (also peers with server2) * server2.example.com (192.168.1.151) -> NTP Server2 syncs with central (also peers with server1) ---- ====== NTP: Central Time Server ====== Setting up the "central time server" to allow the other servers to sync to it. * Server: ipa.example.com (192.168.1.152) * This server should already have ntpd installed and working if FreeIPA has been setup. \\ Ensure that the firewall allows NTP in <code bash> firewall-cmd --permanent --add-service=ntp firewall-cmd --reload </code> ---- ====== NTP: Client Peering ====== Setup the NTP clients to sync with the central NTP server and also peer with each other to provide a tier two redundancy. This would allow other servers to sync with them. * Servers * server1.example.com (192.168.1.150) * server2.example.com (192.168.1.151) \\ Install required package <code bash> yum install chrony </code> \\ Enable and start the service <code bash> systemctl enable chronyd systemctl start chronyd </code> \\ Edit the config file <code bash> vim /etc/chrony.conf # Comment out all server lines, add a new one server ipa.example.com iburst # On server1: Peer with server2 peer 192.168.1.151 # On server2: Peer with server1 peer 192.168.1.150 </code> \\ Ensure that the firewall allows NTP in (on both server1 and server2) <code bash> firewall-cmd --permanent --add-service=ntp firewall-cmd --reload </code> \\ Restart the service <code bash> systemctl restart chronyd </code> \\ Ensure NTP time sync is enabled <code bash> timedatectl set-ntp true </code> \\ Check status <code bash> chronyc sources -v </code> * Note: It may take a few minutes for the servers to enter a synced state on the peers. ---- linux_wiki/synchronize_time_using_other_ntp_peers.txt Last modified: 2019/05/25 23:50(external edit)