我的 NTP 配置正确吗?

我的 NTP 配置正确吗?

我有一个 CentOS 虚拟机在远程运行,可通过 VPN 访问。它被设置为从同一网络上的两台服务器同步时间。设置的时间大致正确,但似乎有点偏差。我对下面输出中提到的日期 2036 感到担忧,我应该担心吗?

/usr/sbin/ntpq -pcrv
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 10.245.8.100    10.249.8.100     2 u   24   64  377    1.185  12124.8  29.489
 10.249.8.100    .RMOT.          16 u    - 1024    0    0.000    0.000   0.000
assID=0 status=c011 sync_alarm, sync_unspec, 1 event, event_restart,
version="ntpd [email protected] Fri Nov 18 13:21:21 UTC 2011 (1)",
processor="x86_64", system="Linux/2.6.18-308.el5", leap=11, stratum=16,
precision=-20, rootdelay=0.000, rootdispersion=56.655, peer=0,
refid=INIT, reftime=00000000.00000000  Thu, Feb  7 2036  6:28:16.000,
poll=6, clock=d3fd6d1a.a01aab1b  Fri, Sep 14 2012  9:45:14.625, state=1,
offset=0.000, frequency=0.000, jitter=0.001, noise=0.001,
stability=0.000, tai=0

[编辑] 根据以下建议,更多信息...

sudo /usr/sbin/ntpdate 10.245.8.100
14 Sep 13:02:02 ntpdate[7766]: step time server 10.245.8.100 offset 12.212849 sec

和 ntp.conf

restrict 127.0.0.1 
restrict -6 ::1

server 10.245.8.100
server 10.249.8.100

driftfile /var/lib/ntp/drift

keys /etc/ntp/keys

server 10.245.8.100
restrict 10.245.8.100
server 10.249.8.100
restrict 10.249.8.100

答案1

看上去很奇怪。

  • “stratum=16”表示它没有同步到时间源。
  • 达到 377-ntp 服务器可达。
  • 偏移量 12124.8 - 严重不同步

尝试在开始时执行“ntpdate 10.245.8.100”以快速同步时钟。

是否可能在配置中禁用重大调整作为防止配置错误的措施?显示您的 ntpd.conf

首先添加,限制规则以允许同步

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.0 mask 255.0.0.0
restrict -6 ::1

相关内容