Having accurate timekeeping has become one of the most crucial parts of modern servers. Whether it is about maintaining the System Log file to audit them properly or getting updates for your System properly.
If your System has out-of-sync time, it will corrupt your System Log and updates will not be received properly. Using NTP (Network Time Protocol), you can overcome all the time-related problems and get your system with perfectly synced time.
So let’s configure our Debian with NTP on Server and client-side but before that let’s brush up on some basics on NTP.
Table of Contents
What is NTP?
NTP stands for Network Time Protocol. Applications running in your Linux Machine have timestamps of 1 millisecond to 1 second which is directly related to the chain of events and order of its occurrence.
In the modern era of Tech, applications won’t even tolerant 1-millisecond so having on-point time is a necessity especially when you are using Debian as a server. NTP provides you the convenience to get perfect time-stamping.
Configuring NTP Server and Client
We have divided this section into two sections.
- How to configure NTP server System
- How to Configure NTP on a Client machine
So let’s start our procedure with how you can configure NTP Server on Debian 10.
Configuring NTP Server on Debian 10 Host Machine
In the 1st section of this tutorial, we are going to configure NTP Server on Debian 10 Host Machine. Open your Terminal with CTRL + ALT + T and use the following Commands:
Step 1: Updating Repositories and Indexes
To get the most recent version of NTP, use the following command:
sudo apt update
Step 2: Installing NTP on Host Machine
To install NTP, use the following command:
sudo apt install ntp
After running this command in your Terminal, you will be asked to choose Y/n. Hit Enter or type Y to proceed further.
To verify, whether the NTP has been installed on our System properly or not, use the given command. If it gives similar output as shown in the picture, you are good to go.
Step 3: Configuring NTP on Debian Host Machine
In the 3rd step, we will be configuring the ntp.conf situated at /etc/ntp.conf file using nano as a default text editor. Use the following command to start making changes in configuration files.
sudo nano /etc/ntp.conf
When you install NTP on a Debian machine, it will get you the following servers to fetch time:
pool 0.debian.pool.ntp.org iburst
pool 1.debian.pool.ntp.org iburst
pool 2.debian.pool.ntp.org iburst
pool 3.debian.pool.ntp.org iburst
You can find your nearest time servers by visiting the ntp.org website.
As we are willing to set up from timing from Asia, we will be using the following server pools.
Replace the previous default servers by following the pool of servers in your ntp.conf file.
Press CTRL + O to save the configured changes and press CTRL + X to exit from nano Editor.
Step 4: Restart NTP daemon in Debian Host machine
To get our desired results, we are required to restart our NTP daemon. Use the following commands to restart:
sudo service ntp restart
To check whether our NTP is working fine, use the following commands:
sudo service ntp status
Step 5: Allowing NTP to pass through the Firewall
If you are using Firewall (Which you should use), then you are required to configure it to allow UDP connection to NTP port 123. Run the following command
sudo ufw allow 123/udp
Now, run the following command to verify whether the rule has been successfully added or not:
sudo ufw status
It should show Active if you have followed the directed procedure perfectly.
Configuring NTP on Debian Client Machine
While configuring your Debian client Machine as an NTP client, you will have to make sure that the Time difference between the local Clock and NTP server time should not be more than 1024 seconds. If it is more than 1024 seconds, our time source will be considered inaccurate.
This is the reason we are going to synchronize the NTP server on our Debian client manually. And if we get a difference lesser than 1024 seconds, we will shift for configuring ntpd.conf file for automation.
Step 1: Syncing NTP Client with Server Manually using ntpdate
ntpdate is used for synchronizing the time of the NTP client. First, we have to install ntpdate on our client machine using the following command:
sudo apt install ntpdate
You will be required to Enter your password and will be asked for your permission with the required Disk space. Hit Enter to proceed further.
Now, use the following command to manually sync your NTP Debian client with NTP Debian Server:
sudo ntpdate <ntp-server-hostname/ip>
In our case, the command would look like this:
sudo ntpdate 192.168.72.158
This command will show you the difference between local time and NTP server which is also known as the offset value.
Step 2: Configuring Host File
We will have to add hostname at /etc/hosts file. It should be in following format:
Make sure that you change the hostname and ntp server-id with yours. In our scenario, it would be something like this:
Now, use the following command to open the host file:
sudo nano /etc/hosts
And make changes as explained above.
Step 3: Disable timesyncd Daemon
As we are going to use NTP, it will conflict with the systemd timesyncd daemon. So we have to disable it by given command:
sudo timedatectl set-ntp off
Step 4: Sync NTP Client with NTP Server using the Configuration file
As we are going to configure our client machine to sync with our NTP server automatically, we have to install NTP by a given command in our Client System:
sudo apt install ntp
Enter your password. Hit Enter when you are asked to allow with estimated Disk space.
Use the given command to edit the ntp.conf file:
sudo nano /etc/ntp.conf
Now, you will have to insert the following line in a configuration file. Please make appropriate changes.
server <ntp-server-hostname/ip> prefer iburst
As in our case, the <ntp-server-hostname/ip> will be replaced with the hosts’ ID and would look something like this:
server 192.168.72.158 prefer iburst
In the above line, prefer is used to mark the specific server for NTP synchronization. Where iburst is used to send six packets for synchronization instead of a single one. (in case NTP is unreachable)
Now we will have to restart NTP to make things work according to the changes we made. Use the following command to restart the NTP daemon:
sudo service ntp restart
Checking NTP Sync Status
To check whether our client is properly connected with the NTP host, we can have an output of the current status by the following command:
If you are facing issues then you can use a static IP address on Debian.
Configuring NTP on the Debian server and client can help you with better time sync. Being one of the oldest methods still works great on almost any Linux Hardware.