HPE Community
Operating System - HP-UX
1829185 Members
2695 Online
109986 Solutions
New Discussion

Setting up a DMZ server as a NTP Client

 
S.J. Sarwar
Occasional Advisor

‎01-26-2006 03:00 AM

‎01-26-2006 03:00 AM

Setting up a DMZ server as a NTP Client

I have a rp2470 server running HP-UX 11.11, and it sits behind a Firewall (DMZ Server). I wonder how to configure it as NTP Client.

Kindly help me.

Thanks
Sarwar
0 Kudos
Reply
5 REPLIES 5
John Waller
Esteemed Contributor

‎01-26-2006 03:38 AM

‎01-26-2006 03:38 AM

Re: Setting up a DMZ server as a NTP Client

I believe you would just need to make sure that the firewall is setup to allow UDP port 123 through. As it is a NTP client you sould be specifying the server w.x.y.z or server hostname in your /etc/ntp.conf file
0 Kudos
Reply
Rick Garland
Honored Contributor

‎01-26-2006 03:40 AM

‎01-26-2006 03:40 AM

Re: Setting up a DMZ server as a NTP Client

Your firewall will need to allow traffic on port 123. Then you can config the /etc/ntp.conf file as apropriate.


0 Kudos
Reply
paolo barila
Valued Contributor

‎01-27-2006 02:02 AM

‎01-27-2006 02:02 AM

Re: Setting up a DMZ server as a NTP Client


-stop the daemon for a while if it's running:
# /sbin/init.d/xntpd stop

-verify connection with ntp sever:
# ntpdate -d ip_ntpserver

-initial clock alignment:
# ntpdate ip_ntpserver

-set ip ntp server
# vi /etc/ntp.conf # type one line:

server ip_ntpserver

-start daemon

# /sbin/init.d/xntpd start

-check
# ntpq -p

you should see after a few minutes a * near ntpserver line

-setup daemon autostart at boot

# vi /etc/rc.config.d/netdaemons
...
Export NTPDATE_SERVER=
Export XNTPD=1
Export XNTPD_ARGS=
...

that should be it

Paolo
share share share
0 Kudos
Reply
rick jones
Honored Contributor

‎01-27-2006 05:12 AM

‎01-27-2006 05:12 AM

Re: Setting up a DMZ server as a NTP Client

Unless you _know_ that the NTP server you've added to the config file is actually multiple servers with failover, you really should configure multiple servers in the /etc/ntp.conf file. In that way, your client can still keep time relatively well synchronized even if one of the time servers becomes unreachable.

It is the same thing with DNS servers in /etc/resolv.conf - there should be more than one configured.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
Tor-Arne Nostdal
Trusted Contributor

‎01-27-2006 05:47 AM

‎01-27-2006 05:47 AM

Re: Setting up a DMZ server as a NTP Client

The configuration help already given seems adequate, but here's some input related to NTP server.

Your Network Administrator can probably supply you with an appropriate NTP server address.

In our organisation the net.admins ensure a consistent "network time" within the organisation. This time is again synchronised towards one or more external sources.

Internally our servers will retrieve NTP-time from an internal router.

For external public sources see: http://ntp.isc.org/bin/view/Servers/WebHome

Best regards,
Tor-Arne
I'm trying to become President of the state I'm in...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.