搜索

此内容没有您所选择的语言版本。

22.9. Understanding the ntpd Configuration File

download PDF
The daemon, ntpd, reads the configuration file at system start or when the service is restarted. The default location for the file is /etc/ntp.conf and you can view the file by entering the following command:
~]$ less /etc/ntp.conf
The configuration commands are explained briefly later in this chapter, see Section 22.16, “Configure NTP”, and more verbosely in the ntp.conf(5) man page.
Here follows a brief explanation of the contents of the default configuration file:
The driftfile entry
A path to the drift file is specified, the default entry on Red Hat Enterprise Linux is:
driftfile /var/lib/ntp/drift
If you change this be certain that the directory is writable by ntpd. The file contains one value used to adjust the system clock frequency after every system or service start. See Understanding the Drift File for more information.
The access control entries
The following lines setup the default access control restrictions:
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
The kod option means a Kiss-o'-death packet is to be sent to reduce unwanted queries. The nomodify options prevents any changes to the configuration. The notrap option prevents ntpdc control message protocol traps. The nopeer option prevents a peer association being formed. The noquery option prevents ntpq and ntpdc queries, but not time queries, from being answered. The -6 option is required before an IPv6 address.
Addresses within the range 127.0.0.0/8 are sometimes required by various processes or applications. As the "restrict default" line above prevents access to everything not explicitly allowed, access to the standard loopback address for IPv4 and IPv6 is permitted by means of the following lines:
# the administrative functions.
restrict 127.0.0.1 
restrict -6 ::1
Addresses can be added underneath if specifically required by another application. The -6 option is required before an IPv6 address.
Hosts on the local network are not permitted because of the "restrict default" line above. To change this, for example to allow hosts from the 192.0.2.0/24 network to query the time and statistics but nothing more, a line in the following format is required:
restrict 192.0.2.0 mask 255.255.255.0 nomodify notrap nopeer
To allow unrestricted access from a specific host, for example 192.0.2.250/32, a line in the following format is required:
restrict 192.0.2.250
A mask of 255.255.255.255 is applied if none is specified.
The restrict commands are explained in the ntp_acc(5) man page.
The public servers entry
By default, as of Red Hat Enterprise 6.5, the ntp.conf file contains four public server entries:
server 0.rhel.pool.ntp.org iburst
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst
If upgrading from a previous minor release, and your /etc/ntp.conf file has been modified, then the upgrade to Red Hat Enterprise Linux 6.5 will create a new file /etc/ntp.conf.rpmnew and will not alter the existing /etc/ntp.conf file.
The broadcast multicast servers entry
By default, the ntp.conf file contains some commented out examples. These are largely self explanatory. See the explanation of the specific commands Section 22.16, “Configure NTP”. If required, add your commands just below the examples.

Note

When the DHCP client program, dhclient, receives a list of NTP servers from the DHCP server, it adds them to ntp.conf and restarts the service. To disable that feature, add PEERNTP=no to /etc/sysconfig/network.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.