# Prohibit general access to this service.
restrict default ignore
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict 172.18.5.30
restrict 172.18.5.0 mask 255.255.255.0 nomodify
# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems to modify the
# configuration of this service. Also, do not use those
# systems as peers for synchronization.
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
restrict 0.0.0.0 nomodify
# -- CLIENT NETWORK -------
# --- OUR TIMESERVERS -----
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
# restrict mytrustedtimeserverip mask 255.255.255.255 nomodify notrap noquery
# server mytrustedtimeserverip
# --- GENERAL CONFIGURATION ---
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
# Senecd NTP Server
# First NTP SErver
# Let NTP Server can\login this server.
#_________
server 220.130.158.52 prefer
server 220.130.158.72 prefer
server 220.130.158.51 prefer
server 192.43.244.18 prefer
restrict 220.130.158.52
restrict 220.130.158.72
restrict 220.130.158.51
restrict 192.43.244.18
#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()
ntp.conf现在的配置
restrict default nomodify notrap
restrict 127.0.0.1 server cn.pool.ntp.org
server hk.pool.ntp.org
server 0.asia.pool.ntp.org
server 3.asia.pool.ntp.org
restrict cn.pool.ntp.org
restrict hk.pool.ntp.org
restrict 0.asia.pool.ntp.org
restrict 3.asia.pool.ntp.org
fudge 127.0.0.1 stratum 10
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
logfile /var/log/ntp.log
关于报错no server suitable for synchronization found 1.在ntp server上重新启动ntp服务后,ntp server自身或者与其server的同步的需要一个时间段,这个过程大约为10分钟,在这个时间之内在客户端运行ntpdate命令时会产生no server suitable for synchronization found的错误。 2.可能是防火墙封锁了udp 123端口
ntpq -p
remote refid st t when poll reach delay offset jitter ============================================================================== +123.146.124.28 122.226.192.4 3 u 29 64 367 173.245 -0.980 3.563 +202.131.74.125 59.148.184.7 3 u 32 64 357 60.699 6.667 3.728 *send.mx.cdnetwo 204.123.2.5 2 u 19 64 377 55.239 0.358 0.547 -202.71.100.89 91.189.94.4 3 u 96 64 376 89.428 17.723 23.799
