Step 1: Install and configure NTP daemon
1. NTP server package is provided by default from official CentOS /RHEL 7 repositories and can be installed by issuing the following command.
# yum install ntp
2. After the server is installed, first go to official NTP Public Pool Time Servers, choose your Continent area where the server physically is located, then search for your Country location and a list of NTP servers should appear.
4. Further, you need to allow clients from your networks to synchronize time with this server. To accomplish this, add the following line to NTP configuration file, where restrict statement controls, what network is allowed to query and sync time – replace network IPs accordingly.
restrict 192.168.1.0 netmask 255.255.255.0 nomodify notrap
The nomodify notrap statements suggest that your clients are not allowed to configure the server or be used as peers for time sync.
5. If you need additional information for troubleshooting in case there are problems with your NTP daemon add a log file statement which will record all NTP server issues into one dedicated log file.
6. After you have edited the file with all configuration explained above save and close ntp.conf file. Your final configuration should look like in the screenshot below.
Step 2: Add Firewall Rules and Start NTP Daemon
7. NTP service uses UDP port 123 on OSI transport layer (layer 4). It is designed particularly to resist the effects of variable latency (jitter). To open this port on RHEL/CentOS 7 run the following commands against Firewalld service.
# firewall-cmd --add-service=ntp --permanent # firewall-cmd --reload
8. After you have opened Firewall port 123, start NTP server and make sure you enable it system-wide. Use the following commands to manage the service.
# systemctl start ntpd # systemctl enable ntpd # systemctl status ntpd
Step 3: Verify Server Time Sync
9. After NTP daemon has been started, wait a few minutes for the server to synchronize time with its pool list servers, then run the following commands to verify NTP peers synchronization status and your system time.
# ntpq -p # date -R
10. If you want to query and synchronize against a pool of your choice use ntpdate command, followed by the server or servers addresses, as suggested in the following command line example.
# ntpdate -q 0.ro.pool.ntp.org 1.ro.pool.ntp.org
Step 4: Setup Windows NTP Client
11. If your windows machine is not a part of a Domain Controller you can configure Windows to synchronize time with your NTP server by going to Time from the right side of Taskbar -> Change Date and Time Settings ->Internet Time tab -> Change Settings -> Check Synchronize with an Internet time server -> put your server’s IP or FQDN on Server filed -> Update now -> OK.
That’s all! Setting up a local NTP Server on your network ensures that all your servers and clients have the same time set in case of an Internet connectivity failure and they all are synchronized with each other.