Configure Peered NTP Servers on CentOS 7

Posted on by

Configure NTP peering on CentOS 7.

This article is part of the Homelab Project with KVM, Katello and Puppet series.

Homelab

We have two CentOS 7 (minimal) servers installed which we want to configure as follows:

admin1.hl.local (10.11.1.2) – will be configured to NTP peer with admin2
admin2.hl.local (10.11.1.3) – will be configured to NTP peer with admin1

Both servers have SELinux set to enforcing mode.

See the image below to identify the homelab part this article applies to.

Software

Software used in this article:

  1. CentOS 7
  2. NTP 4.2

Installation and Firewall

Note that this section applies to both servers.

Since we plan to use NTP we don’t need Chrony:

# yum remove chrony

Install the package and ensure that the service is enabled:

# yum install ntp
# systemctl enable ntpd

Enable inbound firewall access (we use iptables):

# iptables -A INPUT -s 10.11.1.0/24 -p udp -m state --state NEW --dport 123 -j ACCEPT

Peer Configuration

Configuration of the file /etc/ntp.conf on the admin1 server can be seen below.

driftfile /var/lib/ntp/drift
restrict default kod nomodify notrap nopeer noquery limited 
restrict -6 default kod nomodify notrap nopeer noquery limited
restrict 10.11.1.0 mask 255.255.255.0 nomodify notrap
restrict 127.0.0.1 
server 0.uk.pool.ntp.org iburst
server 1.uk.pool.ntp.org iburst
server 2.uk.pool.ntp.org iburst
server 3.uk.pool.ntp.org iburst
peer admin2.hl.local 
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor

Configuration on the second server admin2 is identical except for the line where it peers with admin1 and not admin2.

Restart the service on both servers:

# systemctl restart ntpd

Print the list of the peers known to the server:

# ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+10.11.1.3       178.79.160.57    3 u  889 1024  376    0.686    3.124   5.872
+134.0.16.1      195.66.241.2     2 u 1064 1024  377   16.790    2.668   3.917
+193.150.34.2    87.242.168.84    2 u  939 1024  377   16.506    1.266   4.913
*80.82.244.120   140.203.204.77   2 u  118 1024  377   17.965    2.733   3.677
+93.93.131.118   130.88.200.6     4 u 1023 1024  377   24.704    2.093   4.737

Leave a Reply

Your email address will not be published. Required fields are marked *