Re: serveur de temps qui n'envoi pas de données

Startseite

Nachricht beantworten
Autor: Vincent Caron
Datum:  
To: guilde
Betreff: Re: serveur de temps qui n'envoi pas de données
On Thu, 2012-01-05 at 14:57 +0100, Joseph-Andre Guaragna wrote:
>
> Si quelqu'un a déjà eu ce genre de problème, je serai heureux de
> savoir comment il est parvenu à le résoudre.


Dans mon cas j'utilise 'ntp' à la fois comme serveur et client, donc
j'installe toujours le package 'ntp' sur toutes les machines. Ci-joint
mes fichiers de conf (édités mais normanement tout aussi fonctionnels),
pour des NTP sous Debian Lenny (ntp 4.2.4) et Squeeze (ntp 4.2.6).

J'utilise un stratum 1 qui se trouve dans mon datacenter, mais je
suppose que les entrées du pool 'fr' que j'ai laissé dans le fichier de
conf feront parfaitement l'affaire.

PS: éviter 'ntpdate' pour la synchro régulière, il ne sert normalement
qu'à assurer la première mise à l'heure "grossière" au boot, 'ntp'
prenant alors le relais pour la synchro continue de l'horloge. La raison
principale étant que 'ntp' refuse de démarrer quand l'horloge est trop
en retard/en avance (d'environ 1h je crois).

# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift


# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/

#statistics loopstats peerstats clockstats
#filegen loopstats file loopstats type day enable
#filegen peerstats file peerstats type day enable
#filegen clockstats file clockstats type day enable


# Default Restriction
# Block connections from unauthorized hosts
restrict default ignore
restrict -6 default ignore


# You do need to talk to an NTP server or two (or three).
# Main NTP server
server 192.168.1.1 iburst prefer
restrict 192.168.1.1
# Secondary NTP server (if you have one)
server 192.168.1.2 iburst
restrict 192.168.1.2


# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift


# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# Default Restriction
# Block connections from unauthorized host.
restrict default ignore
restrict -6 default ignore

# Local users may interrogate the ntp server.
restrict 127.0.0.1

# Clients from this subnet have an access.
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap


# You do need to talk to an NTP server or two (or three).

# Some french servers picked in the fr.pool.ntp.org
#server ns208372.ovh.net
server 94.23.220.143
restrict 94.23.220.143
# RENATER server
server 193.55.167.2
restrict 193.55.167.2
#server ntp.tuxfamily.org
server 212.85.158.10
restrict 212.85.158.10

# Define the secondary NTP server (if you want one) as a synchronized peer.
#peer 192.168.1.2 iburst
#restrict 192.168.1.2