cancel
Showing results for 
Search instead for 
Did you mean: 

configuring NTP

SOLVED
Go to solution
kunjuttan
Super Advisor

configuring NTP

Hi all,

I want to setup an NTP server.Please help me doing the same.
My os is HP-UX11.31
5 REPLIES
James R. Ferguson
Acclaimed Contributor
Solution

Re: configuring NTP

Hi:

See chapter-4 here:

http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c02215026/c02215026.pdf

You should configure at least three (3) time sources for the best, most accurate timekeeping. The NTP "pool" is a wonderful source sink:

http://www.pool.ntp.org/en/

Regards!

...JRF...
Hakki Aydin Ucar
Honored Contributor

Re: configuring NTP

one word;
xntdp daemon must be Up and Running :
# ps -ef | grep /usr/sbin/xntpd
Tim Nelson
Honored Contributor

Re: configuring NTP

man xntpd

but for a simplified list

edit /etc/ntp./conf
server


edit /etc/rc.config/netdaemons
export XNTPD=1

/sbin/init.d/xntpd start

Ismail Azad
Esteemed Contributor

Re: configuring NTP

Hi,

If you are new to NTP configuration as the pharoah said, it's the simplified list. However, some typo errors:-

edit /etc/ntp.conf
edit /etc/rc.config.d/netdaemons
:)

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....
Don Mallory
Trusted Contributor

Re: configuring NTP

NTP will not serve up time until the time source has been stable for a couple of minutes. So, be patient. You may find that you've configured it, started it, and the clients can't connect (ntpq: lpeers, lassociations, pstatus... all bad..)

The best thing you can do is go get a coffee. By the time you come back, it will likely be working.

Sometimes it's worthwhile to restrict the client / server config..

restrict default ignore
restrict 192.168.1.81 mask 255.255.255.255 nomodify notrap noquery
restrict 192.168.1.84 mask 255.255.255.255 nomodify notrap noquery

This would definitely limit any NTP allowed responses to the ntp servers 192.168.1.81 and .84.

For servers, go the other way and limit connections to only your hosts:

restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

Also, using the NTP pools is a great idea, as it localises your NTP sources, and also doesn't overload the tier 1 sources, but it has the limitation of not working through a firewall unless you are willing to open udp/123 to your clients/NTP server. Better to have a couple of internal sources that you trust and have them go out to a tier 2 or tier 1 source in a firewalled fashion (preferably from your DMZ.. then get the time from the hosts in your DMZ from internal). Routers also do this well...

Best regards,
Don